Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Persistent DNSUnlocker infections


  • Please log in to reply
18 replies to this topic

#1 Bollywood

Bollywood

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 05 January 2016 - 05:48 PM

I am running Windows 10 and am constantly plagued by this thing called DNSUnlocker. At present my PC seems to be clean, as I've run a few anti-malware programs such as MalwareBytes. But I have thought it was clean before, only to find I get attacked by what can only be described as an ad swarm from DNSUnlocker. I have come to the conclusion that this nasty bit of spamware gremlin rubbish is lurking somewhere on my computer and every so often rears its ugly head again. The only relief I have been able to get is by running MalwareBytes and other anti-adware programs resident. These block any unwanted traffic. At present I am not receiving any such traffic, but as I said, every so often this changes and I get swamped by adware all purporting to be DNSUnlocker. I have never been able to pinpoint a file or files that could be responsible and can only conclude that it has embedded itself into a major .exe file like Chrome or is masquerading as a legitimate Windows or app file. I also have this DNSUnlocker on my laptop which is running Windows 7. It is infected in a similar way. The really peculiar thing is that it nearly always makes an appearance whenever I go on to our Government's weather radar page! Problem is I am fond of checking the weather each morning and night. LOL! I have no idea how I contracted this rubbish adware. I can only conclude it came with a download of an app at some point in time. I did trace one possible source of infection to an FTP program that I downloaded. At least after I removed the app I had no problems for a long time afterwards. But as I said, I do not believe it is gone completely as it keeps coming back from time to time. I really think I need help with removing this gremlin, as it has me running in circles.

 

I can answer one question before you ask it.

 

MY DNS settings remain unchanged. They are still set to automatic and always have been. Even during the worst ad swarm they remain unchanged.


Edited by Bollywood, 05 January 2016 - 05:57 PM.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:49 PM

Posted 06 January 2016 - 05:58 PM

Hi

 

This thread will be for help with the computer with Windows 10.

 

:step1:

 

Please start another thread in "Am I infected?" for the laptop with Windows 7, and include a link to this thread.

 

----------------------------

 

We will be helping you with your problems. Please be patient while we assist you.

Some points for you to keep in mind while we are helping you to make things go easier and faster for both of us:

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to

For Win 8, Win 7 and Win Vista: "Windows Orb"> Programs > Accessories > Notepad
For Win XP: Start Menu > All Programs > Accessories > Notepad.

Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following next:

:step2:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!


  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Win Vista/Win 7 / Win 8 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2014_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.

:step3:

Please download AdwCleaner by Xplode onto your Desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan.
  • Confirm each time with Ok.
  • Then click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

:step4:

Please download Farbar Service Scanner to the Desktop of the computer with the issue, and run it.


  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.

:step5:

Please download MiniToolBox, save it to your Desktop and run it.

Checkmark the following checkboxes:


  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
[/quote]


Edited by dev00790, 06 January 2016 - 05:59 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 Bollywood

Bollywood
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 06 January 2016 - 09:50 PM

Thank you for offering to help with my problem. At present the PC appears to be running normally.

 

TDSS Rootkit Log File

 

