Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Traffic from svchost.exe blocked - Am I infected?


  • Please log in to reply
15 replies to this topic

#1 shedsopdu

shedsopdu

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 18 June 2015 - 04:34 PM

Hello experts,

 

On 6/14/2015 I started seeing my Symantec Endpoint Protection tray pop up this message, around every 2-4 minutes:

 

"Symantec Endpoint Protection: traffic has been blocked from this application: svchost.exe"

 

It seems many people here on BC report this error and are then guided through checks to see if their computer is infected. I'd be grateful if someone can advise me along those lines.

 

Thanks for any help,

shepsopdu



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:20 AM

Posted 18 June 2015 - 05:06 PM

Download and run wipe  and system ninja,

 

https://privacyroot.com/software/www/en/wipe.php

https://singularlabs.com/software/system-ninja/

 

Then.....

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

https://www.piriform.com/ccleaner/download
kwLN4uv.png


Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up select each item then disable.

GjWwvEu.png

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.


Lxioao1.png

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

SnqZ2JW.png

 

Reboot your machine and then follow the  instructions below.

 

Step 1: eScanAV.

 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/content/products/downloadlink/downloadcounter.asp?pcode=MWAV&src=english_dwn&type=alter

 

Source

http://www.escanav.com/english/content/products/downloadlink/downloadproduct.asp?pcode=MWAV
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.
ZCDJtZN.png
Once you have updated the program, make sure the settings are the same as the picture below.
7DUFn5c.png
Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.
ApSVXsQ.png
Copy and paste entire log into your next reply.

Note: Reboot after you remove infections.

 

Step 2: Zemana

 

Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

Note: Reboot after you remove infections.

 

 

Step 3: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

Source

http://thisisudax.org/

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


#3 shedsopdu

shedsopdu
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 19 June 2015 - 11:04 AM

Hello,

 

Thanks so much for your help.

 

Here is the MWAV log - I replaced some text with minor obfuscation to avoid posting real computer names etc. but this should not affect the relevant troubleshooting data. In the meantime I am going to run the next scans,

 

Thanks again!

 

19 Jun 2015 01:20:06 [0a14] - **********************************************************
19 Jun 2015 01:20:06 [0a14] - MWAV - eScanAV AntiVirus Toolkit.
19 Jun 2015 01:20:06 [0a14] - Copyright © MicroWorld Technologies
19 Jun 2015 01:20:06 [0a14] - **********************************************************
19 Jun 2015 01:20:06 [0a14] - Source: C:\Users\long\Desktop\mwav.exe
19 Jun 2015 01:20:06 [0a14] - Version 14.0.189 (C:\USERS\LONG\APPDATA\LOCAL\TEMP\MEXETMP.EX~)
19 Jun 2015 01:20:06 [0a14] - Log File: C:\Users\long\AppData\Local\Temp\LOG\MWAV.LOG
19 Jun 2015 01:20:06 [0a14] - MWAV Registered: TRUE
19 Jun 2015 01:20:17 [0a14] - User Account: long (Administrator Mode)
19 Jun 2015 01:20:17 [0a14] - OS Type: Windows Workstation [InstallType: Client]
19 Jun 2015 01:20:17 [0a14] - OS: Windows 8.1 64-Bit [OS Install Date: 06 Nov 2013 00:12:38]
19 Jun 2015 01:20:17 [0a14] - Ver: Personal Build 9200
19 Jun 2015 01:20:17 [0a14] - System Up Time: 18 Minutes, 45 Seconds
19 Jun 2015 01:20:17 [0a14] - Windows Root  Folder: C:\WINDOWS
19 Jun 2015 01:20:17 [0a14] - Windows Sys32 Folder: C:\WINDOWS\system32
19 Jun 2015 01:20:17 [0a14] - DHCP NameServer: 209.18.47.61 209.18.47.62
19 Jun 2015 01:20:17 [0a14] - Interface0 DHCPNameServer: 209.18.47.61 209.18.47.62
19 Jun 2015 01:20:17 [0a14] - Interface1 DHCPNameServer: 209.18.47.61 209.18.47.62
19 Jun 2015 01:20:17 [0a14] - Interface2 DHCPNameServer: 8.8.8.8
19 Jun 2015 01:20:17 [0a14] - Local Fixed Drives: c:\,d:\
19 Jun 2015 01:20:17 [0a14] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
19 Jun 2015 01:20:17 [0a14] - [CREATED ZIP FILE: C:\Users\long\AppData\Local\Temp\pinfect.zip]
19 Jun 2015 01:20:17 [0a14] - Command Line Options Given: /xsign
19 Jun 2015 01:20:18 [0a14] - Latest Date of files inside MWAV: Fri Jun 19 06:50:32 2015.
19 Jun 2015 01:20:18 [0a14] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\long\AppData\Local\Temp\LOG\ESCANDB.LOG]
19 Jun 2015 01:20:19 [0a14] - Loaded/Created FileScan Cache Database...
19 Jun 2015 01:20:19 [0a14] - Loading AV Library [DB]...
19 Jun 2015 01:20:49 [0a14] - ArchiveScan: DISABLED
19 Jun 2015 01:20:49 [0a14] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
19 Jun 2015 01:20:49 [0a14] - MWAV doing self scanning...
19 Jun 2015 01:20:49 [0a14] - MWAV files are clean.
19 Jun 2015 01:20:54 [0a14] - ArchiveScan: DISABLED
19 Jun 2015 01:20:54 [0a14] - Virus Database Date: 18 Jun 2015
19 Jun 2015 01:20:54 [0a14] - Virus Database Count: 5726922
19 Jun 2015 01:20:54 [0a14] - Sign Version: 7.61122 [519874]
 
19 Jun 2015 01:21:46 [0a14] - **********************************************************
19 Jun 2015 01:21:46 [0a14] - MWAV - eScanAV AntiVirus Toolkit.
19 Jun 2015 01:21:46 [0a14] - Copyright © MicroWorld Technologies
19 Jun 2015 01:21:46 [0a14] -
19 Jun 2015 01:21:46 [0a14] - Support: support@escanav.com
19 Jun 2015 01:21:46 [0a14] - Web: http://www.escanav.com
19 Jun 2015 01:21:46 [0a14] - **********************************************************
19 Jun 2015 01:21:46 [0a14] - Version 14.0.189[DB] (C:\USERS\LONG\APPDATA\LOCAL\TEMP\MEXETMP.EX~)
19 Jun 2015 01:21:46 [0a14] - Log File: C:\Users\long\AppData\Local\Temp\LOG\MWAV.LOG
19 Jun 2015 01:21:46 [0a14] - User Account: long (Administrator Mode)
19 Jun 2015 01:21:46 [0a14] - Windows Root  Folder: C:\WINDOWS
19 Jun 2015 01:21:46 [0a14] - Windows Sys32 Folder: C:\WINDOWS\system32
19 Jun 2015 01:21:46 [0a14] - OS: Windows 8.1 64-Bit [OS Install Date: 06 Nov 2013 00:12:38]
19 Jun 2015 01:21:46 [0a14] - Ver: Personal Build 9200
19 Jun 2015 01:21:46 [0a14] - Latest Date of files inside MWAV: Fri Jun 19 06:50:32 2015.
19 Jun 2015 01:21:46 [0a14] - Priority: NORMAL
 
19 Jun 2015 01:21:46 [1454] - Options Selected by User:
19 Jun 2015 01:21:46 [1454] - Memory Check: Enabled
19 Jun 2015 01:21:46 [1454] - Registry Check: Enabled
19 Jun 2015 01:21:46 [1454] - StartUp Folder Check: Enabled
19 Jun 2015 01:21:46 [1454] - System Folder Check: Enabled
19 Jun 2015 01:21:46 [1454] - Services Check: Enabled
19 Jun 2015 01:21:46 [1454] - Scan Spyware: Enabled
19 Jun 2015 01:21:46 [1454] - Scan Archives: Disabled
19 Jun 2015 01:21:46 [1454] - Drive Check: Enabled
19 Jun 2015 01:21:46 [1454] - All Drive Check :Disabled
19 Jun 2015 01:21:46 [1454] - Drive Selected = C:\
19 Jun 2015 01:21:46 [1454] - Folder Check: Disabled
19 Jun 2015 01:21:46 [1454] - SCAN: All_Files [ANSI]
19 Jun 2015 01:21:46 [1454] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
 
19 Jun 2015 01:21:46 [1454] - Scanning DNS Records...
19 Jun 2015 01:21:46 [1454] - Scanning Master Boot Record (User)...
19 Jun 2015 01:21:46 [1454] - Scanning Logical Boot Records...
19 Jun 2015 01:21:47 [1454] - ***** Scanning For Hidden Rootkit Processes *****
19 Jun 2015 01:21:47 [1454] - ***** Scanning For Hidden Rootkit Services *****
 
19 Jun 2015 01:21:50 [1454] - ***** Scanning Memory Files *****
 
19 Jun 2015 01:22:03 [1454] - ***** Scanning Registry Files *****
19 Jun 2015 01:22:07 [1454] - ** NON-STANDARD WINLOGON NOTIFY KEY [SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
19 Jun 2015 01:22:07 [1454] - Invalid Entry DllName = SDWinLogon.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon). Action Taken: Deleting Registry Key SDWinLogon.
19 Jun 2015 01:22:09 [1454] - ERROR(3)!!! Invalid Entry  Maintance = "C:\Program Files\\net1.exe" windowsStartup (in key HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). Action Taken: Removing it.
 
