Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Genuine Windows 7 starts giving "counterfeit" messages


  • Please log in to reply
12 replies to this topic

#1 mcduck

mcduck

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 21 September 2014 - 03:48 AM

My three-year old genuine OEM Windows 7 began giving me "counterfeit" messages a few days ago. I can still use Windows, but it occasionally nags me to enter the license key. I tried to do so with a copy of the key that I noted three years ago when I got the laptop in the UK, but it did not accept it. Also, as I have not seen the "counterfeit" messages before, so I do not know if they are legitimate from Microsoft, or symptom of a virus. The messages began after someone in a laptop maintenance place pulled the battery when it was switched on but unplugged. After that incident CHKDSK appeared to need to fix quite a few issues on the HD. Those HD fixes *might* have caused Windows to forget its licence key, though it seems improbable. 



BC AdBot (Login to Remove)

 


#2 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:41 PM

Posted 21 September 2014 - 11:28 AM

Hello, 
 
Lets start by running the following programme. 
 
DmqaAZx.png MGADiag

  • Please download MGADiag and save the file to your Desktop.
  • Double-click the MGADiag icon on your Desktop.
  • Click continue.png.
  • Click copy.png.
  • Press the Windows Key xpdKOQKY.png.pagespeed.ic.tmAgS1-k6q.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Click Edit followed by Paste in Notepad.
  • Replace the numbers & letters with 'x's in the line beginning with Windows Product Key (to hide your Product Key from the public). 
  • Copy the contents of the log and paste in your next reply.

Posted Image

#3 mcduck

mcduck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 21 September 2014 - 11:56 AM

Thanks for your post. Here you go:

 

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
 
Validation Code: 50
Cached Online Validation Code: 0xc004c4a8
Windows Product Key: *****-*****-xxxxx-xxxxx-xxxxx
Windows Product Key Hash: wgci5Gdejx4esg7++zTOe3LWF+4=
Windows Product ID: xxxx-OEM-xxxxx-xxxxx
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.048
ID: {1392FAEC-3378-4C26-8152-25E6ABAAF9FD}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Professional
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.140303-2144
TTS Error: T:20140917184738676-
Validation Diagnostic: 
Resolution Status: N/A
 
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
 
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
 
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
 
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
 
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
 
File Scan Data-->
 
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{1392FAEC-3378-4C26-8152-25E6ABAAF9FD}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-24367</PKey><PID>00371-OEM-8992671-00437</PID><PIDType>2</PIDType><SID>S-1-5-21-677832004-1690524382-748576713</SID><SYSTEM><Manufacturer>LENOVO</Manufacturer><Model>4287CTO</Model></SYSTEM><BIOS><Manufacturer>LENOVO</Manufacturer><Version>8DET69WW (1.39 )</Version><SMBIOSVersion major="2" minor="6"/><Date>20130718000000.000000+000</Date></BIOS><HWID>17CE0D00018400FE</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>LENOVO</OEMID><OEMTableID>TP-8D   </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>  
 
Spsys.log Content: 0x80070002
 
Licensing Data-->
Software licensing service version: 6.1.7601.17514
 
Name: Windows® 7, Professional edition
Description: Windows Operating System - Windows® 7, OEM_SLP channel
Activation ID: 50e329f7-a5fa-46b2-85fd-f224e5da7764
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00371-00178-926-700437-02-2057-7601.0000-2602014
Installation ID: 020806575521659741767476232153829664182545021534976205
Partial Product Key: 24367
License Status: Notification
Notification Reason: 0xC004F200 (non-genuine).
Remaining Windows rearm count: 5
Trusted time: 21/09/2014 17:52:52
 
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0xC004C4A8
HealthStatus: 0x0000000000000000
Event Time Stamp: 9:17:2014 22:31
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
 
 
HWID Data-->
HWID Hash Current: LgAAAAAAAQABAAEAAAABAAAABAABAAEAonY8nVam8DhuP24GPi0Q8noQkr4ucw==
 
OEM Activation 1.0 Data-->
N/A
 
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information: 
  ACPI Table Name OEMID Value OEMTableID Value
  APIC LENOVO TP-8D   
  FACP LENOVO TP-8D   
  HPET LENOVO TP-8D   
  MCFG LENOVO TP-8D   
  SLIC LENOVO TP-8D   
  SSDT LENOVO TP-SSDT2
  SSDT LENOVO TP-SSDT2
  SSDT LENOVO TP-SSDT2
  ECDT LENOVO TP-8D   
  ASF! LENOVO TP-8D   
  TCPA PTL LENOVO
  SSDT LENOVO TP-SSDT2
  SSDT LENOVO TP-SSDT2
  UEFI LENOVO TP-8D   
  UEFI LENOVO TP-8D   
  UEFI LENOVO TP-8D   

Edited by mcduck, 21 September 2014 - 11:58 AM.


#4 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:41 PM

Posted 21 September 2014 - 12:11 PM

Hello, 

 

The log confirms that Windows does not recognise your license as genuine. 

We can try troubleshooting the issue here, but I may end up directing you to the Windows 7 section as this does not appear to be malware-related.

 

STEP 1
MgeHyNE.png CHKDSK

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    @echo off
    cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\chkdskresults.txt"
    del %0
  • Click Format. Ensure Wordwrap is unchecked
  • Click FileSave As and name the file chkdsk.bat
  • Select All Files as the Save as type.
  • Save the file to your Desktop
  • Locate chkdsk.bat lmRDSkT.png (W8/7/Vista) on your DesktopRight-click the icon and click AVOiBNU.jpg Run as administrator.
  • CHKDSK may take up to an hour to complete. Allow the programme to run uninterrupted, and do not use your computer during the process.  
  • Upon completion, a log (chkdskresults.txt) will be created on your Desktop. Please copy the contents of the log and paste in your next reply.
     

STEP 2
MgeHyNE.png System File Checker (SFC)

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    sfc /scannow
    findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"
    notepad %userprofile%\Desktop\sfcdetails.txt
  • Click Format. Ensure Wordwrap is unchecked
  • Click FileSave As and name the file querysfc.bat
  • Select All Files as the Save as type.
  • Save the file to your Desktop
  • Locate querysfc.bat lmRDSkT.png (W8/7/Vista) on your DesktopRight-click the icon and click AVOiBNU.jpg Run as administrator.
  • Upon completion, a log (sfcdetails.txt) will open on your Desktop. Copy the contents of the log and paste in your next reply.
     

Posted Image

#5 mcduck

mcduck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 21 September 2014 - 01:12 PM

Hello, thanks for that post. Her go the two logs:

 

The type of the file system is NTFS.
Volume label is Windows7_OS.
 
WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.
 
CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
  1827 large file records processed.                                   
 
  0 bad file records processed.                                     
 
  2 EA records processed.                                           
 
  44 reparse records processed.                                      
 
CHKDSK is verifying indexes (stage 2 of 3)...
Index verification completed.
  0 unindexed files scanned.                                        
 
  0 unindexed files recovered.                                      
 
CHKDSK is verifying security descriptors (stage 3 of 3)...
Security descriptor verification completed.
  60474 data files processed.                                           
 
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
Windows has checked the file system and found no problems.
 
 240131071 KB total disk space.
 197260280 KB in 296133 files.
    185972 KB in 60475 indexes.
         0 KB in bad sectors.
    477843 KB in use by the system.
     65536 KB occupied by the log file.
  42206976 KB available on disk.
 
      4096 bytes in each allocation unit.
  60032767 total allocation units on disk.
  10551744 allocation units available on disk.
 