12:13:56.0618 0x1510  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12

12:13:56.0796 0x1510  UEFI system
12:14:04.0143 0x1510  ============================================================
12:14:04.0143 0x1510  Current date / time: 2016/01/07 12:14:04.0143
12:14:04.0143 0x1510  SystemInfo:
12:14:04.0175 0x1510  
12:14:04.0175 0x1510  OS Version: 10.0.10586 ServicePack: 0.0
12:14:04.0175 0x1510  Product type: Workstation
12:14:04.0175 0x1510  ComputerName: DESKTOP-0B7J1CH
12:14:04.0175 0x1510  UserName: Ian
12:14:04.0175 0x1510  Windows directory: C:\WINDOWS
12:14:04.0175 0x1510  System windows directory: C:\WINDOWS
12:14:04.0175 0x1510  Running under WOW64
12:14:04.0175 0x1510  Processor architecture: Intel x64
12:14:04.0175 0x1510  Number of processors: 8
12:14:04.0175 0x1510  Page size: 0x1000
12:14:04.0175 0x1510  Boot type: Normal boot
12:14:04.0175 0x1510  ============================================================
12:14:08.0937 0x1510  KLMD registered as C:\WINDOWS\system32\drivers\73110269.sys
12:14:17.0100 0x1510  System UUID: {11B6889D-D42A-3057-E5EB-A4E2AEE94ED0}
12:14:23.0296 0x1510  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:14:23.0328 0x1510  ============================================================
12:14:23.0328 0x1510  \Device\Harddisk0\DR0:
12:14:23.0328 0x1510  GPT partitions:
12:14:23.0328 0x1510  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9BC4E8C6-2B8B-4778-9D87-F8AFE917BCC3}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
12:14:23.0328 0x1510  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E4222D15-88CA-4937-B785-373F6677940B}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x32000
12:14:23.0328 0x1510  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {75456C22-7B3C-4294-84D4-186215B09466}, Name: Microsoft reserved partition, StartLBA 0x113800, BlocksNum 0x8000
12:14:23.0328 0x1510  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7CC60B7E-91E4-4D0F-AB48-8626D13E76AA}, Name: Basic data partition, StartLBA 0x11B800, BlocksNum 0x7450A000
12:14:23.0328 0x1510  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2C7C4E2F-2CE1-424B-A657-3CD62C4C8A06}, Name: , StartLBA 0x74625800, BlocksNum 0xE1000
12:14:23.0328 0x1510  MBR partitions:
12:14:23.0328 0x1510  ============================================================
12:14:23.0375 0x1510  C: <-> \Device\Harddisk0\DR0\Partition4
12:14:23.0375 0x1510  ============================================================
12:14:23.0375 0x1510  Initialize success
12:14:23.0375 0x1510  ============================================================
12:15:47.0735 0x0d74  ============================================================
12:15:47.0735 0x0d74  Scan started
12:15:47.0735 0x0d74  Mode: Manual; SigCheck; TDLFS; 
12:15:47.0735 0x0d74  ============================================================
12:15:47.0735 0x0d74  KSN ping started
12:15:47.0766 0x0d74  KSN ping finished: false
12:15:50.0003 0x0d74  ================ Scan system memory ========================
12:15:50.0003 0x0d74  System memory - ok
12:15:50.0003 0x0d74  ================ Scan services =============================
12:15:50.0072 0x0d74  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:15:50.0141 0x0d74  !SASCORE - ok
12:15:50.0236 0x0d74  1394ohci - ok
12:15:50.0241 0x0d74  3ware - ok
12:15:50.0241 0x0d74  ACPI - ok
12:15:50.0241 0x0d74  acpiex - ok
12:15:50.0257 0x0d74  acpipagr - ok
12:15:50.0273 0x0d74  AcpiPmi - ok
12:15:50.0273 0x0d74  acpitime - ok
12:15:50.0357 0x0d74  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:15:50.0388 0x0d74  AdobeARMservice - ok
12:15:50.0388 0x0d74  ADP80XX - ok
12:15:50.0388 0x0d74  AFD - ok
12:15:50.0388 0x0d74  agp440 - ok
12:15:50.0388 0x0d74  ahcache - ok
12:15:50.0403 0x0d74  AJRouter - ok
12:15:50.0419 0x0d74  ALG - ok
12:15:50.0473 0x0d74  [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
12:15:50.0504 0x0d74  AMD External Events Utility - ok
12:15:50.0504 0x0d74  AmdK8 - ok
12:15:50.0504 0x0d74  amdkmdag - ok
12:15:50.0541 0x0d74  [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
12:15:50.0557 0x0d74  amdkmdap - ok
12:15:50.0573 0x0d74  AmdPPM - ok
12:15:50.0573 0x0d74  amdsata - ok
12:15:50.0573 0x0d74  amdsbs - ok
12:15:50.0573 0x0d74  amdxata - ok
12:15:50.0573 0x0d74  AppID - ok
12:15:50.0573 0x0d74  AppIDSvc - ok
12:15:50.0573 0x0d74  Appinfo - ok
12:15:50.0639 0x0d74  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:15:50.0657 0x0d74  Apple Mobile Device Service - ok
12:15:50.0657 0x0d74  AppReadiness - ok
12:15:50.0657 0x0d74  AppXSvc - ok
12:15:50.0657 0x0d74  arcsas - ok
12:15:50.0657 0x0d74  AsyncMac - ok
12:15:50.0657 0x0d74  atapi - ok
12:15:50.0789 0x0d74  [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
12:15:50.0920 0x0d74  AtiHDAudioService - ok
12:15:50.0920 0x0d74  AudioEndpointBuilder - ok
12:15:50.0937 0x0d74  Audiosrv - ok
12:15:50.0939 0x0d74  AxInstSV - ok
12:15:50.0942 0x0d74  b06bdrv - ok