19 Jun 2015 01:22:10 [1454] - ***** Scanning StartUp Folders *****
19 Jun 2015 01:23:16 [0aac] - ScanFile (C:\Users\long\AppData\Roaming\Dropbox\bin\Dropbox.exe) took 5484 ms
19 Jun 2015 01:23:52 [1478] - ScanFile (C:\ProgramData\Apple Computer\Installer Cache\QuickTime 7.76.80.95\QuickTime.msi) took 7312 ms
19 Jun 2015 01:23:58 [0eac] - ScanFile (C:\ProgramData\Microsoft\Diagnosis\events00.rbs) took 5172 ms
19 Jun 2015 01:24:32 [0e24] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:32 [08ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0002.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:32 [0eac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0001.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0838] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [1478] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Adobe FlashPlayer Cookies-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [16f4] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0e24] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0001.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0838] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0838] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0001.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0aac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0001.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [08ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0002.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [16f4] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0002.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0f40] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0002.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0838] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0002.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0f40] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [16f4] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [1478] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0001.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [08ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0001.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0eac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0003.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0aac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0838] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0e24] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [1478] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0f40] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Paint-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [1478] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\WebTrends live-0003.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0aac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\WebTrends live-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [08ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Statcounter-0001.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0838] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\WebTrends live-0001.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0eac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Statcounter-0002.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0e24] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\WebTrends live-0002.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0f40] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [1478] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0001.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0aac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [16f4] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0002.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [08ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0001.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0e24] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0002.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0eac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0001.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:33 [0838] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip not Scanned. Possibly password protected...
19 Jun 2015 01:24:58 [0eac] - ScanFile (C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Config\ProfileManagement.dat) took 6062 ms
19 Jun 2015 01:24:58 [0aac] - ScanFile (C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Config\symresolver.dat) took 6609 ms
19 Jun 2015 01:24:58 [16f4] - ScanFile (C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Config\TrayPluginRegistration.dat) took 6609 ms
19 Jun 2015 01:25:11 [08ac] - ScanFile (C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\Lue\LueDyn.dat) took 8656 ms
19 Jun 2015 01:25:11 [16f4] - ScanFile (C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.3001.165.105\Data\SRTSP\SrtspSet.dat) took 7844 ms
 
19 Jun 2015 01:25:18 [1454] - ***** Scanning Service Files *****
19 Jun 2015 01:25:18 [1454] - Scanning File C:\WINDOWS\System32\drivers\1394ohci.sys
19 Jun 2015 01:25:18 [1454] - ERROR(2)!!! ScanFile Fails for C:\WINDOWS\System32\drivers\1394ohci.sys...
19 Jun 2015 01:25:25 [1454] - ERROR(2)!!! Invalid Entry "C:\Program Files (x86)\NCH Software\ExpressAccounts\expressaccounts.exe" -service. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\ExpressAccountsService.
19 Jun 2015 01:25:25 [1454] - ERROR(2)!!! Invalid Entry "C:\Program Files (x86)\NCH Software\ExpressInvoice\expressinvoice.exe" -service. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\ExpressInvoiceService.
19 Jun 2015 01:25:38 [1454] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TrkWks].
 
19 Jun 2015 01:25:43 [1454] - ***** Scanning Registry and File system for Adware/Spyware *****
19 Jun 2015 01:25:43 [1454] - Loading Spyware Signatures from new External Database [Name: C:\Users\LONGHA~1\AppData\Local\Temp\spydb.avs, Size: 464724]...
19 Jun 2015 01:25:43 [1454] - Indexed Spyware Databases Successfully Created...
 
 
19 Jun 2015 01:26:12 [1454] - ***** Scanning Registry Files *****
19 Jun 2015 01:26:13 [1454] - ** Possible invalid line [127.0.0.1  download-mcafee.com] in HOSTS file!
 
19 Jun 2015 01:26:13 [1454] - ***** Scanning System32 Folders *****
19 Jun 2015 01:26:55 [16f4] - ScanFile (C:\WINDOWS\SysWOW64\igdfcl32.dll) took 8719 ms
 