2014-09-21 19:05:42, Info                  CSI    00000009 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:42, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:42, Info                  CSI    0000000c [SR] Verify complete
2014-09-21 19:05:42, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:42, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:42, Info                  CSI    00000010 [SR] Verify complete
2014-09-21 19:05:43, Info                  CSI    00000011 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:43, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:43, Info                  CSI    00000014 [SR] Verify complete
2014-09-21 19:05:43, Info                  CSI    00000015 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:43, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:43, Info                  CSI    00000018 [SR] Verify complete
2014-09-21 19:05:44, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:44, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:44, Info                  CSI    0000001c [SR] Verify complete
2014-09-21 19:05:44, Info                  CSI    0000001d [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:44, Info                  CSI    0000001e [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:44, Info                  CSI    00000020 [SR] Verify complete
2014-09-21 19:05:45, Info                  CSI    00000021 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:45, Info                  CSI    00000022 [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:45, Info                  CSI    00000024 [SR] Verify complete
2014-09-21 19:05:45, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:45, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:45, Info                  CSI    00000028 [SR] Verify complete
2014-09-21 19:05:46, Info                  CSI    00000029 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:46, Info                  CSI    0000002a [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:46, Info                  CSI    0000002c [SR] Verify complete
2014-09-21 19:05:46, Info                  CSI    0000002d [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:46, Info                  CSI    0000002e [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:46, Info                  CSI    00000030 [SR] Verify complete
2014-09-21 19:05:47, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:47, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:47, Info                  CSI    00000034 [SR] Verify complete
2014-09-21 19:05:47, Info                  CSI    00000035 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:47, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:48, Info                  CSI    00000038 [SR] Verify complete
2014-09-21 19:05:49, Info                  CSI    00000039 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:49, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:49, Info                  CSI    0000003c [SR] Verify complete
2014-09-21 19:05:49, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:49, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:50, Info                  CSI    00000040 [SR] Verify complete
2014-09-21 19:05:50, Info                  CSI    00000041 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:50, Info                  CSI    00000042 [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:50, Info                  CSI    00000044 [SR] Verify complete
2014-09-21 19:05:51, Info                  CSI    00000045 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:51, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:51, Info                  CSI    00000048 [SR] Verify complete
2014-09-21 19:05:51, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:51, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:52, Info                  CSI    0000004c [SR] Verify complete
2014-09-21 19:05:52, Info                  CSI    0000004d [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:52, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:52, Info                  CSI    00000050 [SR] Verify complete
2014-09-21 19:05:52, Info                  CSI    00000051 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:52, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:53, Info                  CSI    00000054 [SR] Verify complete
2014-09-21 19:05:54, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:54, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:54, Info                  CSI    00000058 [SR] Verify complete
2014-09-21 19:05:54, Info                  CSI    00000059 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:54, Info                  CSI    0000005a [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:55, Info                  CSI    0000005c [SR] Verify complete
2014-09-21 19:05:55, Info                  CSI    0000005d [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:55, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:56, Info                  CSI    00000060 [SR] Verify complete
2014-09-21 19:05:57, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:57, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2014-09-21 19:05:59, Info                  CSI    00000065 [SR] Verify complete
2014-09-21 19:05:59, Info                  CSI    00000066 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:05:59, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:01, Info                  CSI    0000006c [SR] Verify complete
2014-09-21 19:06:01, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:01, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:03, Info                  CSI    00000070 [SR] Verify complete
2014-09-21 19:06:03, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:03, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:04, Info                  CSI    00000075 [SR] Verify complete
2014-09-21 19:06:04, Info                  CSI    00000076 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:04, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:06, Info                  CSI    00000079 [SR] Verify complete
2014-09-21 19:06:06, Info                  CSI    0000007a [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:06, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:10, Info                  CSI    000000a0 [SR] Verify complete
2014-09-21 19:06:10, Info                  CSI    000000a1 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:10, Info                  CSI    000000a2 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:12, Info                  CSI    000000a4 [SR] Verify complete
2014-09-21 19:06:12, Info                  CSI    000000a5 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:12, Info                  CSI    000000a6 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:14, Info                  CSI    000000a8 [SR] Verify complete
2014-09-21 19:06:14, Info                  CSI    000000a9 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:14, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:15, Info                  CSI    000000ac [SR] Verify complete
2014-09-21 19:06:15, Info                  CSI    000000ad [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:15, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:17, Info                  CSI    000000b0 [SR] Verify complete
2014-09-21 19:06:17, Info                  CSI    000000b1 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:17, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:18, Info                  CSI    000000b4 [SR] Verify complete
2014-09-21 19:06:19, Info                  CSI    000000b5 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:19, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:21, Info                  CSI    000000b8 [SR] Verify complete
2014-09-21 19:06:21, Info                  CSI    000000b9 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:21, Info                  CSI    000000ba [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:25, Info                  CSI    000000dd [SR] Verify complete
2014-09-21 19:06:26, Info                  CSI    000000de [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:26, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:28, Info                  CSI    000000e1 [SR] Verify complete
2014-09-21 19:06:28, Info                  CSI    000000e2 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:28, Info                  CSI    000000e3 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:33, Info                  CSI    000000e5 [SR] Verify complete
2014-09-21 19:06:33, Info                  CSI    000000e6 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:33, Info                  CSI    000000e7 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:35, Info                  CSI    000000eb [SR] Verify complete
2014-09-21 19:06:36, Info                  CSI    000000ec [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:36, Info                  CSI    000000ed [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:37, Info                  CSI    000000ef [SR] Verify complete
2014-09-21 19:06:37, Info                  CSI    000000f0 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:37, Info                  CSI    000000f1 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:37, Info                  CSI    000000f3 [SR] Verify complete
2014-09-21 19:06:38, Info                  CSI    000000f4 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:38, Info                  CSI    000000f5 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:38, Info                  CSI    000000f7 [SR] Verify complete
2014-09-21 19:06:39, Info                  CSI    000000f8 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:39, Info                  CSI    000000f9 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:44, Info                  CSI    0000010c [SR] Verify complete
2014-09-21 19:06:44, Info                  CSI    0000010d [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:44, Info                  CSI    0000010e [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:44, Info                  CSI    00000110 [SR] Verify complete
2014-09-21 19:06:45, Info                  CSI    00000111 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:45, Info                  CSI    00000112 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:45, Info                  CSI    00000114 [SR] Verify complete
2014-09-21 19:06:46, Info                  CSI    00000115 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:46, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:47, Info                  CSI    00000118 [SR] Verify complete
2014-09-21 19:06:47, Info                  CSI    00000119 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:47, Info                  CSI    0000011a [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:48, Info                  CSI    0000011c [SR] Verify complete
2014-09-21 19:06:49, Info                  CSI    0000011d [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:49, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:53, Info                  CSI    00000122 [SR] Verify complete
2014-09-21 19:06:53, Info                  CSI    00000123 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:53, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:54, Info                  CSI    00000126 [SR] Verify complete
2014-09-21 19:06:55, Info                  CSI    00000127 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:55, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:55, Info                  CSI    0000012a [SR] Verify complete
2014-09-21 19:06:55, Info                  CSI    0000012b [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:55, Info                  CSI    0000012c [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:57, Info                  CSI    0000012e [SR] Verify complete
2014-09-21 19:06:57, Info                  CSI    0000012f [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:57, Info                  CSI    00000130 [SR] Beginning Verify and Repair transaction
2014-09-21 19:06:59, Info                  CSI    00000132 [SR] Verify complete
2014-09-21 19:06:59, Info                  CSI    00000133 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:06:59, Info                  CSI    00000134 [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:00, Info                  CSI    00000136 [SR] Verify complete