12:15:50.0942 0x0d74  BasicDisplay - ok
12:15:50.0942 0x0d74  BasicRender - ok
12:15:50.0942 0x0d74  bcmfn - ok
12:15:50.0942 0x0d74  bcmfn2 - ok
12:15:50.0958 0x0d74  BDESVC - ok
12:15:50.0958 0x0d74  Beep - ok
12:15:50.0973 0x0d74  BFE - ok
12:15:51.0089 0x0d74  [ 9CF4428D09C73B6F633AF9E58B835689, 173D1A8A3E1B1CA6D0E4773B048B8B6549A8124E87942992BDE30211BEFFBE20 ] BHDrvx64        C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\BASHDefs\20160104.001\BHDrvx64.sys
12:15:51.0142 0x0d74  BHDrvx64 - ok
12:15:51.0158 0x0d74  BITS - ok
12:15:51.0174 0x0d74  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:15:51.0190 0x0d74  Bonjour Service - ok
12:15:51.0190 0x0d74  bowser - ok
12:15:51.0190 0x0d74  BrokerInfrastructure - ok
12:15:51.0221 0x0d74  Browser - ok
12:15:51.0221 0x0d74  BthAvrcpTg - ok
12:15:51.0236 0x0d74  BthHFEnum - ok
12:15:51.0240 0x0d74  bthhfhid - ok
12:15:51.0243 0x0d74  BthHFSrv - ok
12:15:51.0243 0x0d74  BTHMODEM - ok
12:15:51.0243 0x0d74  bthserv - ok
12:15:51.0259 0x0d74  buttonconverter - ok
12:15:51.0259 0x0d74  CapImg - ok
12:15:51.0341 0x0d74  [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_NAV       C:\WINDOWS\system32\drivers\NAVx64\1605050.00F\ccSetx64.sys
12:15:51.0359 0x0d74  ccSet_NAV - ok
12:15:51.0359 0x0d74  cdfs - ok
12:15:51.0374 0x0d74  CDPSvc - ok
12:15:51.0374 0x0d74  cdrom - ok
12:15:51.0374 0x0d74  CertPropSvc - ok
12:15:51.0374 0x0d74  circlass - ok
12:15:51.0374 0x0d74  CLFS - ok
12:15:51.0374 0x0d74  ClipSVC - ok
12:15:51.0390 0x0d74  CmBatt - ok
12:15:51.0390 0x0d74  CNG - ok
12:15:51.0390 0x0d74  cnghwassist - ok
12:15:51.0421 0x0d74  CompositeBus - ok
12:15:51.0421 0x0d74  COMSysApp - ok
12:15:51.0421 0x0d74  condrv - ok
12:15:51.0421 0x0d74  CoreMessagingRegistrar - ok
12:15:51.0443 0x0d74  CryptSvc - ok
12:15:51.0459 0x0d74  dam - ok
12:15:51.0459 0x0d74  DcomLaunch - ok
12:15:51.0459 0x0d74  DcpSvc - ok
12:15:51.0459 0x0d74  defragsvc - ok
12:15:51.0459 0x0d74  DeviceAssociationService - ok
12:15:51.0459 0x0d74  DeviceInstall - ok
12:15:51.0474 0x0d74  DevQueryBroker - ok
12:15:51.0474 0x0d74  Dfsc - ok
12:15:51.0474 0x0d74  Dhcp - ok
12:15:51.0474 0x0d74  diagnosticshub.standardcollector.service - ok
12:15:51.0490 0x0d74  DiagTrack - ok
12:15:51.0490 0x0d74  disk - ok
12:15:51.0506 0x0d74  DmEnrollmentSvc - ok
12:15:51.0506 0x0d74  dmvsc - ok
12:15:51.0506 0x0d74  dmwappushservice - ok
12:15:51.0506 0x0d74  Dnscache - ok
12:15:51.0506 0x0d74  dot3svc - ok
12:15:51.0506 0x0d74  DPS - ok
12:15:51.0521 0x0d74  drmkaud - ok
12:15:51.0644 0x0d74  [ 9B9B5599575D5B0F4F8384A66E3936AD, 56D8FA5A0DC3E1B309038E66B951FEEEE14BE79448BE696682EC7EE944BC270E ] DSAO            C:\Program Files (x86)\Veloxum\iPTE\DriverSupportAOsvc.exe
12:15:51.0675 0x0d74  DSAO - ok
12:15:51.0691 0x0d74  DsmSvc - ok
12:15:51.0691 0x0d74  DsSvc - ok
12:15:51.0691 0x0d74  DXGKrnl - ok
12:15:51.0691 0x0d74  Eaphost - ok
12:15:51.0691 0x0d74  ebdrv - ok
12:15:51.0744 0x0d74  [ DB817375F4D6D3F2556DE7777775D885, 6DC5CC936E26CBB468ACDD008F6F8B30F8D9D1EC631BCDDF7E692814C9A54D7D ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:15:51.0776 0x0d74  eeCtrl - ok
12:15:51.0791 0x0d74  EFS - ok
12:15:51.0860 0x0d74  EhStorClass - ok
12:15:51.0860 0x0d74  EhStorTcgDrv - ok
12:15:51.0876 0x0d74  embeddedmode - ok
12:15:51.0876 0x0d74  EntAppSvc - ok
12:15:51.0907 0x0d74  [ A47F76D4AAFD6193AAC5E049C560213D, 2B6E4EB31394C4D8D2444A197FFCC3C702BC17B0F7BDF0D6FF87DF5C14016FC1 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:15:51.0922 0x0d74  EraserUtilRebootDrv - ok
12:15:51.0938 0x0d74  ErrDev - ok
12:15:51.0960 0x0d74  EventSystem - ok
12:15:52.0007 0x0d74  [ F5F38921D579E16D31C58B702C32158E, D991A03F92ADFEAEE3B7441AEC0092E7D48CCEF78CD18152FF9F2A4AF8A6F7B2 ] ewusbnet        C:\WINDOWS\System32\drivers\ewusbnet.sys
12:15:52.0145 0x0d74  ewusbnet - ok
12:15:52.0145 0x0d74  exfat - ok
12:15:52.0160 0x0d74  fastfat - ok
12:15:52.0160 0x0d74  Fax - ok
12:15:52.0160 0x0d74  fdc - ok
12:15:52.0176 0x0d74  fdPHost - ok
12:15:52.0176 0x0d74  FDResPub - ok
12:15:52.0176 0x0d74  fhsvc - ok
12:15:52.0192 0x0d74  FileCrypt - ok
12:15:52.0192 0x0d74  FileInfo - ok
12:15:52.0192 0x0d74  Filetrace - ok
12:15:52.0192 0x0d74  flpydisk - ok
12:15:52.0192 0x0d74  FltMgr - ok
12:15:52.0207 0x0d74  FontCache - ok
12:15:52.0260 0x0d74  FontCache3.0.0.0 - ok
12:15:52.0260 0x0d74  FsDepends - ok
12:15:52.0276 0x0d74  Fs_Rec - ok
12:15:52.0276 0x0d74  fvevol - ok
12:15:52.0276 0x0d74  gagp30kx - ok
12:15:52.0307 0x0d74  [ 9AB9F3B75A2EB87FAFB1B7361BE9DFB3, 31F4CFB4C71DA44120752721103A16512444C13C2AC2D857A7E6F13CB679B427 ] gdrv            C:\WINDOWS\gdrv.sys
12:15:52.0323 0x0d74  gdrv - ok
12:15:52.0323 0x0d74  gencounter - ok
12:15:52.0323 0x0d74  genericusbfn - ok
12:15:52.0342 0x0d74  GPIOClx0101 - ok
12:15:52.0345 0x0d74  gpsvc - ok
12:15:52.0361 0x0d74  GpuEnergyDrv - ok
12:15:52.0408 0x0d74  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:15:52.0440 0x0d74  gupdate - ok