 
19 Jun 2015 01:28:01 [1454] - ***** Scanning Drive C:\ *****
19 Jun 2015 01:36:26 [0aac] - ScanFile (C:\Backup\Seagate_White\5991X_files\Desktop\Requests\Runtime\Event Data\EventReport2009_v2.xls) took 5266 ms
19 Jun 2015 01:36:26 [0eac] - ScanFile (C:\Backup\Seagate_White\5991X_files\Desktop\Requests\Runtime\Event Data\EventReport2009.xls) took 5672 ms
19 Jun 2015 01:36:27 [0838] - ScanFile (C:\Backup\Seagate_White\5991X_files\Desktop\Requests\Runtime\Event Data\EventReport2009_v3.xls) took 5922 ms
19 Jun 2015 01:37:33 [1478] - ScanFile (C:\Backup\Seagate_White\5991X_files\My Documents\GSB\Reference\ComputerBooks\adps7do2.zip) took 5860 ms
19 Jun 2015 01:37:34 [08ac] - ScanFile (C:\Backup\Seagate_White\5991X_files\My Documents\GSB\Reference\ComputerBooks\Adobe Photoshop 6 Classroom in a Book.zip) took 7531 ms
19 Jun 2015 01:49:18 [08ac] - C:\Backup\Seagate_White\5991X_files\My Documents\LG\Old Laptop Misc Data\Projects Backup 3\StaffDevelopmentTeam\Ledger Line Leaders\Projects\Phone Analysis.xls not Scanned. Possibly password protected...
19 Jun 2015 01:49:18 [0eac] - C:\Backup\Seagate_White\5991X_files\My Documents\LG\Old Laptop Misc Data\Projects Backup 3\StaffDevelopmentTeam\Ledger Line Leaders\Projects\Phone Analysis1.xls not Scanned. Possibly password protected...
19 Jun 2015 01:49:42 [0e24] - C:\Backup\Seagate_White\5991X_files\My Documents\LG\Old Laptop Misc Data\Projects Backup 3\StaffDevelopmentTeam050928\Ledger Line Leaders\Projects\Phone Analysis.xls not Scanned. Possibly password protected...
19 Jun 2015 02:01:18 [08ac] - C:\Backup\Seagate_White\HomePC\Documents and Settings\Family Backup\My Documents\My Digital Editions\The_Drunkards_Walk.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:01:18 [0f40] - C:\Backup\Seagate_White\HomePC\Documents and Settings\Family Backup\My Documents\My Digital Editions\13_Things_That_Dont_Make_Sense.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:01:18 [0e24] - C:\Backup\Seagate_White\HomePC\Documents and Settings\Family Backup\My Documents\My Digital Editions\The_Forgotten_Man.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:16:57 [16f4] - ScanFile (C:\Backup\Seagate_White\HomePC\Documents and Settings\Family Backup\My Documents\pdfedit!.exe) took 7985 ms
19 Jun 2015 02:17:25 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\GSB\ebooks\Computational_Methods_In_Ph.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:17:26 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\GSB\ebooks\Perl_for_Bioinformatics_Sec.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:17:57 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\LG\Misc\Personal\Documents\04-16-2010.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:39 [0838] - ScanFile (C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\LG\Misc\Personal\Science\Software\setup1.ex_) took 6890 ms
19 Jun 2015 02:18:57 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\20000_lieues_sous_les_mers.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:57 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\40_Days_and_40_Nights.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:57 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Aftermath.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:57 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\40_Days_and_40_Nights_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:57 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Absolute_Zero.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:58 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Abraham_Lincoln_and_the_Union.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:58 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Algebra_Know-It-ALL_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:58 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Algebra_Know-It-ALL_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:58 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Algebra_Know-It-ALL_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:58 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Against_Prediction_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:58 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Against_Prediction.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:18:59 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Algebra_Know-It-ALL.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:00 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Anthem.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:00 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Beast_in_the_Jungle.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:02 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\An_Introduction_to_General_Relativity_and_Cosmol.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:02 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Before_the_Dawn_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:02 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Before_the_Dawn.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:02 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Before_the_Dawn_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:02 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Before_the_Dawn_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:03 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Best_Practices__Time_Management_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:03 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Best_Practices__Time_Management.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:03 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Calculus_Know-It-ALL_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:03 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Calculus_Know-It-ALL_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:03 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Beginning_MySQL.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:03 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Calculus_Know-It-ALL_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:03 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Blink.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:03 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Calculus_Know-It-ALL.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:04 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Common_Errors_in_Statistics_and_How_to_Avoid_The_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:04 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Common_Errors_in_Statistics_and_How_to_Avoid_The.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:04 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Common_Errors_in_Statistics_and_How_to_Avoid_The_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:04 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Civil_Disobedience.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:04 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Conspiracy_Theories.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:04 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Dark_Cosmos.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:05 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Dark_Cosmos_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:05 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Daisy_Miller.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:05 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Complexity_and_Cryptography.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:05 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Dark_Cosmos_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:05 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Cure.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:05 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Dark_Cosmos_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:06 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Data_Smog.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:06 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Data_Smog_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:06 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Data_Smog_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:06 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Dracula.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:06 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Elementary_Number_Theory_in_Nine_Chapters.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:08 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\El_ingenioso_hidalgo_Don_Quijote_de_la_Mancha.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:09 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Freakonomics_Revised_and_Expanded_Edition.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:09 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Freakonomics_Revised_and_Expanded_Edition_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:09 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Freakonomics_Revised_and_Expanded_Edition_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:09 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Fooled_by_Randomness.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:09 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Freakonomics.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:09 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Freakonomics_Revised_and_Expanded_Edition_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:10 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\HAYDN__String_Quartets_Op_76_Nos_2_-_4_-_About_t.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:11 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\HAYDN__Cello_Concertos_Nos_1_and_2___BOCCHERINI_.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:11 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Gravitys_Arc_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:11 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Gravitys_Arc.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:11 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Great_Physicists.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:12 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\McGraw-Hills_Conquering_SAT_Math.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:13 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Gravitys_Arc_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:13 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Heretic.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:13 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Master_The_LSAT.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:13 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\MySQL.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:13 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\My_Antonia.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:13 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Night_Fall.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:14 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Night_Fall_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:14 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\MySQL_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:16 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Probably_Not.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:16 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Probably_Not_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:16 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Probably_Not_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:17 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Probably_Not_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:17 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Real-World_Time_Management_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:17 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Quantum_Gravity.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:17 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Real-World_Time_Management.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:19 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\SAT_Prep_Course_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:19 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Silas_Marner.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:19 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Simulacron_Three.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:19 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\SAT_Prep_Course.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:20 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\State_of_Fear_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:20 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Scat.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:20 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\State_of_Fear.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:20 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Statistical_DNA_Forensics_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:20 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Statistics_Explained_An_Introductory_Guide_for_L_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:20 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\State_of_Fear_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:21 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Sick.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:21 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Statistics_Explained_An_Introductory_Guide_for_L.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:22 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Custom_of_the_Country.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:22 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Drunkards_Walk.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:22 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Statistical_DNA_Forensics.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:22 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Custom_of_the_Country_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:23 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\The_On-Time_On-Target_Manager.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:23 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Great_Gatsby.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:23 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Prince_and_the_Pauper.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:23 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Prince_and_the_Pauper_World_Digital_Library_.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:23 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Princess_Diaries.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:24 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Memoirs_of_Sherlock_Holmes_[Complete_Sherloc.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:24 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Red_Limit.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:24 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Zero_Game.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:24 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\This_Side_of_Paradise.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:25 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Understanding_Information_Transmission_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:25 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Tony_Hillerman_E-Reader.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:25 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Understanding_Information_Transmission_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:26 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Understanding_Information_Transmission.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:26 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Understanding_Information_Transmission_0004.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:26 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Vagabond.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:26 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Understanding_Information_Transmission_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:26 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Velocity.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:27 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Unraveled.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:27 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Zero_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:27 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Zero_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:27 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Zero_0004.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:28 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Zero.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:28 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Zero_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:28 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Your_Inner_Fish.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:19:28 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\My Digital Editions\Zero_0005.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:18 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\13_Things_That_Dont_Make_Sense_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:18 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\13_Things_That_Dont_Make_Sense_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:18 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\13_Things_That_Dont_Make_Sense_0004.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:18 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\13_Things_That_Dont_Make_Sense.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:18 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\13_Things_That_Dont_Make_Sense_0005.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:19 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\13_Things_That_Dont_Make_Sense_0006.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:19 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\40_Days_and_40_Nights.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:19 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\13_Things_That_Dont_Make_Sense_0008.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:19 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\13_Things_That_Dont_Make_Sense_0009.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:20 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\13_Things_That_Dont_Make_Sense_0007.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:20 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\40_Days_and_40_Nights_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:20 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\40_Days_and_40_Nights_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:20 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\40_Days_and_40_Nights_0004.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:20 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\40_Days_and_40_Nights_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:20 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\40_Days_and_40_Nights_0005.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:21 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Alpha_and_Omega_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:21 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Alpha_and_Omega.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:21 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\40_Days_and_40_Nights_0006.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:21 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Alpha_and_Omega_0004.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:21 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Alpha_and_Omega_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:21 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Alpha_and_Omega_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:21 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Alpha_and_Omega_0005.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:21 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Alpha_and_Omega_0006.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:21 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Alpha_and_Omega_0007.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:22 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Decoding_the_Universe.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:22 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Decoding_the_Universe_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:22 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Decoding_the_Universe_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:23 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Decoding_the_Universe_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:23 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Decoding_the_Universe_0005.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:23 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Decoding_the_Universe_0006.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:23 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Decoding_the_Universe_0004.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:23 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Decoding_the_Universe_0008.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:23 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Decoding_the_Universe_0007.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:25 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Prime_Numbers_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:25 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Prime_Numbers_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:25 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Prime_Numbers_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:25 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Prime_Numbers_0004.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:26 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Prime_Numbers.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:26 [0838] - ScanFile (C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\Visual Studio 2005\Projects\MovieCollection1\MovieCollection1\bin\Debug\MovieCollection1.exe) took 12360 ms