2014-09-21 19:07:01, Info                  CSI    00000137 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:01, Info                  CSI    00000138 [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:05, Info                  CSI    0000013a [SR] Verify complete
2014-09-21 19:07:05, Info                  CSI    0000013b [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:05, Info                  CSI    0000013c [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:10, Info                  CSI    00000154 [SR] Verify complete
2014-09-21 19:07:10, Info                  CSI    00000155 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:10, Info                  CSI    00000156 [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:12, Info                  CSI    00000158 [SR] Verify complete
2014-09-21 19:07:12, Info                  CSI    00000159 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:12, Info                  CSI    0000015a [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:20, Info                  CSI    0000015c [SR] Verify complete
2014-09-21 19:07:21, Info                  CSI    0000015d [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:21, Info                  CSI    0000015e [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:24, Info                  CSI    00000161 [SR] Verify complete
2014-09-21 19:07:24, Info                  CSI    00000162 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:24, Info                  CSI    00000163 [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:27, Info                  CSI    00000165 [SR] Verify complete
2014-09-21 19:07:27, Info                  CSI    00000166 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:27, Info                  CSI    00000167 [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:29, Info                  CSI    00000169 [SR] Verify complete
2014-09-21 19:07:29, Info                  CSI    0000016a [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:29, Info                  CSI    0000016b [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:31, Info                  CSI    0000016d [SR] Verify complete
2014-09-21 19:07:31, Info                  CSI    0000016e [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:31, Info                  CSI    0000016f [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:32, Info                  CSI    00000171 [SR] Verify complete
2014-09-21 19:07:33, Info                  CSI    00000172 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:33, Info                  CSI    00000173 [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:34, Info                  CSI    00000177 [SR] Verify complete
2014-09-21 19:07:34, Info                  CSI    00000178 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:34, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:35, Info                  CSI    0000017b [SR] Verify complete
2014-09-21 19:07:35, Info                  CSI    0000017c [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:35, Info                  CSI    0000017d [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:42, Info                  CSI    0000017f [SR] Verify complete
2014-09-21 19:07:42, Info                  CSI    00000180 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:42, Info                  CSI    00000181 [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:45, Info                  CSI    00000184 [SR] Verify complete
2014-09-21 19:07:45, Info                  CSI    00000185 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:45, Info                  CSI    00000186 [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:47, Info                  CSI    00000188 [SR] Verify complete
2014-09-21 19:07:47, Info                  CSI    00000189 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:47, Info                  CSI    0000018a [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:49, Info                  CSI    0000018d [SR] Verify complete
2014-09-21 19:07:49, Info                  CSI    0000018e [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:49, Info                  CSI    0000018f [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:52, Info                  CSI    00000192 [SR] Verify complete
2014-09-21 19:07:53, Info                  CSI    00000193 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:53, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:54, Info                  CSI    00000196 [SR] Verify complete
2014-09-21 19:07:55, Info                  CSI    00000197 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:55, Info                  CSI    00000198 [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:56, Info                  CSI    0000019a [SR] Verify complete
2014-09-21 19:07:57, Info                  CSI    0000019b [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:57, Info                  CSI    0000019c [SR] Beginning Verify and Repair transaction
2014-09-21 19:07:59, Info                  CSI    0000019e [SR] Verify complete
2014-09-21 19:07:59, Info                  CSI    0000019f [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:07:59, Info                  CSI    000001a0 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:01, Info                  CSI    000001a3 [SR] Verify complete
2014-09-21 19:08:01, Info                  CSI    000001a4 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:01, Info                  CSI    000001a5 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:03, Info                  CSI    000001a7 [SR] Verify complete
2014-09-21 19:08:03, Info                  CSI    000001a8 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:03, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:04, Info                  CSI    000001ab [SR] Verify complete
2014-09-21 19:08:04, Info                  CSI    000001ac [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:04, Info                  CSI    000001ad [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:06, Info                  CSI    000001b0 [SR] Verify complete
2014-09-21 19:08:06, Info                  CSI    000001b1 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:06, Info                  CSI    000001b2 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:08, Info                  CSI    000001b4 [SR] Verify complete
2014-09-21 19:08:09, Info                  CSI    000001b5 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:09, Info                  CSI    000001b6 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:10, Info                  CSI    000001ba [SR] Verify complete
2014-09-21 19:08:11, Info                  CSI    000001bb [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:11, Info                  CSI    000001bc [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:13, Info                  CSI    000001be [SR] Verify complete
2014-09-21 19:08:13, Info                  CSI    000001bf [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:13, Info                  CSI    000001c0 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:15, Info                  CSI    000001c3 [SR] Verify complete
2014-09-21 19:08:16, Info                  CSI    000001c4 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:16, Info                  CSI    000001c5 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:17, Info                  CSI    000001c7 [SR] Verify complete
2014-09-21 19:08:17, Info                  CSI    000001c8 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:17, Info                  CSI    000001c9 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:18, Info                  CSI    000001cb [SR] Verify complete
2014-09-21 19:08:18, Info                  CSI    000001cc [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:18, Info                  CSI    000001cd [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:19, Info                  CSI    000001cf [SR] Verify complete
2014-09-21 19:08:20, Info                  CSI    000001d0 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:20, Info                  CSI    000001d1 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:21, Info                  CSI    000001d3 [SR] Verify complete
2014-09-21 19:08:21, Info                  CSI    000001d4 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:21, Info                  CSI    000001d5 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:22, Info                  CSI    000001d7 [SR] Verify complete
2014-09-21 19:08:23, Info                  CSI    000001d8 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:23, Info                  CSI    000001d9 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:24, Info                  CSI    000001db [SR] Verify complete
2014-09-21 19:08:24, Info                  CSI    000001dc [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:24, Info                  CSI    000001dd [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:25, Info                  CSI    000001df [SR] Verify complete
2014-09-21 19:08:25, Info                  CSI    000001e0 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:25, Info                  CSI    000001e1 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:28, Info                  CSI    000001e3 [SR] Verify complete
2014-09-21 19:08:28, Info                  CSI    000001e4 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:28, Info                  CSI    000001e5 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:33, Info                  CSI    000001e7 [SR] Verify complete
2014-09-21 19:08:33, Info                  CSI    000001e8 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:33, Info                  CSI    000001e9 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:34, Info                  CSI    000001eb [SR] Verify complete
2014-09-21 19:08:35, Info                  CSI    000001ec [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:35, Info                  CSI    000001ed [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:36, Info                  CSI    000001ef [SR] Verify complete
2014-09-21 19:08:36, Info                  CSI    000001f0 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:36, Info                  CSI    000001f1 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:37, Info                  CSI    000001f3 [SR] Verify complete
2014-09-21 19:08:37, Info                  CSI    000001f4 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:37, Info                  CSI    000001f5 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:38, Info                  CSI    000001f7 [SR] Verify complete
2014-09-21 19:08:38, Info                  CSI    000001f8 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:38, Info                  CSI    000001f9 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:39, Info                  CSI    000001fb [SR] Verify complete
2014-09-21 19:08:40, Info                  CSI    000001fc [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:40, Info                  CSI    000001fd [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:41, Info                  CSI    000001ff [SR] Verify complete
2014-09-21 19:08:41, Info                  CSI    00000200 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:41, Info                  CSI    00000201 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:41, Info                  CSI    00000203 [SR] Verify complete
2014-09-21 19:08:42, Info                  CSI    00000204 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:42, Info                  CSI    00000205 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:43, Info                  CSI    00000207 [SR] Verify complete
2014-09-21 19:08:43, Info                  CSI    00000208 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:43, Info                  CSI    00000209 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:45, Info                  CSI    00000211 [SR] Verify complete
2014-09-21 19:08:45, Info                  CSI    00000212 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:45, Info                  CSI    00000213 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:46, Info                  CSI    00000215 [SR] Verify complete
2014-09-21 19:08:46, Info                  CSI    00000216 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:46, Info                  CSI    00000217 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:47, Info                  CSI    00000219 [SR] Verify complete