12:15:52.0443 0x0d74  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:15:52.0446 0x0d74  gupdatem - ok
12:15:52.0477 0x0d74  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:15:52.0492 0x0d74  gusvc - ok
12:15:52.0492 0x0d74  HDAudBus - ok
12:15:52.0492 0x0d74  HidBatt - ok
12:15:52.0492 0x0d74  HidBth - ok
12:15:52.0492 0x0d74  hidi2c - ok
12:15:52.0492 0x0d74  hidinterrupt - ok
12:15:52.0492 0x0d74  HidIr - ok
12:15:52.0492 0x0d74  hidserv - ok
12:15:52.0508 0x0d74  HidUsb - ok
12:15:52.0524 0x0d74  HomeGroupListener - ok
12:15:52.0524 0x0d74  HomeGroupProvider - ok
12:15:52.0524 0x0d74  HpSAMD - ok
12:15:52.0524 0x0d74  HTTP - ok
12:15:52.0561 0x0d74  [ CDAA8E257BB625B2387219E605DDE37D, 2AAA32AFC3576DBBC422557F871B934F544642EB9B85E89971F0146E2021C187 ] hwdatacard      C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
12:15:52.0661 0x0d74  hwdatacard - ok
12:15:52.0661 0x0d74  hwpolicy - ok
12:15:52.0676 0x0d74  hyperkbd - ok
12:15:52.0676 0x0d74  i8042prt - ok
12:15:52.0676 0x0d74  iai2c - ok
12:15:52.0676 0x0d74  iaLPSS2i_I2C - ok
12:15:52.0692 0x0d74  iaLPSSi_GPIO - ok
12:15:52.0692 0x0d74  iaLPSSi_I2C - ok
12:15:52.0692 0x0d74  iaStorAV - ok
12:15:52.0692 0x0d74  iaStorV - ok
12:15:52.0692 0x0d74  ibbus - ok
12:15:52.0745 0x0d74  [ 8F5031663CBB1A9922074E8E23151FFA, EF69CD92096291F5FC18550B2B6DBD4F61058603691F4BD3E61DEC97FD15E5FE ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
12:15:52.0761 0x0d74  ICCS - ok
12:15:52.0777 0x0d74  icssvc - ok
12:15:52.0877 0x0d74  [ 3448DB2B812AA873ED6E5D609B1DB067, E0F9B35FE59713C09BD838FAD5305DF5FDF24DF1D88F8849F7F88466CF93A7F7 ] IDSVia64        C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\IPSDefs\20160105.003\IDSvia64.sys
12:15:52.0924 0x0d74  IDSVia64 - ok
12:15:52.0924 0x0d74  IEEtwCollectorService - ok
12:15:52.0924 0x0d74  IKEEXT - ok
12:15:53.0061 0x0d74  [ 067D63BC5A114FF0C4EF3404F0134625, F6CE79F0015F19B1B346815F769758F5FF6DCA663626DCE352682D93763CFFC0 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:15:53.0193 0x0d74  IntcAzAudAddService - ok
12:15:53.0224 0x0d74  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:15:53.0261 0x0d74  Intel® Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
12:15:53.0377 0x0d74  Intel® Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - warning
12:15:53.0393 0x0d74  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:15:53.0424 0x0d74  Intel® Capability Licensing Service TCP IP Interface - ok
12:15:53.0424 0x0d74  intelide - ok
12:15:53.0424 0x0d74  intelpep - ok
12:15:53.0424 0x0d74  intelppm - ok
12:15:53.0424 0x0d74  IoQos - ok
12:15:53.0444 0x0d74  IpFilterDriver - ok
12:15:53.0446 0x0d74  iphlpsvc - ok
12:15:53.0461 0x0d74  IPMIDRV - ok
12:15:53.0461 0x0d74  IPNAT - ok
12:15:53.0493 0x0d74  [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:15:53.0524 0x0d74  iPod Service - ok
12:15:53.0524 0x0d74  IRENUM - ok
12:15:53.0524 0x0d74  isapnp - ok
12:15:53.0524 0x0d74  iScsiPrt - ok
12:15:53.0546 0x0d74  [ EC878766B993B09E99320D693CC0AC93, 9AF9DFEE8D23A57214F21CA2F597D84B40E01E9095C2377F37926F3B9C55FE03 ] IT9135BDA       C:\WINDOWS\System32\Drivers\IT9135BDA.sys
12:15:53.0662 0x0d74  IT9135BDA - ok
12:15:53.0709 0x0d74  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
12:15:53.0746 0x0d74  jhi_service - ok
12:15:53.0746 0x0d74  kbdclass - ok
12:15:53.0746 0x0d74  kbdhid - ok
12:15:53.0762 0x0d74  kdnic - ok
12:15:53.0762 0x0d74  KeyIso - ok
12:15:53.0762 0x0d74  KSecDD - ok
12:15:53.0762 0x0d74  KSecPkg - ok
12:15:53.0762 0x0d74  ksthunk - ok
12:15:53.0778 0x0d74  KtmRm - ok
12:15:53.0809 0x0d74  LanmanServer - ok
12:15:53.0809 0x0d74  LanmanWorkstation - ok
12:15:53.0825 0x0d74  lfsvc - ok
12:15:53.0825 0x0d74  LicenseManager - ok
12:15:53.0825 0x0d74  lltdio - ok
12:15:53.0825 0x0d74  lltdsvc - ok
12:15:53.0847 0x0d74  lmhosts - ok
12:15:53.0894 0x0d74  [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:15:53.0909 0x0d74  LMS - ok
12:15:53.0909 0x0d74  LSI_SAS - ok
12:15:53.0909 0x0d74  LSI_SAS2i - ok
12:15:53.0909 0x0d74  LSI_SAS3i - ok
12:15:53.0909 0x0d74  LSI_SSS - ok
12:15:53.0925 0x0d74  LSM - ok
12:15:53.0925 0x0d74  luafv - ok
12:15:53.0925 0x0d74  MapsBroker - ok
12:15:53.0946 0x0d74  [ 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849, 80E571FEE4373E4AF487176C9265FB89912739E961C47880A60115BD50638AEA ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
12:15:53.0962 0x0d74  mbamchameleon - ok
12:15:53.0978 0x0d74  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:15:53.0978 0x0d74  MBAMProtector - ok
12:15:54.0047 0x0d74  [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
12:15:54.0078 0x0d74  MBAMScheduler - ok
12:15:54.0110 0x0d74  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
12:15:54.0143 0x0d74  MBAMService - ok
12:15:54.0178 0x0d74  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
12:15:54.0193 0x0d74  MBAMSwissArmy - ok
12:15:54.0193 0x0d74  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:15:54.0225 0x0d74  MBAMWebAccessControl - ok