19 Jun 2015 02:22:26 [08ac] - ScanFile (C:\Backup\Seagate_White\Seagate Backup\L-70T\C\Documents and Settings\g100\My Documents\Visual Studio 2005\Projects\MovieCollection1\MovieCollection1\obj\Debug\MovieCollection1.exe) took 11344 ms
19 Jun 2015 02:22:27 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Anatomy_of_Deception_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:27 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Anatomy_of_Deception.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:27 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Anatomy_of_Deception_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:27 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Anatomy_of_Deception_0004.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:27 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Archers_Tale_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:27 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Anatomy_of_Deception_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:27 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Archers_Tale_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:28 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Battle_for_America_2008_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:28 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Battle_for_America_2008_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:28 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Battle_for_America_2008.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:28 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Case_for_a_Creator_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:28 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Case_for_a_Creator.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:29 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Archers_Tale.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:29 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Cell.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:29 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Black_Swan.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:29 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Book_of_Fate.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:29 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Court_and_the_Cross.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:29 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Drunkards_Walk_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:29 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Court_and_the_Cross_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:30 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Drunkards_Walk.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:30 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Forgotten_Man_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:30 [0aac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Face.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:30 [0f40] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Forgotten_Man_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:30 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Forgotten_Man.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:30 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Forgotten_Man_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:31 [16f4] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Cell_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:31 [1478] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\The_Gargoyle.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:33 [0838] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Understanding_Information_Transmission_0001.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:33 [0e24] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Understanding_Information_Transmission.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:33 [08ac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Understanding_Information_Transmission_0002.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:22:34 [0eac] - C:\Backup\Seagate_White\Seagate Backup\L-70T\History\Level2\C\Documents and Settings\g100\My Documents\My Digital Editions\Understanding_Information_Transmission_0003.pdf not Scanned. Possibly password protected...
19 Jun 2015 02:23:10 [0838] - ScanFile (C:\ColdFusion10\cfusion\bin\cfencode.exe) took 11437 ms
19 Jun 2015 02:23:35 [0e24] - ScanFile (C:\ColdFusion10\cfusion\jetty\uninstall\resource\ZGWin32LaunchHelper.exe) took 6281 ms
19 Jun 2015 02:24:05 [0f40] - ScanFile (C:\ColdFusion10\cfusion\lib\nvr_win.dll) took 11063 ms
19 Jun 2015 02:25:34 [16f4] - ScanFile (C:\drivers\Intel Video Driver (64-bit)\Graphics\igdfcl32.dll) took 13625 ms
19 Jun 2015 02:25:50 [0838] - ScanFile (C:\Program Files\CCleaner\CCleaner.exe) took 5765 ms
19 Jun 2015 02:26:11 [0eac] - ScanFile (C:\Program Files\Common Files\Apple\Mobile Device Support\Drivers\usbaaplrc.dll) took 7750 ms
19 Jun 2015 02:27:18 [0eac] - ScanFile (C:\Program Files\GIMP 2\Python\pythonw.exe) took 9390 ms
19 Jun 2015 02:44:40 [08ac] - ScanFile (C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroExt\libcef.dll) took 5000 ms
19 Jun 2015 02:47:36 [16f4] - ScanFile (C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\Uedit32.exe) took 7141 ms
19 Jun 2015 02:58:25 [1478] - ScanFile (C:\Program Files (x86)\Nitro PDF\Professional 7\NitroPDFDriverCreator2.dll) took 5750 ms
19 Jun 2015 03:01:46 [0aac] - ScanFile (C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPrepPos.exe) took 9219 ms
19 Jun 2015 03:02:21 [0f40] - ScanFile (C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe) took 10578 ms
19 Jun 2015 03:03:07 [0f40] - Scanning File C:\System Volume Information\{b87a6589-026c-11e5-bf5a-84a6c8a4b25c}{3808876b-c176-4e48-b7ae-04046e6cc752}
19 Jun 2015 03:03:07 [0aac] - Scanning File C:\System Volume Information\{b4061846-0c5a-11e5-bf5c-84a6c8a4b25c}{3808876b-c176-4e48-b7ae-04046e6cc752}
19 Jun 2015 03:03:07 [08ac] - Scanning File C:\System Volume Information\{4ab52782-13b8-11e5-bf5f-84a6c8a4b25c}{3808876b-c176-4e48-b7ae-04046e6cc752}
19 Jun 2015 03:03:07 [1478] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
19 Jun 2015 03:03:07 [0e24] - Scanning File C:\System Volume Information\{52c15e79-07c3-11e5-bf5c-84a6c8a4b25c}{3808876b-c176-4e48-b7ae-04046e6cc752}
19 Jun 2015 03:03:58 [0eac] - ScanFile (C:\Tor\Tor Browser\Browser\xul.dll) took 30641 ms
19 Jun 2015 03:03:58 [0eac] - Scanning of C:\Tor\Tor Browser\Browser\xul.dll Timed out!!!
19 Jun 2015 03:04:03 [0838] - ScanFile (C:\Users\long\AppData\Local\Amazon Music\libcef.dll) took 5110 ms
19 Jun 2015 03:04:39 [0e24] - ScanFile (C:\Users\long\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdm.dll) took 8891 ms
19 Jun 2015 03:08:05 [16f4] - ScanFile (C:\Users\long\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\564c8056-617c55d4) took 14984 ms
19 Jun 2015 03:09:04 [0838] - C:\Users\long\Documents\My Digital Editions\A First-Rate Madness.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:05 [0eac] - C:\Users\long\Documents\My Digital Editions\Algebra Know-It-ALL.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:05 [0f40] - C:\Users\long\Documents\My Digital Editions\A Game of Thrones.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:07 [16f4] - C:\Users\long\Documents\My Digital Editions\Bipolar Disorder For Dummies.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:08 [0e24] - C:\Users\long\Documents\My Digital Editions\Get Things Done.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:08 [0838] - C:\Users\long\Documents\My Digital Editions\Elementary Number Theory in Nine Chapters.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:09 [1478] - C:\Users\long\Documents\My Digital Editions\Madame Bovary (World Digital Library).pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:09 [0eac] - C:\Users\long\Documents\My Digital Editions\Lord of the Flies.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:09 [0e24] - C:\Users\long\Documents\My Digital Editions\Madame Bovary-1.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:09 [0838] - C:\Users\long\Documents\My Digital Editions\Madame Bovary.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:09 [16f4] - C:\Users\long\Documents\My Digital Editions\Increase Your Score in 3 Minutes a Day.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:09 [08ac] - C:\Users\long\Documents\My Digital Editions\Madame Bovary (World Digital Library)-1.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:10 [0838] - C:\Users\long\Documents\My Digital Editions\Master Your Debt-1.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:11 [0eac] - C:\Users\long\Documents\My Digital Editions\Master Your Debt-2.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:11 [0aac] - C:\Users\long\Documents\My Digital Editions\Master Your Debt.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:11 [08ac] - C:\Users\long\Documents\My Digital Editions\Master Your Debt-3.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:11 [16f4] - C:\Users\long\Documents\My Digital Editions\Master Your Debt-4.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:13 [1478] - C:\Users\long\Documents\My Digital Editions\Pilgrim at Tinker Creek.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:13 [0aac] - C:\Users\long\Documents\My Digital Editions\The Betrayal of the American Dream.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:14 [0eac] - C:\Users\long\Documents\My Digital Editions\The Leap-1.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:14 [0838] - C:\Users\long\Documents\My Digital Editions\The Betrayal of the American Dream-1.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:14 [1478] - C:\Users\long\Documents\My Digital Editions\The 8020 Principle.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:15 [08ac] - C:\Users\long\Documents\My Digital Editions\Solve Your Money Troubles.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:15 [0aac] - C:\Users\long\Documents\My Digital Editions\The Leap.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:17 [0eac] - C:\Users\long\Documents\My Digital Editions\Trigonometry Workbook For Dummies.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:18 [08ac] - C:\Users\long\Documents\My Digital Editions\Zero-2.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:18 [16f4] - C:\Users\long\Documents\My Digital Editions\Zero-1.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:18 [0e24] - C:\Users\long\Documents\My Digital Editions\Zero History.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:09:18 [0aac] - C:\Users\long\Documents\My Digital Editions\Zero.pdf not Scanned. Possibly password protected...
19 Jun 2015 03:12:19 [16f4] - ScanFile (C:\Users\long\Downloads\Decrap_Setup.exe) took 9688 ms
19 Jun 2015 03:12:35 [0f40] - ScanFile (C:\Users\long\Downloads\NetworkWizardLoader.exe) took 8015 ms
19 Jun 2015 03:12:35 [0838] - ScanFile (C:\Users\long\Downloads\NetworkWizardLoader (1).exe) took 8218 ms
19 Jun 2015 03:12:36 [0aac] - ScanFile (C:\Users\long\Downloads\MusicBeeSetup_2_2.zip) took 9422 ms
19 Jun 2015 03:13:29 [0eac] - ScanFile (C:\Users\long\Downloads\torbrowser-install-4.5_en-US.exe) took 8343 ms
19 Jun 2015 03:13:31 [1478] - ScanFile (C:\Users\long\Downloads\Work Training\blender-2.72a-windows64.exe) took 6250 ms
19 Jun 2015 03:13:31 [0838] - ScanFile (C:\Users\long\Downloads\tdsskiller (1).exe) took 9344 ms
19 Jun 2015 03:13:31 [0aac] - ScanFile (C:\Users\long\Downloads\tdsskiller.exe) took 8813 ms
19 Jun 2015 03:19:31 [0e24] - ScanFile (C:\Users\Public\Desktop\McAfee\apps\MPS\Uninst.dll) took 16000 ms
19 Jun 2015 03:22:08 [0f40] - ScanFile (C:\Windows\AppCompat\Programs\Amcache.hve) took 7406 ms
19 Jun 2015 03:26:56 [0aac] - ScanFile (C:\Windows\Installer\$PatchCache$\Managed\00005119110000000000000000F01FEC\15.0.4420\MSCOMCTL.OCX) took 5000 ms
19 Jun 2015 03:29:02 [0aac] - ScanFile (C:\Windows\Installer\$PatchCache$\Managed\413B7F47705019F4A9E46B9C0B724E01\10.50.1600\FL_VSContentInstaller_exe_118327_____X86.3643236F_FC70_11D3_A536_0090278A1BB8) took 5047 ms
19 Jun 2015 03:29:02 [0f40] - ScanFile (C:\Windows\Installer\$PatchCache$\Managed\413B7F47705019F4A9E46B9C0B724E01\10.50.1600\FL_VSContentInstaller_resources_exe_118332_ENU_X86.3643236F_FC70_11D3_A536_0090278A1BB8) took 5015 ms
19 Jun 2015 03:31:05 [08ac] - ScanFile (C:\Windows\Installer\12189d7c.msp) took 14500 ms
19 Jun 2015 03:31:19 [16f4] - ScanFile (C:\Windows\Installer\1a9572.msp) took 7859 ms
19 Jun 2015 03:31:20 [0f40] - ScanFile (C:\Windows\Installer\18de335e.msp) took 12593 ms
19 Jun 2015 03:31:30 [0838] - ScanFile (C:\Windows\Installer\1e678b.msi) took 6953 ms
19 Jun 2015 03:31:46 [16f4] - ScanFile (C:\Windows\Installer\2c9db16.msp) took 6469 ms
19 Jun 2015 03:31:58 [0e24] - ScanFile (C:\Windows\Installer\309b6a0e.msp) took 6500 ms
19 Jun 2015 03:32:00 [16f4] - ScanFile (C:\Windows\Installer\309b6a2d.msp) took 8109 ms
19 Jun 2015 03:32:02 [0838] - ScanFile (C:\Windows\Installer\2d65dc79.msp) took 11515 ms
19 Jun 2015 03:32:02 [1478] - ScanFile (C:\Windows\Installer\23ddc5d.msp) took 39750 ms
19 Jun 2015 03:32:02 [1478] - Scanning of C:\Windows\Installer\23ddc5d.msp Timed out!!!
19 Jun 2015 03:32:08 [0eac] - ScanFile (C:\Windows\Installer\3901bf44.msi) took 7984 ms
19 Jun 2015 03:32:11 [0aac] - ScanFile (C:\Windows\Installer\2cbffd32.msp) took 15828 ms
19 Jun 2015 03:32:19 [0f40] - ScanFile (C:\Windows\Installer\40ff0af.msp) took 8719 ms
19 Jun 2015 03:32:22 [0aac] - ScanFile (C:\Windows\Installer\5831a83.msp) took 6500 ms
19 Jun 2015 03:32:30 [08ac] - ScanFile (C:\Windows\Installer\40ff113.msp) took 16469 ms
19 Jun 2015 03:32:33 [16f4] - ScanFile (C:\Windows\Installer\943786b.msp) took 5640 ms
19 Jun 2015 03:32:34 [0838] - ScanFile (C:\Windows\Installer\5da03fb1.msp) took 13578 ms
19 Jun 2015 03:32:34 [1478] - ScanFile (C:\Windows\Installer\94377da.msp) took 8187 ms
19 Jun 2015 03:32:38 [0eac] - ScanFile (C:\Windows\Installer\a3d6e8f.msp) took 7329 ms
19 Jun 2015 03:39:26 [0aac] - ScanFile (C:\Windows\System32\DDORes.dll) took 5156 ms
19 Jun 2015 03:40:04 [0838] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\kit46984.inf_amd64_6e0653b127bb8e68\igdde32.dll) took 6343 ms
19 Jun 2015 03:40:11 [1478] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\kit46984.inf_amd64_6e0653b127bb8e68\igdfcl32.dll) took 12343 ms
19 Jun 2015 03:40:20 [0e24] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\kit51293.inf_amd64_f3b9f0d56c823283\igdfcl32.dll) took 10016 ms
19 Jun 2015 03:44:05 [08ac] - ScanFile (C:\Windows\System32\igdfcl32.dll) took 12407 ms
19 Jun 2015 03:45:38 [0eac] - ScanFile (C:\Windows\System32\mspaint.exe) took 8719 ms
19 Jun 2015 03:46:24 [0f40] - ScanFile (C:\Windows\System32\twinui.dll) took 5391 ms
19 Jun 2015 04:00:30 [0f40] - ScanFile (C:\Windows\WinSxS\amd64_microsoft.web.administration-nonmsil_31bf3856ad364e35_6.3.9600.17042_none_b95855ce64af8d3e\Microsoft.Web.Administration.dll) took 5469 ms
19 Jun 2015 04:00:54 [0aac] - ScanFile (C:\Windows\WinSxS\amd64_netfx-ieexec_b03f5f7f11d50a3a_6.3.9600.17226_none_c47c51f73d41443b\IEExec.exe) took 5234 ms
19 Jun 2015 04:01:22 [16f4] - ScanFile (C:\Windows\WinSxS\amd64_netfx-microsoft.visualbasic_b03f5f7f11d50a3a_6.3.9600.17226_none_166264d0cd10bb08\Microsoft.VisualBasic.dll) took 30313 ms
19 Jun 2015 04:01:22 [16f4] - Scanning of C:\Windows\WinSxS\amd64_netfx-microsoft.visualbasic_b03f5f7f11d50a3a_6.3.9600.17226_none_166264d0cd10bb08\Microsoft.VisualBasic.dll Timed out!!!
19 Jun 2015 04:03:27 [16f4] - ScanFile (C:\Windows\WinSxS\Backup\wow64_microsoft-windows-security-schannel_31bf3856ad364e35_6.3.9600.17810_none_1d70f66d5d6581a1_schannel.dll_7364eaa8) took 9250 ms
19 Jun 2015 04:04:47 [08ac] - ScanFile (C:\Windows\WinSxS\Backup\x86_microsoft-windows-d..wmanager-compositor_31bf3856ad364e35_6.3.9600.17795_none_9a1838ac5afec740_dwmcore.dll_523baf47) took 82515 ms
19 Jun 2015 04:04:47 [08ac] - Scanning of C:\Windows\WinSxS\Backup\x86_microsoft-windows-d..wmanager-compositor_31bf3856ad364e35_6.3.9600.17795_none_9a1838ac5afec740_dwmcore.dll_523baf47 Timed out!!!
19 Jun 2015 04:04:50 [0f40] - ScanFile (C:\Windows\WinSxS\Backup\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_7c5b6194aa0716f1_comctl32.dll_9c499789) took 75188 ms
19 Jun 2015 04:04:50 [0f40] - Scanning of C:\Windows\WinSxS\Backup\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.17810_none_7c5b6194aa0716f1_comctl32.dll_9c499789 Timed out!!!
19 Jun 2015 04:04:51 [1478] - ScanFile (C:\Windows\WinSxS\Backup\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0_comctl32.dll_9c499789) took 74859 ms
19 Jun 2015 04:04:51 [1478] - Scanning of C:\Windows\WinSxS\Backup\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0_comctl32.dll_9c499789 Timed out!!!
19 Jun 2015 04:14:37 [0eac] - ScanFile (C:\Windows\WinSxS\Manifests\amd64_wwf-cwetargets_i_31bf3856ad364e35_6.3.9600.16384_none_911a270daccfa3b5.manifest) took 7359 ms
19 Jun 2015 04:14:37 [1478] - ScanFile (C:\Windows\WinSxS\Manifests\amd64_wwf-perfcnt_ini_31bf3856ad364e35_6.3.9600.16384_none_6482c534cf485f33.manifest) took 7359 ms
19 Jun 2015 04:14:37 [0f40] - ScanFile (C:\Windows\WinSxS\Manifests\amd64_wwf-ngenpriorities_31bf3856ad364e35_6.3.9600.16384_none_a588c7f11f469eb0.manifest) took 7359 ms
19 Jun 2015 04:14:37 [08ac] - ScanFile (C:\Windows\WinSxS\Manifests\amd64_wvpci.inf_31bf3856ad364e35_6.3.9600.17393_none_6e094e47b8eaa889.manifest) took 7375 ms
19 Jun 2015 04:14:37 [0aac] - ScanFile (C:\Windows\WinSxS\Manifests\amd64_wwf-servicing_key_product_31bf3856ad364e35_6.3.9600.16384_none_b6f46fb7eda7ce10.manifest) took 7359 ms
19 Jun 2015 04:14:37 [0838] - ScanFile (C:\Windows\WinSxS\Manifests\amd64_wwf-netfx3reg_31bf3856ad364e35_6.3.9600.16384_none_dc67d4f152ccbd16.manifest) took 7359 ms
19 Jun 2015 04:17:36 [0e24] - ScanFile (C:\Windows\WinSxS\msil_microsoft-windows-workplacejoin_31bf3856ad364e35_6.3.9600.16384_none_6c98aaf16c52982b\AutoWorkplace.exe) took 7078 ms
19 Jun 2015 04:17:49 [1478] - ScanFile (C:\Windows\WinSxS\msil_microsoft.visualbasic.compatibility.data_b03f5f7f11d50a3a_6.3.9600.17226_none_7a438307e0e1145f\Microsoft.VisualBasic.Compatibility.Data.dll) took 8390 ms
19 Jun 2015 04:17:51 [08ac] - ScanFile (C:\Windows\WinSxS\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.3.9600.17226_none_086bb6f5594a484d\Microsoft.VisualBasic.Compatibility.dll) took 9860 ms
19 Jun 2015 04:18:45 [0e24] - ScanFile (C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_6.3.9600.17813_none_26fd904371af8aae\FlashPlayerApp.exe) took 10907 ms
19 Jun 2015 04:18:45 [0eac] - ScanFile (C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_6.3.9600.17700_none_27055d6b71aa2591\FlashPlayerApp.exe) took 12235 ms
19 Jun 2015 04:18:45 [0838] - ScanFile (C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_6.3.9600.17847_none_26e121a771c443dd\FlashPlayerApp.exe) took 8625 ms
19 Jun 2015 04:18:45 [16f4] - ScanFile (C:\Windows\WinSxS\wow64_adobe-flash-for-windows_31bf3856ad364e35_6.3.9600.17754_none_26d34ef771cf16a2\FlashPlayerApp.exe) took 12078 ms
19 Jun 2015 04:18:45 [0f40] - ScanFile (C:\Windows\WinSxS\wow64_eventviewersettings_31bf3856ad364e35_6.3.9600.17415_none_f0577d400bd158f9\eventvwr.exe) took 6641 ms
19 Jun 2015 04:20:33 [1478] - ScanFile (C:\Windows\WinSxS\wow64_microsoft-windows-com-complus-ui_31bf3856ad364e35_6.3.9600.17415_none_ac0768ee5056c655\dcomcnfg.exe) took 9891 ms
19 Jun 2015 04:20:48 [0aac] - ScanFile (C:\Windows\WinSxS\wow64_microsoft-windows-gpowershell-exe_31bf3856ad364e35_6.3.9600.17401_none_33f7939fa9ced19f\powershell_ise.exe) took 9984 ms
 