2014-09-21 19:08:47, Info                  CSI    0000021a [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:47, Info                  CSI    0000021b [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:48, Info                  CSI    0000021d [SR] Verify complete
2014-09-21 19:08:49, Info                  CSI    0000021e [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:49, Info                  CSI    0000021f [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:51, Info                  CSI    00000221 [SR] Verify complete
2014-09-21 19:08:51, Info                  CSI    00000222 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:51, Info                  CSI    00000223 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:54, Info                  CSI    00000226 [SR] Verify complete
2014-09-21 19:08:55, Info                  CSI    00000227 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:55, Info                  CSI    00000228 [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:55, Info                  CSI    0000022a [SR] Verify complete
2014-09-21 19:08:56, Info                  CSI    0000022b [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:56, Info                  CSI    0000022c [SR] Beginning Verify and Repair transaction
2014-09-21 19:08:56, Info                  CSI    0000022e [SR] Verify complete
2014-09-21 19:08:57, Info                  CSI    0000022f [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:08:57, Info                  CSI    00000230 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:01, Info                  CSI    00000235 [SR] Verify complete
2014-09-21 19:09:02, Info                  CSI    00000236 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:02, Info                  CSI    00000237 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:04, Info                  CSI    0000023a [SR] Verify complete
2014-09-21 19:09:05, Info                  CSI    0000023b [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:05, Info                  CSI    0000023c [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:07, Info                  CSI    00000240 [SR] Verify complete
2014-09-21 19:09:07, Info                  CSI    00000241 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:07, Info                  CSI    00000242 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:09, Info                  CSI    0000024d [SR] Verify complete
2014-09-21 19:09:10, Info                  CSI    0000024e [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:10, Info                  CSI    0000024f [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:13, Info                  CSI    00000256 [SR] Verify complete
2014-09-21 19:09:13, Info                  CSI    00000257 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:13, Info                  CSI    00000258 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:14, Info                  CSI    0000025a [SR] Verify complete
2014-09-21 19:09:15, Info                  CSI    0000025b [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:15, Info                  CSI    0000025c [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:16, Info                  CSI    00000260 [SR] Verify complete
2014-09-21 19:09:16, Info                  CSI    00000261 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:16, Info                  CSI    00000262 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:17, Info                  CSI    00000264 [SR] Verify complete
2014-09-21 19:09:17, Info                  CSI    00000265 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:17, Info                  CSI    00000266 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:20, Info                  CSI    0000028b [SR] Verify complete
2014-09-21 19:09:21, Info                  CSI    0000028c [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:21, Info                  CSI    0000028d [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:22, Info                  CSI    0000028f [SR] Verify complete
2014-09-21 19:09:22, Info                  CSI    00000290 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:22, Info                  CSI    00000291 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:23, Info                  CSI    00000293 [SR] Verify complete
2014-09-21 19:09:24, Info                  CSI    00000294 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:24, Info                  CSI    00000295 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:25, Info                  CSI    00000297 [SR] Verify complete
2014-09-21 19:09:25, Info                  CSI    00000298 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:25, Info                  CSI    00000299 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:27, Info                  CSI    000002a7 [SR] Verify complete
2014-09-21 19:09:27, Info                  CSI    000002a8 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:27, Info                  CSI    000002a9 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:29, Info                  CSI    000002ab [SR] Verify complete
2014-09-21 19:09:29, Info                  CSI    000002ac [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:29, Info                  CSI    000002ad [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:32, Info                  CSI    000002b6 [SR] Verify complete
2014-09-21 19:09:32, Info                  CSI    000002b7 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:32, Info                  CSI    000002b8 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:34, Info                  CSI    000002bf [SR] Verify complete
2014-09-21 19:09:34, Info                  CSI    000002c0 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:34, Info                  CSI    000002c1 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:35, Info                  CSI    000002c3 [SR] Verify complete
2014-09-21 19:09:35, Info                  CSI    000002c4 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:35, Info                  CSI    000002c5 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:37, Info                  CSI    000002c8 [SR] Verify complete
2014-09-21 19:09:37, Info                  CSI    000002c9 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:37, Info                  CSI    000002ca [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:38, Info                  CSI    000002cc [SR] Verify complete
2014-09-21 19:09:38, Info                  CSI    000002cd [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:38, Info                  CSI    000002ce [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:40, Info                  CSI    000002d0 [SR] Verify complete
2014-09-21 19:09:40, Info                  CSI    000002d1 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:40, Info                  CSI    000002d2 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:41, Info                  CSI    000002d4 [SR] Verify complete
2014-09-21 19:09:41, Info                  CSI    000002d5 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:41, Info                  CSI    000002d6 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:43, Info                  CSI    000002d8 [SR] Verify complete
2014-09-21 19:09:43, Info                  CSI    000002d9 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:43, Info                  CSI    000002da [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:47, Info                  CSI    000002f4 [SR] Verify complete
2014-09-21 19:09:47, Info                  CSI    000002f5 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:47, Info                  CSI    000002f6 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:54, Info                  CSI    000002f8 [SR] Verify complete
2014-09-21 19:09:54, Info                  CSI    000002f9 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:54, Info                  CSI    000002fa [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:55, Info                  CSI    000002fc [SR] Verify complete
2014-09-21 19:09:56, Info                  CSI    000002fd [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:56, Info                  CSI    000002fe [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:57, Info                  CSI    00000300 [SR] Verify complete
2014-09-21 19:09:57, Info                  CSI    00000301 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:57, Info                  CSI    00000302 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:58, Info                  CSI    00000306 [SR] Verify complete
2014-09-21 19:09:58, Info                  CSI    00000307 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:58, Info                  CSI    00000308 [SR] Beginning Verify and Repair transaction
2014-09-21 19:09:59, Info                  CSI    0000030a [SR] Verify complete
2014-09-21 19:09:59, Info                  CSI    0000030b [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:09:59, Info                  CSI    0000030c [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:00, Info                  CSI    0000030e [SR] Verify complete
2014-09-21 19:10:01, Info                  CSI    0000030f [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:10:01, Info                  CSI    00000310 [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:02, Info                  CSI    00000312 [SR] Verify complete
2014-09-21 19:10:02, Info                  CSI    00000313 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:10:02, Info                  CSI    00000314 [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:03, Info                  CSI    00000317 [SR] Verify complete
2014-09-21 19:10:04, Info                  CSI    00000318 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:10:04, Info                  CSI    00000319 [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:04, Info                  CSI    0000031b [SR] Verify complete
2014-09-21 19:10:05, Info                  CSI    0000031c [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:10:05, Info                  CSI    0000031d [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:06, Info                  CSI    0000031f [SR] Verify complete
2014-09-21 19:10:06, Info                  CSI    00000320 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:10:06, Info                  CSI    00000321 [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:08, Info                  CSI    00000323 [SR] Verify complete
2014-09-21 19:10:08, Info                  CSI    00000324 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:10:08, Info                  CSI    00000325 [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:09, Info                  CSI    00000328 [SR] Verify complete
2014-09-21 19:10:10, Info                  CSI    00000329 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:10:10, Info                  CSI    0000032a [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:11, Info                  CSI    0000032c [SR] Verify complete
2014-09-21 19:10:11, Info                  CSI    0000032d [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:10:11, Info                  CSI    0000032e [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:13, Info                  CSI    00000330 [SR] Verify complete
2014-09-21 19:10:13, Info                  CSI    00000331 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:10:13, Info                  CSI    00000332 [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:14, Info                  CSI    00000334 [SR] Verify complete
2014-09-21 19:10:14, Info                  CSI    00000335 [SR] Verifying 100 (0x0000000000000064) components
2014-09-21 19:10:14, Info                  CSI    00000336 [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:16, Info                  CSI    00000338 [SR] Verify complete
2014-09-21 19:10:16, Info                  CSI    00000339 [SR] Verifying 7 components
2014-09-21 19:10:16, Info                  CSI    0000033a [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:16, Info                  CSI    0000033c [SR] Verify complete
2014-09-21 19:10:16, Info                  CSI    0000033d [SR] Repairing 0 components
2014-09-21 19:10:16, Info                  CSI    0000033e [SR] Beginning Verify and Repair transaction
2014-09-21 19:10:16, Info                  CSI    00000340 [SR] Repair complete
 