12:15:54.0225 0x0d74  megasas - ok
12:15:54.0225 0x0d74  megasr - ok
12:15:54.0262 0x0d74  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
12:15:54.0262 0x0d74  MEIx64 - ok
12:15:54.0278 0x0d74  MessagingService - ok
12:15:54.0278 0x0d74  mlx4_bus - ok
12:15:54.0293 0x0d74  MMCSS - ok
12:15:54.0293 0x0d74  Modem - ok
12:15:54.0293 0x0d74  monitor - ok
12:15:54.0293 0x0d74  mouclass - ok
12:15:54.0293 0x0d74  mouhid - ok
12:15:54.0293 0x0d74  mountmgr - ok
12:15:54.0325 0x0d74  [ 090EA48109E3CEC6229777C308184D81, DA9A66766998658F68C64607158571CEF526F3F49BD07D71C7DD54F778B14CF8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:15:54.0347 0x0d74  MozillaMaintenance - ok
12:15:54.0347 0x0d74  mpsdrv - ok
12:15:54.0347 0x0d74  MpsSvc - ok
12:15:54.0347 0x0d74  MRxDAV - ok
12:15:54.0363 0x0d74  mrxsmb - ok
12:15:54.0363 0x0d74  mrxsmb10 - ok
12:15:54.0363 0x0d74  mrxsmb20 - ok
12:15:54.0363 0x0d74  MsBridge - ok
12:15:54.0363 0x0d74  MSDTC - ok
12:15:54.0363 0x0d74  Msfs - ok
12:15:54.0378 0x0d74  msgpiowin32 - ok
12:15:54.0378 0x0d74  mshidkmdf - ok
12:15:54.0378 0x0d74  mshidumdf - ok
12:15:54.0378 0x0d74  msisadrv - ok
12:15:54.0394 0x0d74  MSiSCSI - ok
12:15:54.0394 0x0d74  msiserver - ok
12:15:54.0394 0x0d74  MSKSSRV - ok
12:15:54.0409 0x0d74  MsLldp - ok
12:15:54.0409 0x0d74  MSPCLOCK - ok
12:15:54.0409 0x0d74  MSPQM - ok
12:15:54.0409 0x0d74  MsRPC - ok
12:15:54.0409 0x0d74  mssmbios - ok
12:15:54.0409 0x0d74  MSTEE - ok
12:15:54.0409 0x0d74  MTConfig - ok
12:15:54.0409 0x0d74  Mup - ok
12:15:54.0409 0x0d74  mvumis - ok
12:15:54.0425 0x0d74  NativeWifiP - ok
12:15:54.0462 0x0d74  [ 824ADA7F49D806F9E80AC3F97BCF15B7, 207BF2F9B24458DD6CD7003C49D460B6D701DF41475B8C76B39F14EC0964ABE3 ] NAV             C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\NAV.exe
12:15:54.0462 0x0d74  NAV - ok
12:15:54.0547 0x0d74  [ FE7B38240E86075E6BC5953496B5C2F1, 13CBDCFD5E63A49D6E66D9EBA701037F014EEED9BBFE8588CE2968A35FF2E16E ] NAVENG          C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\VirusDefs\20160106.004\ENG64.SYS
12:15:54.0578 0x0d74  NAVENG - ok
12:15:54.0645 0x0d74  [ C002FA84570CA35F704ACF0AC4A5EAB0, E4246631E5D7AFD31CE642157A9102CB0DDE5B5051D08C3A5EA736CB3C99C6D9 ] NAVEX15         C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.2.15\Definitions\VirusDefs\20160106.004\EX64.SYS
12:15:54.0679 0x0d74  NAVEX15 - ok
12:15:54.0695 0x0d74  NcaSvc - ok
12:15:54.0695 0x0d74  NcbService - ok
12:15:54.0695 0x0d74  NcdAutoSetup - ok
12:15:54.0695 0x0d74  ndfltr - ok
12:15:54.0710 0x0d74  NDIS - ok
12:15:54.0710 0x0d74  NdisCap - ok
12:15:54.0726 0x0d74  NdisImPlatform - ok
12:15:54.0726 0x0d74  NdisTapi - ok
12:15:54.0726 0x0d74  Ndisuio - ok
12:15:54.0726 0x0d74  NdisVirtualBus - ok
12:15:54.0726 0x0d74  NdisWan - ok
12:15:54.0726 0x0d74  ndiswanlegacy - ok
12:15:54.0726 0x0d74  ndproxy - ok
12:15:54.0726 0x0d74  Ndu - ok
12:15:54.0825 0x0d74  [ 6D4028D458EAAA1782099750790DC8C9, 0D863A61D049235D5BBEC998185814B798674AD861DEBF0C903D28E310CE2768 ] Nero BackItUp Scheduler 3 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
12:15:54.0848 0x0d74  Nero BackItUp Scheduler 3 - ok
12:15:54.0848 0x0d74  NetBIOS - ok
12:15:54.0864 0x0d74  NetBT - ok
12:15:54.0864 0x0d74  Netlogon - ok
12:15:54.0864 0x0d74  Netman - ok
12:15:54.0879 0x0d74  netprofm - ok
12:15:54.0879 0x0d74  NetSetupSvc - ok
12:15:54.0895 0x0d74  NetTcpPortSharing - ok
12:15:54.0911 0x0d74  NgcCtnrSvc - ok
12:15:54.0911 0x0d74  NgcSvc - ok
12:15:54.0911 0x0d74  NlaSvc - ok
12:15:54.0981 0x0d74  [ 9B664C0186EC16EA8812831CECC80BC8, 6DE6C1AA3500F26BA757A1ED37DB9FD9B85B206D11F10A6803CBA584F175FCD1 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
12:15:55.0012 0x0d74  NMIndexingService - ok
12:15:55.0012 0x0d74  Npfs - ok
12:15:55.0012 0x0d74  npsvctrig - ok
12:15:55.0028 0x0d74  nsi - ok
12:15:55.0028 0x0d74  nsiproxy - ok
12:15:55.0028 0x0d74  NTFS - ok
12:15:55.0028 0x0d74  Null - ok
12:15:55.0028 0x0d74  nvraid - ok
12:15:55.0028 0x0d74  nvstor - ok
12:15:55.0043 0x0d74  nv_agp - ok
12:15:55.0111 0x0d74  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:15:55.0145 0x0d74  odserv - ok
12:15:55.0149 0x0d74  OneSyncSvc - ok
12:15:55.0196 0x0d74  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:15:55.0211 0x0d74  ose - ok
12:15:55.0211 0x0d74  p2pimsvc - ok
12:15:55.0211 0x0d74  p2psvc - ok
12:15:55.0211 0x0d74  Parport - ok
12:15:55.0227 0x0d74  partmgr - ok
12:15:55.0227 0x0d74  PcaSvc - ok
12:15:55.0227 0x0d74  pci - ok
12:15:55.0227 0x0d74  pciide - ok
12:15:55.0227 0x0d74  pcmcia - ok
12:15:55.0227 0x0d74  pcw - ok
12:15:55.0227 0x0d74  pdc - ok
12:15:55.0227 0x0d74  PEAUTH - ok
12:15:55.0247 0x0d74  percsas2i - ok
12:15:55.0249 0x0d74  percsas3i - ok
12:15:55.0280 0x0d74  PerfHost - ok
12:15:55.0280 0x0d74  PhoneSvc - ok
12:15:55.0280 0x0d74  PimIndexMaintenanceSvc - ok
12:15:55.0296 0x0d74  pla - ok
12:15:55.0296 0x0d74  PlugPlay - ok
12:15:55.0296 0x0d74  PNRPAutoReg - ok