19 Jun 2015 04:26:30 [1454] - ***** Checking for specific ITW Viruses *****
 
19 Jun 2015 04:26:31 [1454] - ***** Scanning complete. *****
 
19 Jun 2015 04:26:31 [1454] - Total Objects Scanned: 535701
19 Jun 2015 04:26:31 [1454] - Total Critical Objects: 0
19 Jun 2015 04:26:31 [1454] - Total Disinfected Objects: 0
19 Jun 2015 04:26:31 [1454] - Total Objects Renamed: 0
19 Jun 2015 04:26:31 [1454] - Total Deleted Objects: 0
19 Jun 2015 04:26:31 [1454] - Total Errors: 5
19 Jun 2015 04:26:31 [1454] - Time Elapsed: 03:04:43
19 Jun 2015 04:26:31 [1454] - Virus Database Date: 18 Jun 2015
19 Jun 2015 04:26:31 [1454] - Virus Database Count: 5726922
19 Jun 2015 04:26:31 [1454] - Sign Version: 7.61122 [519874]
 
19 Jun 2015 04:26:31 [1454] - Scan Completed.

 



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:20 AM

Posted 19 June 2015 - 08:29 PM

Go on with the other scans.



#5 shedsopdu

shedsopdu
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 19 June 2015 - 09:02 PM

Thank you. Here are the other scan results.

 

================================================
Zemana scan
================================================

Zemana AntiMalware 2.15.2.721 (Installed)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2015/6/19
Operating System       : Windows 8.1 64-bit
Processor              : 4X Intel® Core™ i7-3520M CPU @ 2.90GHz
BIOS Mode              : UEFI
CUID                   : 00D2C3CF79E04747A61966
Scan Type              : Deep Scan
Duration               : 52m 53s
Scanned Objects        : 403109
Detected Objects       : 16
Excluded Objects       : 0
Read Level             : Normal
Auto Upload            : Yes
Include All Extensions : No
Scan Documents         : Yes
Domain Info            : WORKGROUP,1,2
Detected Objects
-------------------------------------------------------

Generic Root Trust CA
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CE1A3553BA6155DA5160097B4B1EA1FF4CBA7195\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Traces             :
                Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CE1A3553BA6155DA5160097B4B1EA1FF4CBA7195\Blob = 5C000000010000000400000000100000190000000100000010000000C3C6FF7213FE624BAE4831301BA17D090F0000000100000014000000AC596AC410AD9E88C97A631F2030F3D90D3C1A65030000000100000014000000CE1A3553BA6155DA5160097B4B1EA1FF4CBA71950B000000010000002C000000470065006E006500720069006300200052006F006F0074002000540072007500730074002000430041000000140000000100000014000000CE5FBC70E3290C4537046BC28AEAB9783D4E602D04000000010000001000000010FD129C4DE26F6B67B096D644CBEBC720000000010000005F0500003082055B30820347A00302010202100886B0C22AD1139740DCD1C5783A43BE300906052B0E03021D05003020311E301C0603550403131547656E6572696320526F6F74205472757374204341301E170D3034303632373231303030305A170D3339313233313233353935395A3020311E301C0603550403131547656E6572696320526F6F7420547275737420434130820222300D06092A864886F70D01010105000382020F003082020A0282020100E3F7A3A92E8A1E450184F610ED122E2E95F8EEBEF310D633B33FB5B74BFB539EFB02511F2891D0CCCDE451EB360F00F93BD1C48C552899EA1B5FB973A6020F9B01871C0582810180EADD97FAC039B9F10265CA11BEC2BA9FEF5ED5530D0FF52FEF0E3EFA2A57CD716C588B379D5D836B7739A555F7FD035B04603CFA8767E2A4EDEF7BD8476C7E2D7F8856BD85B64B06489F0471EB45495FCC31E8197156009743BE16AE92FE2BF05B655856AF13B6EA148D4AAAECCD264CE8384FCFA0F814FB079395A129514DA2840EB2D6EEA591CE52DA683B484876437D54166FE8BCB77197589E328227D74F2766D137E1FEB53E6C7BA0DD6967C8B1B1D2486FFFC5346227335F938D023A9D3526BD7F956347D615685806E1B9331BD471C66A5BA65E0BE19DE81A32BA1E462B3E54B903D33EF4FC6B1FA54412201E485A3FBFD2E150043100860471C17CE2E769627C15A99910945502FEC75CC8C96C0744D86EF3237F49182760F5????????ðAddTrust External CA Root
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\06C9CFEDA69976D1B9C2B523490DA476D9DC3A5A\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Traces             :
                Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\06C9CFEDA69976D1B9C2B523490DA476D9DC3A5A\Blob = 190000000100000010000000A139258C0CA8912B6FEF0E28F6C1973C0F00000001000000140000001E53EADB4A245FD4E5342C2B13C3066DE4BDBC7603000000010000001400000006C9CFEDA69976D1B9C2B523490DA476D9DC3A5A140000000100000014000000484F5AFA2F4A9A5EE050F36B7B55A5DEF5BE345D2000000001000000C7040000308204C3308203ABA00302010202107F71C1D3A226B0D2B113F3E68167643E300D06092A864886F70D0101050500306F310B300906035504061302534531143012060355040A130B416464547275737420414231263024060355040B131D41646454727573742045787465726E616C20545450204E6574776F726B312230200603550403131941646454727573742045787465726E616C20434120526F6F74301E170D3130313230373030303030305A170D3230303533303130343833385A3051310B300906035504061302555331123010060355040A1309496E7465726E6574323111300F060355040B1308496E436F6D6D6F6E311B301906035504031312496E436F6D6D6F6E2053657276657220434130820122300D06092A864886F70D01010105000382010F003082010A0282010100977CC7C8FEB3E9206AA3A44F8E8E345606B37A6CAA109B48612B369069E3340A47A7BB7BDEAA6AFBEB82958FCA1D7FAF75A6A84CDA2067611A0D86C1CAC187AFAC4EE4DE621B2F9DB198AFC601FB1770DBAC1459EC6F3F337FA6980BE4E238AFF57F856D0E74049DF62786C79B8FE7712A08F403024063247D40578F54E0547EB6134861F1DECE0EBDB6FA4D98B2D90D8D79A6E0AACD0C919AA5DFAB73BBCA14785C4729A1CAC5BA9FC7DA60F7FFE77FF2D9DAA12D0F4916A7D30092CF8A47D94DF8D59566D374F98063004F4C84161FB3F5241FA14EDEE895D6B20B098B2C6BC75C2F8C63C999CB52B1627B7301627F636CD868A0EE6AA88D1F29F3D018ACAD0203010001A382017730820173301F0603551D23041830168014ADBD987A34B426F7FAC42654EF03BDE024CB541A301D0603551D0E04160414484F5AFA2F4A9A5EE050????????ðarena_3.5setup.exe
Status             : Scanned
Object             : %userprofile%\desktop\install\arena_3.5setup.exe
MD5                : 729DEE5003D786341999892E12BC3C92
Publisher          : -
Size               : 56832
Version            : 0.0.0.0
Detection          : Malware:Win32/Blackoat.A!Akat
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\install\arena_3.5setup.exe

ca13.exe
Status             : Scanned
Object             : %userprofile%\downloads\ca13.exe
MD5                : 36FE4F440A9B1DB41E47527F1B5786F6
Publisher          : -
Size               : 53248
Version            : 0.0.0.0
Detection          : Malware:Win32/Bailoat.A!Emka
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\downloads\ca13.exe

Arena_3.0Setup.exe
Status             : Scanned
Object             : %userprofile%\downloads\arena_3.0setup.exe
MD5                : 61733F52A204884D7061F76C027722DD
Publisher          : -
Size               : 53248
Version            : 0.0.0.0
Detection          : Malware:Win32/Bailoat.A!Emka
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\downloads\arena_3.0setup.exe