#6 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:41 PM

Posted 21 September 2014 - 02:14 PM

Nothing of concern there. 
I think you would be better off creating a topic in the Windows 7 section. 
 
Before you do, lets run a few scans to confirm malware is not the cause. 
 
STEP 1
BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 

STEP 2
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your Desktop.
  • Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 3
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Please download Malwarebytes Anti-Malware Free to your Desktop.
  • Double-click mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme. 
  • Launch the programme and select Update.
  • Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 
     

STEP 4
iAdP9bf.png Malwarebytes Anti-Rootkit (MBAR)

  • Please download Malwarebytes Anti-Rootkit and save the file to your Desktop.
  • Double-click MBAR.exe to run the installer.
  • Select a convenient location to extract the contents and click OK. Navigate to the location you selected.
  • Right-Click MBAR.exe and select Run as administrator to run the programme.
  • Follow the prompts to update the programme and scan your computer. 
  • Upon completion, click Cleanup and reboot your computer. 
  • After the reboot, rerun the programme to verify no threats remain. If threats are still detected, click the Cleanup button once more. 
  • Upon completion, two logs (mbar-log.txt and system-log.txt) will be created. Copy the contents of both logs and paste in your next reply. Both logs can be found in the MBAR folder
     

STEP 5
GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Hide advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click List of found threats.... If no threats were found, skip the next two bullet points. 
  • Click Export to text file... and save the file to your Desktop, naming it something unique such as MyEsetScan.
  • Push the Back button.
  • Place a checkmark next to Uninstall Application on Close and click Finish.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

STEP 6
rzqZvBe.png MiniToolBox

  • Please download MiniToolBox and save the file to your Desktop.
  • Close any open windows.
  • Right-Click MiniToolBox.exe and select Run as administrator to run the programme.
  • Check the following items:
    • njvAG80.png
    • 6N6QY9z.png
    • zmWTIXg.png
    • VAFn5gg.png
    • AtULTyM.png
    • 4roTXa5.png
    • kLju9nY.png
    • chxHkm0.png
    • 6KiAnDw.png
    • bKYHfhP.png
    • rO2mCup.png & Ii0HSu5.png
    • fd89mAB.png
  • Click GO.
  • A log (Result.txt) will be created on your Desktop. Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 7
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • AdwCleaner[S0].txt
  • JRT.txt
  • MBAM log
  • mbar log
  • system log
  • ESET log
  • Result.txt

Posted Image

#7 mcduck

mcduck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 21 September 2014 - 03:40 PM

Thanks for your post. It may take me a while to respond. My laptop has now developed another fault, this time apparently hardware: it won't charge up. Using alternative chargers, cables and outlets doesn't help. After this is fixed I shall be back on line. In the meantime, reassuring to think that this doesn't look like malware, at least not yet. Thanks for your help. 



#8 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:41 PM

Posted 21 September 2014 - 04:01 PM

Yes, your description below indicates that it is unlikely a malware issue. 
 

The messages began after someone in a laptop maintenance place pulled the battery when it was switched on but unplugged. After that incident CHKDSK appeared to need to fix quite a few issues on the HD. 


The scans will confirm if this is indeed the case. 

And do not worry, there is no rush. I hope you are able to resolve this hardware issue. 


Posted Image

#9 mcduck

mcduck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 23 September 2014 - 10:22 AM

Hello again. Here goes with the logs.

 

STEP 1: ADW

 

# AdwCleaner v3.310 - Report created 22/09/2014 at 16:30:53
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Graham - GRAHAM-THINK
# Running from : C:\Users\Graham\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
 
-\\ Google Chrome v37.0.2062.120
 
[ File : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [943 octets] - [22/09/2014 16:29:03]
AdwCleaner[S0].txt - [930 octets] - [22/09/2014 16:30:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [989 octets] ##########
 
STEP 2: JRT 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 7 Professional x64
Ran by Graham on 22/09/2014 at 16:38:14.90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Graham\appdata\local\{1F687614-0574-4826-95F2-24AC9C8E8A35}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/09/2014 at 16:51:00.45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
STEP 3: MBAM
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 22/09/2014
Scan Time: 16:59:12
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.22.05
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Graham
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 363653
Time Elapsed: 2 hr, 36 min, 21 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
STEP 4: MBAR
 
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org
 
Database version: v2014.09.22.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17280
Graham :: GRAHAM-THINK [administrator]
 
22/09/2014 21:09:22
mbar-log-2014-09-22 (21-09-22).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 365660
Time elapsed: 2 hour(s), 59 minute(s), 14 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
STEP 5: ESET
 
C:\Aetha\Local Cloud\Shared\IT\99 Software & Drivers\General software\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Users\Graham\Downloads\FoxitReader501.0523_enu_Setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\Graham\Downloads\PDFCreator-1_2_1_setup.exe Win32/Toolbar.Widgi potentially unwanted application
C:\Users\Graham\Downloads\PDFCreator-1_2_3_setup.exe Win32/Toolbar.Widgi potentially unwanted application
C:\Users\Graham\Downloads\PDFCreator-1_4_2_setup.exe Win32/OpenCandy potentially unsafe application
C:\Users\Graham\Downloads\tb_free.exe a variant of Win32/TFTPD32.A potentially unsafe application
C:\Users\Graham\Dropbox\_GDJ work non shared\_Temp\KeyFinderInstaller.exe Win32/OpenCandy potentially unsafe application
C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll a variant of Win32/Toolbar.Linkury.G potentially unwanted application
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll a variant of Win32/Toolbar.Linkury.G potentially unwanted application
 
STEP 6: Minitoolbox
 
MiniToolBox by Farbar  Version: 21-07-2014
Ran by Graham (administrator) on 23-09-2014 at 16:13:11
Running from "C:\Users\Graham\Desktop\temp 2"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1 102.112.2O7.net
 