12:15:55.0296 0x0d74  PNRPsvc - ok
12:15:55.0311 0x0d74  PolicyAgent - ok
12:15:55.0311 0x0d74  Power - ok
12:15:55.0311 0x0d74  PptpMiniport - ok
12:15:55.0481 0x0d74  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:15:55.0712 0x0d74  PrintNotify - ok
12:15:55.0728 0x0d74  Processor - ok
12:15:55.0728 0x0d74  ProfSvc - ok
12:15:55.0750 0x0d74  Psched - ok
12:15:55.0765 0x0d74  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\WINDOWS\system32\pwdrvio.sys
12:15:55.0781 0x0d74  pwdrvio - ok
12:15:55.0796 0x0d74  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\Windows\system32\pwdspio.sys
12:15:55.0812 0x0d74  pwdspio - ok
12:15:55.0812 0x0d74  QWAVE - ok
12:15:55.0812 0x0d74  QWAVEdrv - ok
12:15:55.0812 0x0d74  RasAcd - ok
12:15:55.0828 0x0d74  RasAgileVpn - ok
12:15:55.0828 0x0d74  RasAuto - ok
12:15:55.0828 0x0d74  Rasl2tp - ok
12:15:55.0828 0x0d74  RasMan - ok
12:15:55.0828 0x0d74  RasPppoe - ok
12:15:55.0828 0x0d74  RasSstp - ok
12:15:55.0828 0x0d74  rdbss - ok
12:15:55.0828 0x0d74  rdpbus - ok
12:15:55.0828 0x0d74  RDPDR - ok
12:15:55.0845 0x0d74  RdpVideoMiniport - ok
12:15:55.0847 0x0d74  rdyboost - ok
12:15:55.0966 0x0d74  [ 302266897C0E1C64340F2EA0C4029DCB, E18FA3739223191A941F3518A86DAE43FEB7417C3462892C482F3F9467D2AB92 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
12:15:56.0013 0x0d74  ReflectService.exe - ok
12:15:56.0013 0x0d74  ReFSv1 - ok
12:15:56.0029 0x0d74  RemoteAccess - ok
12:15:56.0046 0x0d74  RemoteRegistry - ok
12:15:56.0048 0x0d74  RetailDemo - ok
12:15:56.0050 0x0d74  RpcEptMapper - ok
12:15:56.0051 0x0d74  RpcLocator - ok
12:15:56.0051 0x0d74  RpcSs - ok
12:15:56.0051 0x0d74  rspndr - ok
12:15:56.0082 0x0d74  [ C1EC85A1518B94AF10E04A9388FF835F, C58B5539E3B85B0AFB5F9F29114439E26C930AC19D27FB9712174F39CE0C7DDE ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
12:15:56.0145 0x0d74  rt640x64 - ok
12:15:56.0149 0x0d74  s3cap - ok
12:15:56.0151 0x0d74  SamSs - ok
12:15:56.0198 0x0d74  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:15:56.0198 0x0d74  SASDIFSV - ok
12:15:56.0198 0x0d74  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:15:56.0198 0x0d74  SASKUTIL - ok
12:15:56.0214 0x0d74  sbp2port - ok
12:15:56.0214 0x0d74  SCardSvr - ok
12:15:56.0214 0x0d74  ScDeviceEnum - ok
12:15:56.0214 0x0d74  scfilter - ok
12:15:56.0214 0x0d74  Schedule - ok
12:15:56.0229 0x0d74  SCPolicySvc - ok
12:15:56.0229 0x0d74  sdbus - ok
12:15:56.0229 0x0d74  SDRSVC - ok
12:15:56.0229 0x0d74  sdstor - ok
12:15:56.0229 0x0d74  seclogon - ok
12:15:56.0229 0x0d74  SENS - ok
12:15:56.0229 0x0d74  SensorDataService - ok
12:15:56.0246 0x0d74  SensorService - ok
12:15:56.0248 0x0d74  SensrSvc - ok
12:15:56.0250 0x0d74  SerCx - ok
12:15:56.0251 0x0d74  SerCx2 - ok
12:15:56.0251 0x0d74  Serenum - ok
12:15:56.0251 0x0d74  Serial - ok
12:15:56.0251 0x0d74  sermouse - ok
12:15:56.0267 0x0d74  SessionEnv - ok
12:15:56.0267 0x0d74  sfloppy - ok
12:15:56.0267 0x0d74  SharedAccess - ok
12:15:56.0267 0x0d74  ShellHWDetection - ok
12:15:56.0267 0x0d74  SiSRaid2 - ok
12:15:56.0283 0x0d74  SiSRaid4 - ok
12:15:56.0283 0x0d74  smphost - ok
12:15:56.0283 0x0d74  SmsRouter - ok
12:15:56.0283 0x0d74  SNMPTRAP - ok
12:15:56.0283 0x0d74  spaceport - ok
12:15:56.0298 0x0d74  SpbCx - ok
12:15:56.0314 0x0d74  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\SysWOW64\speedfan.sys
12:15:56.0329 0x0d74  speedfan - ok
12:15:56.0329 0x0d74  Spooler - ok
12:15:56.0329 0x0d74  sppsvc - ok
12:15:56.0429 0x0d74  [ AB3558A087FA03861162F8DE9B681AE8, ACEBE679C31BD9238D1836C38F2433C47FF1C7E8B4F8248404F5D14DE5014A37 ] SRTSP           C:\WINDOWS\System32\Drivers\NAVx64\1605050.00F\SRTSP64.SYS
12:15:56.0452 0x0d74  SRTSP - ok
12:15:56.0468 0x0d74  [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX          C:\WINDOWS\system32\drivers\NAVx64\1605050.00F\SRTSPX64.SYS
12:15:56.0483 0x0d74  SRTSPX - ok
12:15:56.0483 0x0d74  srv - ok
12:15:56.0483 0x0d74  srv2 - ok
12:15:56.0483 0x0d74  srvnet - ok
12:15:56.0483 0x0d74  SSDPSRV - ok
12:15:56.0483 0x0d74  SstpSvc - ok
12:15:56.0499 0x0d74  StateRepository - ok
12:15:56.0499 0x0d74  stexstor - ok
12:15:56.0499 0x0d74  stisvc - ok
12:15:56.0499 0x0d74  storahci - ok
12:15:56.0499 0x0d74  storflt - ok
12:15:56.0514 0x0d74  stornvme - ok
12:15:56.0514 0x0d74  storqosflt - ok
12:15:56.0514 0x0d74  StorSvc - ok
12:15:56.0514 0x0d74  storufs - ok
12:15:56.0514 0x0d74  storvsc - ok
12:15:56.0514 0x0d74  svsvc - ok
12:15:56.0514 0x0d74  swenum - ok
12:15:56.0567 0x0d74  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:15:56.0599 0x0d74  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
12:15:56.0599 0x0d74  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
12:15:56.0669 0x0d74  swprv - ok
12:15:56.0731 0x0d74  [ 6F227CF9E64364578E2DABD1EF6E51A4, D5223B441A319D4C57FDBEA9BFBB8E5C95CA6F7B6AE6F4029BCE84A5CCE51B33 ] SymEFASI        C:\WINDOWS\system32\drivers\NAVx64\1605050.00F\SYMEFASI64.SYS
12:15:56.0768 0x0d74  SymEFASI - ok