M-Student_7.0.1_WIN_MachineSpecific.EXE
Status             : Scanned
Object             : %homedrive%\backup\seagate_white\homepc\documents and settings\family backup\desktop\install\mathematica\m-student_7.0.1_win_machinespecific.exe
MD5                : 7821BB079E700C0B0E5FBB0045546495
Publisher          : Wolfram Research Inc.
Size               : 341504
Version            : 7.0.1.0
Detection          : Malware:Win32/Quarand!Alkm
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\backup\seagate_white\homepc\documents and settings\family backup\desktop\install\mathematica\m-student_7.0.1_win_machinespecific.exe

vncviewer.exe
Status             : Scanned
Object             : %homedrive%\backup\seagate_white\5991X_files\my documents\lg\lg\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe
MD5                : FDD6E4B8A91D477AD90D930B1E7372FA
Publisher          : -
Size               : 176128
Version            : 3.3.3.3
Detection          : Malware:Win32/Mooka.A!Elme
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\backup\seagate_white\5991X_files\my documents\lg\lg\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe

vncviewer.exe
Status             : Scanned
Object             : %homedrive%\backup\seagate_white\5991X_files\my documents\lg\lg\transfer\key040503\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe
MD5                : FDD6E4B8A91D477AD90D930B1E7372FA
Publisher          : -
Size               : 176128
Version            : 3.3.3.3
Detection          : Malware:Win32/Mooka.A!Elme
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\backup\seagate_white\5991X_files\my documents\lg\lg\transfer\key040503\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe

vncviewer.exe
Status             : Scanned
Object             : %homedrive%\backup\seagate_white\5991X_files\my documents\lg\lg\transfer\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe
MD5                : FDD6E4B8A91D477AD90D930B1E7372FA
Publisher          : -
Size               : 176128
Version            : 3.3.3.3
Detection          : Malware:Win32/Mooka.A!Elme
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\backup\seagate_white\5991X_files\my documents\lg\lg\transfer\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe

vncviewer.exe
Status             : Scanned
Object             : %homedrive%\backup\seagate_white\5991X_files\my documents\lg\lg\downloads2\utilities\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe
MD5                : FDD6E4B8A91D477AD90D930B1E7372FA
Publisher          : -
Size               : 176128
Version            : 3.3.3.3
Detection          : Malware:Win32/Mooka.A!Elme
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\backup\seagate_white\5991X_files\my documents\lg\lg\downloads2\utilities\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe

vncviewer.exe
Status             : Scanned
Object             : %homedrive%\backup\seagate_white\5991X_files\desktop\oldpc\lg\lg\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe
MD5                : FDD6E4B8A91D477AD90D930B1E7372FA
Publisher          : -
Size               : 176128
Version            : 3.3.3.3
Detection          : Malware:Win32/Mooka.A!Elme
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\backup\seagate_white\5991X_files\desktop\oldpc\lg\lg\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe

vncviewer.exe
Status             : Scanned
Object             : %homedrive%\backup\seagate_white\5991X_files\desktop\oldpc\lg\lg\transfer\key040503\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe
MD5                : FDD6E4B8A91D477AD90D930B1E7372FA
Publisher          : -
Size               : 176128
Version            : 3.3.3.3
Detection          : Malware:Win32/Mooka.A!Elme
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\backup\seagate_white\5991X_files\desktop\oldpc\lg\lg\transfer\key040503\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe

vncviewer.exe
Status             : Scanned
Object             : %homedrive%\backup\seagate_white\5991X_files\desktop\oldpc\lg\lg\transfer\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe
MD5                : FDD6E4B8A91D477AD90D930B1E7372FA
Publisher          : -
Size               : 176128
Version            : 3.3.3.3
Detection          : Malware:Win32/Mooka.A!Elme
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\backup\seagate_white\5991X_files\desktop\oldpc\lg\lg\transfer\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe

vncviewer.exe
Status             : Scanned
Object             : %homedrive%\backup\seagate_white\5991X_files\desktop\oldpc\lg\lg\downloads2\utilities\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe
MD5                : FDD6E4B8A91D477AD90D930B1E7372FA
Publisher          : -
Size               : 176128
Version            : 3.3.3.3
Detection          : Malware:Win32/Mooka.A!Elme
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\backup\seagate_white\5991X_files\desktop\oldpc\lg\lg\downloads2\utilities\vnc-3.3.3r9_x86_win32\vnc_x86_win32\vncviewer\vncviewer.exe

CFX_ZipEval.exe
Status             : Scanned
Object             : %homedrive%\backup\seagate_white\5991X_files\my documents\lg\old laptop misc data\laptop backup 1\webfiles\customtags\cfx_zip\cfx_zipeval.exe
MD5                : F5B4DF1898421CB06BE97003C5A83EA6
Publisher          : -
Size               : 666095
Version            : 1.3.197.10707
Detection          : Malware:Win32/Generic!Rera
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\backup\seagate_white\5991X_files\my documents\lg\old laptop misc data\laptop backup 1\webfiles\customtags\cfx_zip\cfx_zipeval.exe

CFX_ZipEval.exe
Status             : Scanned
Object             : %homedrive%\backup\seagate_white\5991X_files\my documents\lg\old laptop misc data\laptop backup 1\customtags031108\cfx_zip\cfx_zipeval.exe
MD5                : F5B4DF1898421CB06BE97003C5A83EA6
Publisher          : -
Size               : 666095
Version            : 1.3.197.10707
Detection          : Malware:Win32/Generic!Rera
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\backup\seagate_white\5991X_files\my documents\lg\old laptop misc data\laptop backup 1\customtags031108\cfx_zip\cfx_zipeval.exe

Cleaning Result
-------------------------------------------------------
Cleaned               : 16
Reported as safe      : 0
Failed                : 0

================================================
Junkware Removal Tool scan
================================================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 7.0.2 (06.18.2015:1)
OS: Windows 8.1 x64
Ran by long on Fri 06/19/2015 at 21:40:34.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

Successfully stopped: [Service] slimservice
Successfully deleted: [Service] slimservice
Successfully stopped: [Service] swdumon
Successfully deleted: [Service] swdumon

 

~~~ Tasks

Failed to delete: [Task] C:\WINDOWS\system32\tasks\DriverUpdate Startup
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\DriverUpdate Scan
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\SlimCleaner Plus (Scheduled Scan - long)
Successfully deleted: [Task] C:\WINDOWS\tasks\DriverUpdate Scan.job
Successfully deleted: [Task] C:\WINDOWS\tasks\DriverUpdate Startup.job
Successfully deleted: [Task] C:\WINDOWS\tasks\SlimCleaner Plus (Scheduled Scan - long).job

 

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\slimcleaner plus

 

~~~ Registry Keys

 

~~~ Files

Successfully deleted: [File] C:\WINDOWS\system32\drivers\swdumon.sys
Successfully deleted: [File] C:\users\public\desktop\driverupdate.lnk
Successfully deleted: [File] C:\users\public\desktop\slimcleaner plus.lnk

 

~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\driverupdate
Successfully deleted: [Folder] C:\Program Files\slimcleaner plus
Successfully deleted: [Folder] C:\Program Files\slimservice
Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\driverupdate
Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\slimcleaner plus
Successfully deleted: [Folder] C:\ProgramData\slimware utilities inc
Successfully deleted: [Folder] C:\Users\long\appdata\local\downloaded installers
Successfully deleted: [Folder] C:\Users\long\appdata\local\slimware utilities inc
Successfully deleted: [Folder] C:\users\public\documents\downloaded installers

 

~~~ Chrome

[C:\Users\long\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\long\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\long\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\long\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 06/19/2015 at 21:48:28.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

================================================
AdwCleaner Scan
================================================

# AdwCleaner v4.206 - Logfile created 19/06/2015 at 21:51:33
# Updated 01/06/2015 by Xplode
# Database : 2015-06-17.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : long - UNT
# Running from : C:\Users\long\Downloads\Security\adwcleaner_4.206.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found : C:\Users\long\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmdpmddiokpdknaeofdnlclbpgehhce
Folder Found : C:\Users\long\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840

-\\ Mozilla Firefox v38.0.5 (x86 en-US)

-\\ Google Chrome v43.0.2357.124

[C:\Users\long\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\long\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

-\\ Opera v30.0.1835.59

*************************

AdwCleaner[R0].txt - [3328 bytes] - [17/06/2015 21:44:22]
AdwCleaner[R1].txt - [1298 bytes] - [19/06/2015 21:51:33]
AdwCleaner[S0].txt - [3403 bytes] - [17/06/2015 21:47:19]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1416 bytes] ##########



#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:20 AM

Posted 20 June 2015 - 01:05 PM

Re-run adware cleaner this time select delete, post new log.

 

Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

Source: http://www.techsupportall.com/adware-removal-tool/

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.

 

Step 2: ZHP Cleaner.

 

Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 

Step 3: Security Check.

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 

 

 

Step 4: Minitoolbox.

 

Please download [b]MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Eset Scan

http://www.eset.com/us/online-scanner/
 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

 
 
 esetonlinebtn.png
 

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.


#7 shedsopdu

shedsopdu
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 21 June 2015 - 09:14 PM

Thanks again! Here is the next set of logs.

 

==================================
Adware log
==================================
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2015_06_21_16_30_23
OS: Windows 8 - 64 Bit
Account Name: long
U0L0S56

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - File - C:\program files (x86)\Opera\defaults\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\be\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\bg\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\cs\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\de\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\es-ES\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\fr\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\hu\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\it\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\ja\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\nb\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\pl\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\pt-BR\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\ro\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\ru\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\sk\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\sr\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\tr\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\uk\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\locale\zh-cn\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\ar\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\au\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\cis\en\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\cis\ru\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\cn\en\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\eg\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\gb\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\id\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\in\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\ke\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\kz\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\latin_america\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\middle_east\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\mx\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\my\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\ng\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\ph\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\pk\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\ru\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\se\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\ua\ru\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\us\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\vn\standard_speeddial.ini
Deleted - File - C:\program files (x86)\Opera\region\za\standard_speeddial.ini
Deleted - File - C:\Users\long\Appdata\Roaming\Opera\Opera\speeddial.ini
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

\\ Finished

 

==================================
ZHP log
==================================
~ ZHPCleaner v2015.6.21.279 by Nicolas Coolman (2015\06\21)
~ Run by long (Administrator)  (21/06/2015 17:01:44)
~ Site : http://www.nicolascoolman.com/fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\long\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\long\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 8.1, 64-bit  (Build 9600)

---\\  Services (0)
~ No malicious items found.

---\\  Browser internet (0)
~ No malicious items found.

---\\  Hosts file (0)
~ No malicious items found.

---\\  Scheduled automatic tasks. (0)
~ No malicious items found.