========================= IP Configuration: ================================
 
Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
TAP-Win32 Adapter V9 = Local Area Connection 4 (Connected)
Intel® 82579LM Gigabit Network Connection = Local Area Connection (Media disconnected)
F5521gw Mobile Broadband Driver = Mobile Broadband Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set subinterface interface=?! subinterface=ethernet_6 mtu=1477
add address name="Local Area Connection 4" address=169.254.123.35 mask=255.255.0.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Graham-THINK
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Mobile Broadband adapter Mobile Broadband Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : F5521gw Mobile Broadband Driver
   Physical Address. . . . . . . . . : 02-80-37-EC-02-00
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection 4:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9
   Physical Address. . . . . . . . . : 00-FF-AA-21-31-BA
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8dd2:f54d:1ab9:5a7c%28(Preferred) 
   IPv4 Address. . . . . . . . . . . : 169.254.123.35(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 704708522
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-98-3E-EA-F0-DE-F1-6B-E0-67
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
   Physical Address. . . . . . . . . : 8C-A9-82-B8-BF-8C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f87d:b4ae:9e0c:6dca%14(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.10.40.158(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 23 September 2014 08:22:06
   Lease Expires . . . . . . . . . . : 23 September 2014 16:54:58
   Default Gateway . . . . . . . . . : 10.10.40.1
   DHCP Server . . . . . . . . . . . : 172.16.1.1
   DHCPv6 IAID . . . . . . . . . . . : 378317186
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-98-3E-EA-F0-DE-F1-6B-E0-67
   DNS Servers . . . . . . . . . . . : fe80::eacd:2dff:fea8:c665%14
                                       86.51.35.18
                                       86.51.34.17
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
   Physical Address. . . . . . . . . : F0-DE-F1-6B-E0-67
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{6C634002-00C2-4158-A7F3-034376CAC137}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{8BC06A84-2B65-445E-8A82-3082BAE91B34}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{0BE3B3D6-C59B-4E02-B4B5-3F12AC57F5E9}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{AA2131BA-290E-474D-A77F-0D5DBD8F933A}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #10
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  fe80::eacd:2dff:fea8:c665
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
 
Pinging google.com [74.125.230.129] with 32 bytes of data:
Reply from 74.125.230.129: bytes=32 time=301ms TTL=49
Reply from 74.125.230.129: bytes=32 time=221ms TTL=49
 
Ping statistics for 74.125.230.129:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 221ms, Maximum = 301ms, Average = 261ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  fe80::eacd:2dff:fea8:c665
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=492ms TTL=40
Reply from 206.190.36.45: bytes=32 time=307ms TTL=40
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 307ms, Maximum = 492ms, Average = 399ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 29...02 80 37 ec 02 00 ......F5521gw Mobile Broadband Driver
 28...00 ff aa 21 31 ba ......TAP-Win32 Adapter V9
 14...8c a9 82 b8 bf 8c ......Intel® WiFi Link 1000 BGN
 13...f0 de f1 6b e0 67 ......Intel® 82579LM Gigabit Network Connection
  1...........................Software Loopback Interface 1
 32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
 34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
 30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #10
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       10.10.40.1     10.10.40.158     25
       10.10.40.0    255.255.255.0         On-link      10.10.40.158    281
     10.10.40.158  255.255.255.255         On-link      10.10.40.158    281
     10.10.40.255  255.255.255.255         On-link      10.10.40.158    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0         On-link    169.254.123.35    286
   169.254.123.35  255.255.255.255         On-link    169.254.123.35    286
  169.254.255.255  255.255.255.255         On-link    169.254.123.35    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    169.254.123.35    286
        224.0.0.0        240.0.0.0         On-link      10.10.40.158    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    169.254.123.35    286
  255.255.255.255  255.255.255.255         On-link      10.10.40.158    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 28    286 fe80::/64                On-link
 14    281 fe80::/64                On-link
 28    286 fe80::8dd2:f54d:1ab9:5a7c/128
                                    On-link
 14    281 fe80::f87d:b4ae:9e0c:6dca/128
                                    On-link
  1    306 ff00::/8                 On-link
 28    286 ff00::/8                 On-link
 14    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/23/2014 00:00:14 PM) (Source: PC-Doctor) (User: )
Description: (8884) Asapi: (12:00:14:0690)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:14 PM) (Source: PC-Doctor) (User: )
Description: (8884) Asapi: (12:00:14:0670)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:14 PM) (Source: PC-Doctor) (User: )
Description: (8884) Asapi: (12:00:14:0630)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.body locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:14 PM) (Source: PC-Doctor) (User: )
Description: (8884) Asapi: (12:00:14:0550)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.title locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor) (User: )
Description: (8884) Asapi: (12:00:10:2090)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor) (User: )
Description: (8884) Asapi: (12:00:10:2090)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor) (User: )
Description: (8884) Asapi: (12:00:10:2070)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.body locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor) (User: )
Description: (8884) Asapi: (12:00:10:2060)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.title locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor) (User: )
Description: (8884) Asapi: (12:00:10:1990)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExpiringWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor) (User: )
Description: (8884) Asapi: (12:00:10:1980)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExpiringWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
 
System errors:
=============
Error: (09/23/2014 08:22:07 AM) (Source: Service Control Manager) (User: )
Description: The Mobile Broadband Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (09/23/2014 08:21:54 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
 
Error: (09/22/2014 08:35:34 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (09/22/2014 08:34:38 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (09/22/2014 08:34:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
Error Code: 87
 
Error: (09/22/2014 08:28:39 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
 
Error: (09/22/2014 05:29:52 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
 
Microsoft Office Sessions:
=========================
Error: (09/23/2014 00:00:14 PM) (Source: PC-Doctor)(User: )
Description: (8884) Asapi: (12:00:14:0690)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:14 PM) (Source: PC-Doctor)(User: )
Description: (8884) Asapi: (12:00:14:0670)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:14 PM) (Source: PC-Doctor)(User: )
Description: (8884) Asapi: (12:00:14:0630)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.body locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:14 PM) (Source: PC-Doctor)(User: )
Description: (8884) Asapi: (12:00:14:0550)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.LenovoCare.title locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor)(User: )
Description: (8884) Asapi: (12:00:10:2090)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor)(User: )
Description: (8884) Asapi: (12:00:10:2090)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor)(User: )
Description: (8884) Asapi: (12:00:10:2070)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.body locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor)(User: )
Description: (8884) Asapi: (12:00:10:2060)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExtendWarranty.title locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor)(User: )
Description: (8884) Asapi: (12:00:10:1990)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExpiringWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
Error: (09/23/2014 00:00:10 PM) (Source: PC-Doctor)(User: )
Description: (8884) Asapi: (12:00:10:1980)(8884) DEFECT.LOCALIZATION - Error -- Missing String: scriptlets : homepage.panel.ExpiringWarranty.button.text locale: PCDLocale: language = en, customer = lenovo, variant = ltt
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-02-26 00:40:05.139
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-02-26 00:40:04.530
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
 