12:15:56.0799 0x0d74  [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM         C:\WINDOWS\system32\drivers\NAVx64\1605050.00F\SymELAM.sys
12:15:56.0831 0x0d74  SymELAM - ok
12:15:56.0852 0x0d74  [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
12:15:56.0852 0x0d74  SymEvent - ok
12:15:56.0868 0x0d74  [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON         C:\WINDOWS\system32\drivers\NAVx64\1605050.00F\Ironx64.SYS
12:15:56.0883 0x0d74  SymIRON - ok
12:15:56.0899 0x0d74  [ 751C968945EFD42469FE52D6CE384196, 3386681036909F60A249951009822190EFB1C390D2F46E7EFE44893F28D0F31C ] SymNetS         C:\WINDOWS\System32\Drivers\NAVx64\1605050.00F\SYMNETS.SYS
12:15:56.0915 0x0d74  SymNetS - ok
12:15:56.0930 0x0d74  Synth3dVsc - ok
12:15:56.0947 0x0d74  SysMain - ok
12:15:56.0952 0x0d74  SystemEventsBroker - ok
12:15:56.0952 0x0d74  TabletInputService - ok
12:15:56.0952 0x0d74  TapiSrv - ok
12:15:56.0983 0x0d74  Tcpip - ok
12:15:56.0983 0x0d74  Tcpip6 - ok
12:15:56.0999 0x0d74  tcpipreg - ok
12:15:56.0999 0x0d74  tdx - ok
12:15:56.0999 0x0d74  terminpt - ok
12:15:56.0999 0x0d74  TermService - ok
12:15:56.0999 0x0d74  Themes - ok
12:15:57.0015 0x0d74  TieringEngineService - ok
12:15:57.0015 0x0d74  tiledatamodelsvc - ok
12:15:57.0015 0x0d74  TimeBroker - ok
12:15:57.0015 0x0d74  TPM - ok
12:15:57.0015 0x0d74  TrkWks - ok
12:15:57.0049 0x0d74  TrustedInstaller - ok
12:15:57.0052 0x0d74  tsusbflt - ok
12:15:57.0052 0x0d74  TsUsbGD - ok
12:15:57.0052 0x0d74  tunnel - ok
12:15:57.0052 0x0d74  tzautoupdate - ok
12:15:57.0052 0x0d74  uagp35 - ok
12:15:57.0052 0x0d74  UASPStor - ok
12:15:57.0052 0x0d74  UcmCx0101 - ok
12:15:57.0052 0x0d74  UcmUcsi - ok
12:15:57.0052 0x0d74  Ucx01000 - ok
12:15:57.0052 0x0d74  UdeCx - ok
12:15:57.0068 0x0d74  udfs - ok
12:15:57.0068 0x0d74  UEFI - ok
12:15:57.0068 0x0d74  Ufx01000 - ok
12:15:57.0068 0x0d74  UfxChipidea - ok
12:15:57.0068 0x0d74  ufxsynopsys - ok
12:15:57.0068 0x0d74  UI0Detect - ok
12:15:57.0068 0x0d74  uliagpkx - ok
12:15:57.0068 0x0d74  umbus - ok
12:15:57.0083 0x0d74  UmPass - ok
12:15:57.0083 0x0d74  UmRdpService - ok
12:15:57.0083 0x0d74  UnistoreSvc - ok
12:15:57.0099 0x0d74  upnphost - ok
12:15:57.0099 0x0d74  UrsChipidea - ok
12:15:57.0099 0x0d74  UrsCx01000 - ok
12:15:57.0099 0x0d74  UrsSynopsys - ok
12:15:57.0099 0x0d74  usbccgp - ok
12:15:57.0099 0x0d74  usbcir - ok
12:15:57.0099 0x0d74  usbehci - ok
12:15:57.0099 0x0d74  usbhub - ok
12:15:57.0115 0x0d74  USBHUB3 - ok
12:15:57.0115 0x0d74  usbohci - ok
12:15:57.0115 0x0d74  usbprint - ok
12:15:57.0115 0x0d74  usbser - ok
12:15:57.0115 0x0d74  USBSTOR - ok
12:15:57.0115 0x0d74  usbuhci - ok
12:15:57.0115 0x0d74  USBXHCI - ok
12:15:57.0115 0x0d74  UserDataSvc - ok
12:15:57.0130 0x0d74  UserManager - ok
12:15:57.0151 0x0d74  UsoSvc - ok
12:15:57.0153 0x0d74  VaultSvc - ok
12:15:57.0153 0x0d74  vdrvroot - ok
12:15:57.0153 0x0d74  vds - ok
12:15:57.0153 0x0d74  VerifierExt - ok
12:15:57.0153 0x0d74  vhdmp - ok
12:15:57.0153 0x0d74  vhf - ok
12:15:57.0153 0x0d74  vmbus - ok
12:15:57.0153 0x0d74  VMBusHID - ok
12:15:57.0168 0x0d74  vmicguestinterface - ok
12:15:57.0168 0x0d74  vmicheartbeat - ok
12:15:57.0168 0x0d74  vmickvpexchange - ok
12:15:57.0168 0x0d74  vmicrdv - ok
12:15:57.0168 0x0d74  vmicshutdown - ok
12:15:57.0184 0x0d74  vmictimesync - ok
12:15:57.0184 0x0d74  vmicvmsession - ok
12:15:57.0184 0x0d74  vmicvss - ok
12:15:57.0184 0x0d74  volmgr - ok
12:15:57.0184 0x0d74  volmgrx - ok
12:15:57.0184 0x0d74  volsnap - ok
12:15:57.0184 0x0d74  vpci - ok
12:15:57.0184 0x0d74  vsmraid - ok
12:15:57.0184 0x0d74  VSS - ok
12:15:57.0200 0x0d74  VSTXRAID - ok
12:15:57.0200 0x0d74  vwifibus - ok
12:15:57.0200 0x0d74  vwififlt - ok
12:15:57.0200 0x0d74  W32Time - ok
12:15:57.0200 0x0d74  WacomPen - ok
12:15:57.0200 0x0d74  WalletService - ok
12:15:57.0200 0x0d74  wanarp - ok
12:15:57.0200 0x0d74  wanarpv6 - ok
12:15:57.0215 0x0d74  wbengine - ok
12:15:57.0215 0x0d74  WbioSrvc - ok
12:15:57.0215 0x0d74  Wcmsvc - ok
12:15:57.0215 0x0d74  wcncsvc - ok
12:15:57.0215 0x0d74  WcsPlugInService - ok
12:15:57.0215 0x0d74  WdBoot - ok
12:15:57.0215 0x0d74  Wdf01000 - ok
12:15:57.0215 0x0d74  WdFilter - ok
12:15:57.0215 0x0d74  WdiServiceHost - ok
12:15:57.0231 0x0d74  WdiSystemHost - ok
12:15:57.0231 0x0d74  wdiwifi - ok
12:15:57.0231 0x0d74  WdNisDrv - ok
12:15:57.0253 0x0d74  WdNisSvc - ok
12:15:57.0253 0x0d74  WebClient - ok
12:15:57.0253 0x0d74  Wecsvc - ok
12:15:57.0253 0x0d74  WEPHOSTSVC - ok
12:15:57.0253 0x0d74  wercplsupport - ok
12:15:57.0253 0x0d74  WerSvc - ok
12:15:57.0253 0x0d74  WFPLWFS - ok
12:15:57.0269 0x0d74  WiaRpc - ok
12:15:57.0269 0x0d74  WIMMount - ok
12:15:57.0269 0x0d74  WinDefend - ok
12:15:57.0269 0x0d74  WindowsTrustedRT - ok
12:15:57.0269 0x0d74  WindowsTrustedRTProxy - ok
12:15:57.0284 0x0d74  WinHttpAutoProxySvc - ok
12:15:57.0284 0x0d74  WinMad - ok
12:15:57.0316 0x0d74  Winmgmt - ok
12:15:57.0316 0x0d74  WinRM - ok
12:15:57.0331 0x0d74  WINUSB - ok