---\\  Explorer ( File, Folder) (1)
MOVED folder: C:\Users\long\Music\The Fabulous Thunderbirds (Adware.CrossRider)

---\\  Registry ( Key, Value, Data) (2)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\FwsCtrl.BrowserProtection [BrowserProtection Class] (Hijacker.Eazel)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\FwsCtrl.BrowserProtection.1 [BrowserProtection Class] (Hijacker.Eazel)

---\\ Result of repair
~ Repair carried out successfully

---\\ Statistics
~ Items scanned : 1508
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 3

End of clean at 17:01:55
===================
ZHPCleaner-[R]-21062015-17_01_55.txt
ZHPCleaner-[S]-21062015-17_00_09.txt

==================================
Security Check log
==================================
 Results of screen317's Security Check version 1.004 
   x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Windows Defender              
Symantec Endpoint Protection  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Secunia PSI (3.0.0.9016)  
 Zemana AntiMalware   
 Java 7 Update 55 
 Java version 32-bit out of Date!
  Adobe Flash Player  17.0.0.188 Flash Player out of Date! 
 Adobe Reader XI 
 Mozilla Firefox (38.0.5)
 Mozilla Thunderbird 17.0.6 Thunderbird out of Date! 
 Google Chrome (43.0.2357.124)
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
 Spybot Teatimer.exe is disabled!
 Zemana AntiMalware ZAM.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

==================================
Minitoolbox log
==================================
MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by long (administrator) on 21-06-2015 at 17:07:52
Running from "C:\Users\long\Downloads\Security"
Microsoft Windows 8.1  (X64)
Model: 20210 Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 2230 = Wi-Fi (Connected)
Cisco Systems VPN Adapter for 64-bit Windows = Local Area Connection (Hardware not present)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 2 (Media disconnected)
PdaNet Broadband Adapter = Local Area Connection 3 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="ethernet_4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled mtu=1300 nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled mtu=1300 nud=enabled ignoredefaultroutes=disabled
set interface interface="wireless_7" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_28" forwarding=enabled advertise=enabled mtu=1300 nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled mtu=1300 nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled mtu=1300 nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled ecncapability=ecndisabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled ecncapability=ecndisabled
set interface interface="other_19" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_26" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Unt
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #2
   Physical Address. . . . . . . . . : 84-A6-C8-A4-B2-5C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : PdaNet Broadband Adapter
   Physical Address. . . . . . . . . : 00-26-37-BD-39-42
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 84-A6-C8-A4-B2-59
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2230
   Physical Address. . . . . . . . . : 84-A6-C8-A4-B2-58
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f951:1275:be03:9e56%4(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, June 21, 2015 4:24:57 PM
   Lease Expires . . . . . . . . . . : Sunday, June 21, 2015 7:12:57 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 327460552
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-17-FB-81-B8-88-E3-8F-45-18
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : B8-88-E3-8F-45-18
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:3458:3b90:bb52:981a(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3458:3b90:bb52:981a%5(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 251658240
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-17-FB-81-B8-88-E3-8F-45-18
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{AE7F5B41-7D6D-415B-A9EA-FA67BCD25C7E}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  2607:f8b0:4006:80c::1005
   216.58.219.238

Pinging google.com [216.58.219.206] with 32 bytes of data:
Reply from 216.58.219.206: bytes=32 time=20ms TTL=51
Reply from 216.58.219.206: bytes=32 time=17ms TTL=51

Ping statistics for 216.58.219.206:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 17ms, Maximum = 20ms, Average = 18ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=107ms TTL=43
Reply from 206.190.36.45: bytes=32 time=119ms TTL=43

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 107ms, Maximum = 119ms, Average = 113ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 34...84 a6 c8 a4 b2 5c ......Bluetooth Device (Personal Area Network) #2
 30...00 26 37 bd 39 42 ......PdaNet Broadband Adapter
  6...84 a6 c8 a4 b2 59 ......Microsoft Wi-Fi Direct Virtual Adapter
  4...84 a6 c8 a4 b2 58 ......Intel® Centrino® Wireless-N 2230
  3...b8 88 e3 8f 45 18 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
  5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.11     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.11    281
     192.168.0.11  255.255.255.255         On-link      192.168.0.11    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.11    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.11    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.11    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  5    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  5    306 2001::/32                On-link
  5    306 2001:0:9d38:6ab8:3458:3b90:bb52:981a/128
                                    On-link
  4    281 fe80::/64                On-link
  5    306 fe80::/64                On-link
  5    306 fe80::3458:3b90:bb52:981a/128
                                    On-link
  4    281 fe80::f951:1275:be03:9e56/128
                                    On-link
  1    306 ff00::/8                 On-link
  5    306 ff00::/8                 On-link
  4    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/21/2015 05:04:03 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!WS.Reputation.1 in File: C:\Users\long\Downloads\Security\SecurityCheck.exe by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (06/21/2015 04:42:14 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
 The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/21/2015 04:42:14 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/21/2015 04:42:14 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/21/2015 04:42:14 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/21/2015 04:42:13 PM) (Source: Windows Search Service) (User: )
Description: The plug-in manager <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application

Details:
 (HRESULT : 0x8e5e0210) (0x8e5e0210)

Error: (06/21/2015 04:42:13 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
 The content index catalog is corrupt.   0xc0041801 (0xc0041801)

Error: (06/21/2015 04:42:13 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
  0x8e5e0210 (0x8e5e0210)

Error: (06/21/2015 04:42:12 PM) (Source: ESENT) (User: )
Description: SearchIndexer (5840) Windows: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb002B3.log.

Error: (06/21/2015 04:30:10 PM) (Source: Application Hang) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b34

Start Time: 01d0ac605a6fe04d

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\backgroundTaskHost.exe

Report Id: 4d94298d-1854-11e5-bf64-84a6c8a4b25c

Faulting package full name: E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8

Faulting package-relative application ID: App

System errors:
=============
Error: (06/21/2015 05:07:55 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (06/21/2015 04:42:14 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (06/21/2015 04:42:14 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following service-specific error:
%%2147749126

Error: (06/21/2015 04:41:47 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (06/21/2015 04:41:41 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (06/20/2015 10:05:47 AM) (Source: DCOM) (User: Unt)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/20/2015 10:05:17 AM) (Source: DCOM) (User: Unt)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/19/2015 10:35:49 PM) (Source: DCOM) (User: Unt)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/19/2015 10:35:19 PM) (Source: DCOM) (User: Unt)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/19/2015 10:06:22 PM) (Source: DCOM) (User: Unt)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}UntlongS-1-5-21-4115980822-3319043687-1608911304-1001LocalHost (Using LRPC)UnavailableUnavailable

Microsoft Office Sessions:
=========================
Error: (06/21/2015 05:04:03 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!WS.Reputation.1 in File: C:\Users\long\Downloads\Security\SecurityCheck.exe by: Auto-Protect scan.  Action: Quarantine succeeded : Access denied.  Action Description: The file was quarantined successfully.

Error: (06/21/2015 04:42:14 PM) (Source: Windows Search Service)(User: )
Description:
Details:
 The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/21/2015 04:42:14 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
 The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/21/2015 04:42:14 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (06/21/2015 04:42:14 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
 The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer

Error: (06/21/2015 04:42:13 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
 (HRESULT : 0x8e5e0210) (0x8e5e0210)
Search.TripoliIndexer

Error: (06/21/2015 04:42:13 PM) (Source: Windows Search Service)(User: )
Description:
Details:
 The content index catalog is corrupt.   0xc0041801 (0xc0041801)
The catalog is corrupt

Error: (06/21/2015 04:42:13 PM) (Source: Windows Search Service)(User: )
Description:
Details:
  0x8e5e0210 (0x8e5e0210)
4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)

Error: (06/21/2015 04:42:12 PM) (Source: ESENT)(User: )
Description: SearchIndexer5840Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb002B3.log-1811 (0xfffff8ed)

Error: (06/21/2015 04:30:10 PM) (Source: Application Hang)(User: )
Description: backgroundTaskHost.exe6.3.9600.17415b3401d0ac605a6fe04d4294967295C:\WINDOWS\syswow64\backgroundTaskHost.exe4d94298d-1854-11e5-bf64-84a6c8a4b25cE046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8App

CodeIntegrity Errors:
===================================
  Date: 2015-04-21 22:05:08.676
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-16 20:25:47.890
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-04-12 13:22:47.742
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-23 23:24:21.381
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-22 12:08:13.933
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-18 19:42:38.017
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-14 10:35:00.695
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-13 19:11:02.238
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-08 09:20:37.283
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-03-07 17:10:15.285
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