=========================== Installed Programs ============================
1Password 1.0.9.342 (HKLM-x32\...\1Password_is1) (Version: 1.0 - AgileBits)
3CXPhone (HKLM-x32\...\{E3DB09D2-67D0-444A-B2F9-2AF357639A9A}) (Version: 4.0.20981.0 - 3CX)
64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
Acronis True Image 2014 (HKLM-x32\...\{4A79A394-835A-49D7-8662-60643872DFF6}Visible) (Version: 17.0.6614 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6614 - Acronis) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Banda Ancha Móvil  version 5.276 (HKLM-x32\...\ONO ES1 Modem Normal Version_is1) (Version:  - )
BBC iPlayer Desktop (HKLM-x32\...\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1) (Version: 3.2.15 - British Broadcasting Corp.)
BBC iPlayer Desktop (x32 Version: 3.2.15 - British Broadcasting Corp.) Hidden
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.3.11006.1 - Cisco Consumer Products LLC)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
Configurador_FNMT (HKLM-x32\...\{55A89C81-D1B7-48E1-B5E8-4700E372A241}) (Version: 2.0 - FNMT-RCM)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Egnyte Desktop Sync v8.1.3 (HKLM-x32\...\{C5A3BF4B-4444-4E95-A724-D07426E7E4E6}) (Version: 8.1.3.0 - Egnyte, Inc)
Excel Utilities 2.2 (HKLM-x32\...\Excel Utilities 2.2) (Version:  - )
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
FileZilla Client 3.5.2 (HKLM-x32\...\FileZilla Client) (Version: 3.5.2 - FileZilla Project)
Foxit PhantomPDF (HKLM-x32\...\{A3EF21E7-622B-4839-80C9-B2BDB81DD546}) (Version: 5.5.6.218 - Foxit Corporation)
Freemake Video Converter version 4.1.0 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.0 - Ellora Assets Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.53.5169 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 6.4.0.1558 (HKCU\...\GoToMeeting) (Version: 6.4.0.1558 - CitrixOnline)
HP Color LaserJet CP4520 Series PCL6,HP Color LaserJet CP4020 Series PCL6 [HP Color LaserJet CP4520 Series PCL6] (HKLM\...\HP Color LaserJet CP4520 Series PCL6,HP Color LaserJet CP4020 Series PCL6) (Version: 06/18/2009 61.091.12.102 - HP)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8500 A910 Basic Device Software (HKLM\...\{EE7C94CC-BECB-4000-B5E3-D895307B9D5E}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Help (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{2D5E3D2B-919F-407C-8757-E64827518BB6}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{F792E5B0-11C4-4C68-8A63-FB5F52749180}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
inSSIDer 2.0 (HKLM\...\{57019733-78E6-43DE-8E6D-55349F0FDE6F}) (Version: 2.0.7 - MetaGeek)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1010 - Intel Corporation)
Intel® Identity Protection Technology 1.2.28.0 (HKLM-x32\...\{A87263E8-26CB-1016-8F2F-C04708B17CE2}) (Version: 1.2.28.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.70.1205 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Mobile Access (HKLM-x32\...\{3F0501BE-3203-4001-8125-BAA857C92F51}) (Version: 3.1.0.1268 - Lenovo)
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.4.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5802.24 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Lync Basic 2013 - en-us (HKLM\...\LyncEntryRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Office 365 Small Business Premium - en-us (HKLM\...\O365SmallBusPremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Online Services Sign-in Assistant (HKLM\...\{E20B2752-0909-4B28-B8A9-A9BE519CA1A1}) (Version: 7.250.4287.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.5.1.5 - Ericsson AB)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.002.03.00.298 - Huawei Technologies Co.,Ltd)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - )
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
PDF-Tools 4 (HKLM\...\{14EC807A-F88E-4FCF-8013-CB909F930E88}_is1) (Version: 4.0.207.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
PixSwapperDEMO (HKLM-x32\...\{3630B67B-12FD-46EA-874E-7148259842BF}) (Version: 1.0.0 - PowerPoint Alchemy)
Polycom RealPresence Desktop (HKLM-x32\...\{8BE13AF9-8D86-4B44-9843-2533589A01CB}) (Version: 3.1.0.44431 - Polycom, Inc.)
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.65.2 - Lenovo Group Limited)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Rapport (Version: 3.5.1205.15 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1403.78 - Trusteer) Hidden
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung)
SeaMonkey (2.4.1) (HKLM-x32\...\SeaMonkey (2.4.1)) (Version: 2.4.1 (en-GB) - Mozilla)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
Spotify (HKLM-x32\...\Spotify) (Version: 0.5.2 - )
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TaxCalc (HKLM-x32\...\TaxCalcHub) (Version: 2 - Acorah Software Products)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.13 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.80 - Lenovo)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1403.78 - Trusteer)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Driver Package - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows Driver Package - Intel (MEIx64) System  (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows Driver Package - Intel USB  (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows Driver Package - Lenovo 1.62.00.00 (01/19/2011 1.62.00.00) (HKLM\...\D01A7EE241898C810674C69EB908D655D149BE77) (Version: 01/19/2011 1.62.00.00 - Lenovo)
Windows Driver Package - Synaptics (SynTP) Mouse  (05/05/2011 15.3.6.0) (HKLM\...\C63C03BF3BE2B6F6204BB54541690449FFF79F4F) (Version: 05/05/2011 15.3.6.0 - Synaptics)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinHTTrack Website Copier 3.47-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.2 - HTTrack)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wondershare PDF to Word (Build 3.0.0) (HKLM-x32\...\{BF06BEBB-2C47-4D9F-AB6F-07C07EB54F09}_is1) (Version:  - Wondershare Software)
Word 2007 Content Control Toolkit (HKLM-x32\...\{EFCDC354-00BA-4D01-A6AF-AF3311DA9F44}) (Version: 1.3.0 - Microsoft)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 44%
Total physical RAM: 6027.23 MB
Available physical RAM: 3356.55 MB
Total Pagefile: 12052.65 MB
Available Pagefile: 9260.3 MB
Total Virtual: 4095.88 MB
Available Virtual: 3975.07 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows7_OS) (Fixed) (Total:229.01 GB) (Free:36.68 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\GRAHAM-THINK
 
Administrator            Graham                   Guest                    
 
 
**** End of log ****
 


#10 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:41 PM

Posted 23 September 2014 - 10:53 AM

Hello, 
 
Nothing of particular concern showing in any of those logs. Lets follow up by removing some of those files and updating your vulnerable software. We'll proceed by removing the tools we've used, and I'll send you over to the Windows 7 forum. 
 
 
Did you set the following HOSTS file entry?

  • 127.0.0.1 102.112.2O7.net
     

STEP 1
MgeHyNE.png Batch File

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    @echo off
    echo Deleting Files/Folders... >"%userprofile%\desktop\fix.txt"
    del /f /s /q "C:\Users\Graham\Downloads\FoxitReader501.0523_enu_Setup.exe" >>"%userprofile%\desktop\fix.txt" 2>&1 
    del /f /s /q "C:\Users\Graham\Downloads\PDFCreator-1_2_1_setup.exe" >>"%userprofile%\desktop\fix.txt" 2>&1 
    del /f /s /q "C:\Users\Graham\Downloads\PDFCreator-1_2_3_setup.exe" >>"%userprofile%\desktop\fix.txt" 2>&1 
    del /f /s /q "C:\Users\Graham\Downloads\PDFCreator-1_4_2_setup.exe" >>"%userprofile%\desktop\fix.txt" 2>&1 
    del /f /s /q "C:\Users\Graham\Downloads\tb_free.exe" >>"%userprofile%\desktop\fix.txt" 2>&1 
    del /f /s /q "C:\Users\Graham\Dropbox\_GDJ work non shared\_Temp\KeyFinderInstaller.exe"  >>"%userprofile%\desktop\fix.txt" 2>&1 
    echo. >>"%userprofile%\desktop\fix.txt" 2>&1 
    echo Flushing Internet. Please wait... >>"%userprofile%\desktop\fix.txt" 2>&1 
    ipconfig /release >>"%userprofile%\desktop\fix.txt" 2>&1 
    ipconfig /renew >>"%userprofile%\desktop\fix.txt" 2>&1 
    ipconfig /flushdns >>"%userprofile%\desktop\fix.txt" 2>&1 
    netsh winsock reset all >>"%userprofile%\desktop\fix.txt" 2>&1 
    netsh int ipv4 reset >>"%userprofile%\desktop\fix.txt" 2>&1 
    netsh int ipv6 reset >>"%userprofile%\desktop\fix.txt" 2>&1 
    echo. >>"%userprofile%\desktop\fix.txt" 2>&1 
    echo Finished. Your computer will reboot. >>"%userprofile%\desktop\fix.txt" 2>&1 
    shutdown -r -t 1 
    del %0
  • Click Format. Ensure Wordwrap is unchecked
  • Click FileSave As and name the file del.bat
  • Select All Files as the Save as type.
  • Save the file to your Desktop
  • Locate del.bat lmRDSkT.png (W8/7/Vista) on your DesktopRight-click the icon and click AVOiBNU.jpg Run as administrator.
  • A log (fix.txt) will be created on your Desktop. Copy the contents of the log and paste in your next reply.
     

STEP 2
CXrghb6.png Update Outdated Software

Outdated software contain security risks that must be patched. Please download and install the latest version of the programmes below.

STEP 3
EtQetiM.png Remove Outdated Software

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the following programmes, right-click and click Uninstall one at a time.
  • Note: The programmes below may not be present. If this is the case, please skip to the next step.
    • JavaFX 2.1.1
    • Adobe Reader X (10.1.6)
  • Follow the prompts, and reboot if necessary.
     

STEP 4
zANS9oB.png Disable Java in Your Browser
Due to frequent exploits we recommend you disable Java in your browser.
For information on Java vulnerabilities, please read the following article (point #7).

  • Click the Windows Start Button 29Fou9c.jpg and type Java Control Panel (or javacpl) in the search bar.
  • Click on the Java Control Panel. Once opened, click the Security tab.
  • Deselect the check box for Enable Java content in the browser. This will disable the Java plug-in in the browser.
  • Click Apply. When the AVOiBNU.jpg Windows User Account Control (UAC) appears, allow permissions to make the changes.
  • Click OK in the Java Plug-in confirmation window.
  • Restart your browser(s) for changes to take effect.
  • More information can be found here and here.
     

STEP 5
oxliOQk.png Security Check

  • Please download SecurityCheck and save the file to your Desktop.
  • Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.
  • A log (checkup.txt) will automatically open on your Desktop.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 6
pfNZP4A.pngLogs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • fix.txt
  • checkup.txt
  • How is your computer performing? Are there any outstanding issues?

Posted Image

#11 mcduck

mcduck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 23 September 2014 - 01:33 PM

Good evening, here go the logs, then the answers to you questions. 

 

FIX.TXT

 

Deleting Files/Folders... 

Could Not Find C:\Users\Graham\Downloads\FoxitReader501.0523_enu_Setup.exe
  
Flushing Internet. Please wait...  
 
Windows IP Configuration
 
No operation can be performed on Local Area Connection while it has its media disconnected.
 
Mobile Broadband adapter Mobile Broadband Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Local Area Connection 4:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::8dd2:f54d:1ab9:5a7c%28
   IPv4 Address. . . . . . . . . . . : 169.254.123.35
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::f87d:b4ae:9e0c:6dca%14
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{6C634002-00C2-4158-A7F3-034376CAC137}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{8BC06A84-2B65-445E-8A82-3082BAE91B34}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{0BE3B3D6-C59B-4E02-B4B5-3F12AC57F5E9}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{AA2131BA-290E-474D-A77F-0D5DBD8F933A}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Windows IP Configuration
 
No operation can be performed on Mobile Broadband Connection while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.
 
Mobile Broadband adapter Mobile Broadband Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Local Area Connection 4:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::8dd2:f54d:1ab9:5a7c%28
   IPv4 Address. . . . . . . . . . . : 169.254.123.35
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::f87d:b4ae:9e0c:6dca%14
   IPv4 Address. . . . . . . . . . . : 10.10.40.158
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.10.40.1
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{6C634002-00C2-4158-A7F3-034376CAC137}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{8BC06A84-2B65-445E-8A82-3082BAE91B34}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{0BE3B3D6-C59B-4E02-B4B5-3F12AC57F5E9}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{AA2131BA-290E-474D-A77F-0D5DBD8F933A}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
  
Flushing Internet. Please wait...  
 
Windows IP Configuration
 
No operation can be performed on Local Area Connection while it has its media disconnected.
 
Mobile Broadband adapter Mobile Broadband Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Local Area Connection 4:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::8dd2:f54d:1ab9:5a7c%28
   IPv4 Address. . . . . . . . . . . : 169.254.123.225
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::f87d:b4ae:9e0c:6dca%14
   Default Gateway . . . . . . . . . : 
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{8BC06A84-2B65-445E-8A82-3082BAE91B34}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{AA2131BA-290E-474D-A77F-0D5DBD8F933A}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Windows IP Configuration
 
No operation can be performed on Mobile Broadband Connection while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.
 
Mobile Broadband adapter Mobile Broadband Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Ethernet adapter Local Area Connection 4:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::8dd2:f54d:1ab9:5a7c%28
   IPv4 Address. . . . . . . . . . . : 169.254.123.225
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::f87d:b4ae:9e0c:6dca%14
   IPv4 Address. . . . . . . . . . . : 10.10.40.158
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.10.40.1
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{8BC06A84-2B65-445E-8A82-3082BAE91B34}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Tunnel adapter isatap.{AA2131BA-290E-474D-A77F-0D5DBD8F933A}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
The requested operation requires elevation (Run as administrator).
 
CHECKUP.TXT
 

 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 67  
 Adobe Flash Player 15.0.0.152  
 Adobe Reader XI  
 Google Chrome 37.0.2062.103  
 Google Chrome 37.0.2062.120  
 Google Chrome Plugins...  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Common Files Microsoft Shared Microsoft Online Services MSOIDSVC.EXE 
 Common Files Microsoft Shared Microsoft Online Services MSOIDSvcm.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 15% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 
 
Questions
 
I did not knowingly set that hosts file entry. However that IP address reminds me of some Wi-Fi logins or perhaps even Egnyte local cloud an application I use. 
 
I had to edit your batch file and delete those files by hand -- I think it was my fault, I ran it more than once. 
 
I could not do windows update as my Windows *thinks* it is not "genuine".
 
Everything else seems fine, thanks.  


#12 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:41 PM

Posted 23 September 2014 - 01:44 PM

OK, no problem. 
We can leave the HOSTs file entry as you recognise the IP address. 
 
I would hold back with defragging your HDD until you resolve the issue.  
Instructions can be found here for future reference. 
 

---------------

As this issues appears unrelated to malware, please create a new topic in the Windows 7 section. Include a description of your issue, the MGADiag log, and a note confirming that malware has been ruled out as a cause. 

 

Run DelfFix to remove the tools we've used. 
 
AFZxnZc.jpg DelFix

  • Please download DelFix and save the file to your Desktop.
  • Double-click DelFix.exe to run the programme.
  • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore
    • Reset system settings
  • Click the Run button.

-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).
 
--- Malwarebytes Anti-Malware will still be present on your computer. I recommend keeping this programme, updating and scanning with it once a week to maintain security on your computer. If you do not wish to keep this programme on your computer, you can uninstall it by pressing the Windows Key pdKOQKY.png + r on your keyboard at the same time, typing appwiz.cpl, clicking OK and searching for Malwarebytes.


Posted Image

#13 mcduck

mcduck
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:41 PM

Posted 23 September 2014 - 02:29 PM

Thanks LiquidTension for the support. I have posted on the other forum. I will not defrag anyhow as it is an SSD. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users