=========================== Installed Programs ============================

3M™ Cloud Library PC App 1.40 (HKLM-x32\...\3M™ Cloud Library PC App) (Version: 1.40 - 3M)
AAMInstaller (HKLM-x32\...\{A90B6EFD-08F4-4450-A283-C236ED396D35}) (Version: 2.0.240.0 - Adobe System Incorporated) Hidden
Active@ ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe ColdFusion 10 (HKLM\...\Adobe ColdFusion 10) (Version: 10.0.0.0 - Adobe Systems, Inc.)
Adobe ColdFusion 10 .NET Integration Services (HKLM\...\Adobe ColdFusion 10 .NET Integration Services) (Version: 10.0.0.0 - Adobe Systems, Inc.)
Adobe ColdFusion 10 Jetty Service (HKLM\...\Adobe ColdFusion 10 Jetty Service) (Version: 10.0.0.0 - Adobe Systems, Inc.)
Adobe ColdFusion Builder 2 Update 1 (HKLM-x32\...\Uninstall Adobe ColdFusion Builder 2 Update 1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Agent Ransack 2010 (64-bit) (HKLM\...\Agent Ransack (64-bit)_is1) (Version:  - )
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.1.0.570 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arena 3.0 (HKLM-x32\...\Arena 3.0_is1) (Version:  - )
Arena 3.5 (HKLM-x32\...\Arena 3.5_is1) (Version:  - )
BlitzIn 3.10 (HKLM-x32\...\BlitzIn 3.10) (Version:  - Internet Chess Club)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brain Workshop 4.8.4 (HKLM-x32\...\Brain Workshop_is1) (Version: 4.8.4 - Paul Hoskinson & Jonathan Toomim)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Chess Assistant 13 (HKLM-x32\...\Chess Assistant 13_is1) (Version:  - )
Chessmaster 9000 (HKLM-x32\...\Chessmaster 9000) (Version:  - )
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
Dasher (HKLM-x32\...\Dasher) (Version:  - Internet Chess Club)
Decrap my Computer (HKLM-x32\...\Decrap my Computer) (Version:  - Macecraft Software)
DriverUpdate (HKLM-x32\...\{9DE6EA82-B1F4-4156-9565-B38A1AA2D924}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Express Accounts (HKLM-x32\...\ExpressAccounts) (Version: 4.74 - NCH Software)
Express Invoice (HKLM-x32\...\ExpressInvoice) (Version: 3.87 - NCH Software)
FreeFixer (HKLM-x32\...\FreeFixer1.10) (Version: 1.10 - Kephyr)
FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.80.00 - Exent Technologies)
GDR 4033 for SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Houdini version 3 (HKLM\...\{FEBA7043-8935-4646-9EC4-0672C8B134C1}_is1) (Version: 3 - Houdini Chess)
ICC for Windows 1.0 beta 9.6.4 (HKLM-x32\...\{CFF71C5A-D887-429C-A1F6-FD395C1823E8}_is1) (Version: 1.0 - Internet Chess Club, Inc.)
IDAutomation.com Code 39 Free Font (HKLM-x32\...\IDAutomation.com Code 39 Free Font) (Version:  - )
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{89D2FA50-6002-4AFB-8586-3E38B355E891}) (Version: 15.05.2000.1462 - Intel Corporation)
Intelligent Touchpad (HKLM-x32\...\{DD7D6D84-93AB-48CA-A759-94324E341CBA}) (Version: 2.00.0012.0723 - Lenovo)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Just Great Software EditPad Pro 6 v.6.7.1 (HKLM-x32\...\EditPad Pro 6) (Version: v.6.7.1 - Just Great Software)
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
Kingsoft Office 2013 (9.1.0.4058) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4058 - Kingsoft Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.8400.10182 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version:  - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
LocK-A-FoLdeR (HKLM-x32\...\LocK-A-FoLdeR) (Version: 3.10.3 - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Books Online (HKLM-x32\...\{74F7B314-0507-4F91-9A4E-B6C9B027E410}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E8F7904A-4780-4F3F-B153-21BE32857120}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{1D4A3734-9328-440F-960C-42B4CE481EB4}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU (HKLM-x32\...\{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Moneydance 2015 (HKLM\...\5244-9769-3058-9401) (Version: 2015 - The Infinite Kind)
MoneyManagerEX 1.1.2 (HKLM\...\{2C48DC11-E113-4912-8AFC-366D1918101E}_is1) (Version: 1.1.2 - Money Manager EX)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 en-US)) (Version: 17.0.6 - Mozilla)
MusicBee 2.2 (HKLM-x32\...\MusicBee) (Version: 2.2 - Steven Mayall)
Nitro Pro 7 (HKLM\...\{72D264E5-0C44-42DF-820B-621303E5C183}) (Version: 7.4.1.21 - Nitro PDF Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.0.9 - Lenovo)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OverDrive for Windows (HKLM-x32\...\{36994F59-D10D-46DD-A040-C5D095C2A3E9}) (Version: 3.4.1 - OverDrive, Inc.)
PdaNet+ for Android 4.15 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
PDF Split And Merge Basic (HKLM-x32\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.4 - Andrea Vacondio)
PodLift (HKLM-x32\...\{BEF742F6-2011-4494-8A08-9594ADC11BDC}) (Version: 1.0.2.1 - Marc Saint) Hidden
PodLift (HKLM-x32\...\PodLift) (Version:  - Marc Saint)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
R for Windows 3.1.2 (HKLM\...\R for Windows 3.1.2_is1) (Version: 3.1.2 - R Core Team)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39029 - Realtek Semiconductor Corp.)
ResophNotes (HKLM-x32\...\{97B3817A-381F-495E-80DD-A04EAF0886D0}) (Version: 1.5.5 - C.Y.Yen)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1091 - RStudio)
Scan to PDF (HKLM-x32\...\Scan to PDF) (Version: 2.50 - Softi Software)
Scanitto Pro (HKLM-x32\...\{FC9FED7B-11C5-4BAA-AAF0-395AD111EE92}_is1) (Version: 2.16.27.244 - Masters ITC Software)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SecureW2 Enterprise Client 3.5.12 (HKLM-x32\...\SecureW2 Enterprise Client) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SlimCleaner Plus (HKLM\...\{4ACA2953-3836-4049-A013-839F1CAFD0CE}) (Version: 1.4.2 - SlimWare Utilities, Inc.)
Soda PDF 5 (HKLM-x32\...\{7E6EF310-CEB1-49B8-9304-4842671D8A63}) (Version: 5.1.210.11318 - LULU Software Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2008 R2 Reporting Services (HKLM\...\{0C270C59-8706-42B8-A2AD-6E5EE18BC90B}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 BI Development Studio (HKLM\...\{1330309E-64D3-43F4-AA18-BC856182B5DB}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 BI Development Studio (HKLM\...\{312E8540-0799-45D5-A02E-DFB8FCA93CCA}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Client Tools (HKLM\...\{2D2601B6-157F-4F88-B66B-B52DB21EAB2D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Client Tools (HKLM\...\{B5FE23CC-0151-4595-84C3-F1DE6F44FE9B}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Full text search (HKLM\...\{9DFA5914-C275-42E0-810E-C88E46A7F9EA}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Integration Services (HKLM\...\{7709926E-A1EA-43F1-ADD8-C066BDB97B54}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Integration Services (HKLM\...\{A4E14A4D-EA7B-4914-9BBF-504401F3D4F7}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{51E5BC99-A087-4CFF-8D93-462903EA7E12}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Reporting Services (HKLM\...\{2453DBC8-ACC4-4711-BD03-0C15353AA3D8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Symantec Endpoint Protection (HKLM\...\{C02FF081-3B1D-47BA-AA68-37D0EA4B75C5}) (Version: 12.1.3001.165 - Symantec Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
System Ninja version 3.0.6 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.0.6 - SingularLabs)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
UltraEdit (HKLM-x32\...\{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}) (Version: 18.20.1021 - IDM Computer Solutions, Inc.) Hidden
UltraEdit (HKLM-x32\...\InstallShield_{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}) (Version: 18.20.1021 - IDM Computer Solutions, Inc.)
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054791) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{04ADDEC1-208F-4295-AA61-16789EA56814}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054791) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{04ADDEC1-208F-4295-AA61-16789EA56814}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054791) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{04ADDEC1-208F-4295-AA61-16789EA56814}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Wipe (HKLM\...\wipe) (Version: 2015.05 - PrivacyRoot.com)
YNAB 4 version 4.3.656 (HKLM-x32\...\com.ynab.YNAB4.LiveCaptive_is1) (Version: 4.3.656 - YouNeedABudget.com)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.15.721 - Zemana Ltd.)

========================= Devices: ================================

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Device ID: ROOT\NET\0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Lenovo EasyCamera
Description: Lenovo EasyCamera
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Chicony
Service: rtsuvc
Device ID: USB\VID_04F2&PID_B35D&MI_00\7&114AF5F&1&0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 8047.52 MB
Available physical RAM: 4800.95 MB
Total Pagefile: 8623.52 MB
Available Pagefile: 6043.23 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.25 MB

========================= Partitions: =====================================

1 Drive c: (Windows8_OS) (Fixed) (Total:883.84 GB) (Free:511.09 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.79 GB) NTFS

========================= Users: ========================================

User accounts for \\UNT

Administrator            ASPNET                   Guest                   
long               Rie                   srv                  

**** End of log ****

 

==================================
ESET log
==================================
C:\Program Files\Adware-Removal-Tool\ARTP3.exe MSIL/FakeTool.PS trojan cleaned by deleting - quarantined



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:20 AM

Posted 21 June 2015 - 09:18 PM

How are things running now?

 

I also suggest that you install Crystal Security.

http://www.crystalsecurity.eu/ Run a advanced scan with crystal security.

 

Then do the following.

 

Download Malwrebytes from the link below.
https://www.malwarebytes.org/
Select update.
jBVKBI0.png
Then Select Scan Now.
js1M2HF.png
Once the scan is completed.
Remove anything found.
Then go to the History tab.
Then go to the application logs.
Then go to scan log.
Export.
Copy to clipboard.
Post it here in your next reply.

 

 

9-Lab Scan
 
Download 9-Lab Removal Tool. from one of the links below.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
 

http://9-lab.com/download/

Install the program onto your computer, then right click the icon RRXH2ZG.jpg run as administrator.

Go to the Update tab and update the program.

ZT1y9rP.png

Now go to the scanner tab and select Full Scan.

k68m97f.png

Upon Scan Completion Click Show Results.

FihDIFx.png

Now click the Clean button.

eCCJKcA.png

Once done cleaning you can go to the logs tab double click it and copy paste in your next reply.

 

 

Download Malwarebytes Anti-Rootkit to your desktop.

  • Double-click the icon to start the tool.
  • It will ask you where to extract make sure it is on the desktop.
  • Malwarebytes Anti-Rootkit needs to be run from an account with admin rights.
  • Click next to continue.
  • Then Click Update
  • Once the update is Finished select Next then Scan.
  • If no malware has been found, at the end of scan select Exit
  • If an infection was found, make sure to select all items and click Cleanup.
  • Reboot your machine.
  • Open the MBAR folder and paste the content of the following into your next reply:
  • mbar-log-{date} (xx-xx-xx).txt
  • system-log.txt


#9 shedsopdu

shedsopdu
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 24 June 2015 - 06:55 PM

Thanks - things improved a bit but then I did see one new instance of the svchost.exe blocking. I will proceed with the other scans you recommended.

 

Thanks again.



#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:20 AM

Posted 25 June 2015 - 05:26 PM

You are welcome, post the logs when time permits.



#11 shedsopdu

shedsopdu
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 04 July 2015 - 10:54 AM

Hello again, quick question: How long should the Malwarebytes Anti-Rootkit scan take? Mine said "Done!" in the results window but the Next/Cleanup button remained grayed out.

 

Thanks again.



#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:20 AM

Posted 04 July 2015 - 03:44 PM

Was anything detected?



#13 shedsopdu

shedsopdu
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 07 July 2015 - 06:20 PM

Thanks,

 

The Malwarebytes Anti-Rootkit scan keeps stalling. I saw some references to such an issue in Google searches, but no clear resolution. A lot of the people ran into a similar issue with the regular Malwarebytes application and updating that software resolved the issue. Is there a similar more recent version of the Malwarebytes Anti-Rootkit that I could download?

 

Thanks again,



#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:20 AM

Posted 11 July 2015 - 05:44 PM

Sorry for the delay still having issues?



#15 shedsopdu

shedsopdu
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 13 July 2015 - 10:44 PM

No worries, thanks.
 
I am still seeing the original message: "Symantec Endpoint Protection: traffic has been blocked from this application: svchost.exe"
 
I realize though that I never posted the details of the blocked traffic. Here's a sample (my MAC address redacted):
 
Date and Time Action Severity Direction Protocol Remote Host Remote MAC Remote Port Local Host Local MAC Local Port Application User User Domain Location Occurrences Begin Time End Time Rule
7/13/2015 23:22 Blocked 10 Outgoing ICMP 209.18.47.62 2C-9E-5F-DB-A7-8B 3 192.168.0.11 00-00-00-00-00-00 3 long Unt Default 1 7/13/2015 23:22 7/13/2015 23:22 Block_all
7/13/2015 23:22 Blocked 3 Outgoing UDP 239.255.255.250 01-00-5E-7F-FF-FA 1900 192.168.0.11 00-00-00-00-00-00 1900 C:\Windows\System32\svchost.exe LOCAL SERVICE NT AUTHORITY Default 18 7/13/2015 23:22 7/13/2015 23:22 Block UPnP Discovery
 
I don't know whether that log info means something dangerous or not.
 
Sorry for the formatting, but I can't find where I can attach a text file to this thread. Is there a way to do that?
 
Thanks again,





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users