12:15:57.0331 0x0d74  WinVerbs - ok
12:15:57.0331 0x0d74  WlanSvc - ok
12:15:57.0331 0x0d74  wlidsvc - ok
12:15:57.0331 0x0d74  WmiAcpi - ok
12:15:57.0331 0x0d74  wmiApSrv - ok
12:15:57.0353 0x0d74  WMPNetworkSvc - ok
12:15:57.0353 0x0d74  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:15:57.0369 0x0d74  Wof - ok
12:15:57.0369 0x0d74  workfolderssvc - ok
12:15:57.0384 0x0d74  wpcfltr - ok
12:15:57.0384 0x0d74  WPDBusEnum - ok
12:15:57.0384 0x0d74  WpdUpFltr - ok
12:15:57.0384 0x0d74  WpnService - ok
12:15:57.0384 0x0d74  ws2ifsl - ok
12:15:57.0384 0x0d74  wscsvc - ok
12:15:57.0384 0x0d74  WSearch - ok
12:15:57.0384 0x0d74  WSService - ok
12:15:57.0400 0x0d74  wuauserv - ok
12:15:57.0400 0x0d74  WudfPf - ok
12:15:57.0400 0x0d74  WUDFRd - ok
12:15:57.0400 0x0d74  wudfsvc - ok
12:15:57.0416 0x0d74  WUDFWpdFs - ok
12:15:57.0416 0x0d74  WwanSvc - ok
12:15:57.0431 0x0d74  XblAuthManager - ok
12:15:57.0431 0x0d74  XblGameSave - ok
12:15:57.0431 0x0d74  xboxgip - ok
12:15:57.0431 0x0d74  XboxNetApiSvc - ok
12:15:57.0431 0x0d74  xinputhid - ok
12:15:57.0469 0x0d74  ================ Scan global ===============================
12:15:57.0500 0x0d74  [ Global ] - ok
12:15:57.0500 0x0d74  ================ Scan MBR ==================================
12:15:57.0516 0x0d74  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:15:57.0601 0x0d74  \Device\Harddisk0\DR0 - ok
12:15:57.0601 0x0d74  ================ Scan VBR ==================================
12:15:57.0632 0x0d74  [ A74176DE677190B70C9C016A4E27493B ] \Device\Harddisk0\DR0\Partition1
12:15:57.0686 0x0d74  \Device\Harddisk0\DR0\Partition1 - ok
12:15:57.0701 0x0d74  [ 68AD7D235A379390C49A9F41FE0D0917 ] \Device\Harddisk0\DR0\Partition2
12:15:57.0756 0x0d74  \Device\Harddisk0\DR0\Partition2 - ok
12:15:57.0771 0x0d74  [ 538681D68B4E20E1EE9BCC5AC1B5A738 ] \Device\Harddisk0\DR0\Partition3
12:15:57.0771 0x0d74  \Device\Harddisk0\DR0\Partition3 - ok
12:15:57.0771 0x0d74  [ 66CA5CA7220D9FE5448B9C28AB314892 ] \Device\Harddisk0\DR0\Partition4
12:15:57.0818 0x0d74  \Device\Harddisk0\DR0\Partition4 - ok
12:15:57.0834 0x0d74  [ EF9533D6307CC9E6889DAB718F3F674F ] \Device\Harddisk0\DR0\Partition5
12:15:57.0852 0x0d74  \Device\Harddisk0\DR0\Partition5 - ok
12:15:57.0852 0x0d74  ================ Scan generic autorun ======================
12:15:58.0186 0x0d74  [ 493ABE82E781DC998DCA299CE0CA9F50, 9FA0FBC03058802848B6D73B609C14C80F4764A79EB305D2CC0D76F3EDC88765 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:15:58.0373 0x0d74  RTHDVCPL - ok
12:15:58.0442 0x0d74  [ 3429E299485DAA041082DB099D5367E8, 4C3A1030954CC8E3DCFDAE7DF37EC2B4604974EDDE4B954A66F87BB987999AD4 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:15:58.0458 0x0d74  AdobeAAMUpdater-1.0 - ok
12:15:58.0511 0x0d74  [ 906228F9D1EE46B0FFA06D8349EEC39E, 8B93D19C16C29A8F9938A0323477F38F6363D1DB78542F47C1BB21463B071B33 ] C:\Program Files\Eraser\Eraser.exe
12:15:58.0542 0x0d74  Eraser - ok
12:15:58.0558 0x0d74  [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe
12:15:58.0574 0x0d74  iTunesHelper - ok
12:15:58.0674 0x0d74  [ 4C6AAABB264526A9C845A39AEBB79B69, B27F869E8B44CC5F1F9ADCA53AA848C16D706587ED9C7F995AE59BF9B0426523 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
12:15:58.0696 0x0d74  StartCCC - ok
12:15:58.0711 0x0d74  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:15:58.0727 0x0d74  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
12:15:58.0727 0x0d74  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
12:15:58.0774 0x0d74  [ D5B783DACE1BBDD382A63C894BAB8E1E, 20BA7479B3BE8AC7771AA91DB9C4F3B46DADDFF9C48627A5C7C460546DD20AF3 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
12:15:58.0793 0x0d74  AdobeCS5ServiceManager - ok
12:15:58.0827 0x0d74  OneDriveSetup - ok
12:15:58.0827 0x0d74  OneDriveSetup - ok
12:15:58.0911 0x0d74  [ FC040252FB2AA74545D8B17FE9CD4D78, 5517B34263A25E5460E09635D5B593D0551EF35C3DC94BFBE3E5B4F12D9C20E6 ] C:\Users\Ian\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:15:58.0958 0x0d74  OneDrive - ok
12:15:59.0143 0x0d74  [ CE1DEC053DA24927E89D9AA196D31281, 39DD431CFCD10AA4E176062E33A0262FEE5806E192B37037C97439B1CEF232C8 ] C:\Program Files\CCleaner\CCleaner64.exe
12:15:59.0271 0x0d74  CCleaner Monitoring - ok
12:15:59.0312 0x0d74  [ 0912387D3B5414C7300E67A0663B8268, B0D1470435871CA0E8F56BCDF44548DA2BEB3AB68D33BC9430E0FBCB2B9D33AB ] C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe
12:15:59.0359 0x0d74  BlazeServoTool - detected UnsignedFile.Multi.Generic ( 1 )
12:15:59.0359 0x0d74  BlazeServoTool ( UnsignedFile.Multi.Generic ) - warning
12:15:59.0427 0x0d74  [ 4FD2C311A7878C5B9BCBD878CB0C2826, 16D143123CA3C1922CAC5BEE975317F1E01929146B2598375EAD19A5B61375C9 ] C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
12:15:59.0458 0x0d74  BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
12:15:59.0496 0x0d74  AV detected via SS2: Norton AntiVirus, C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.5.15\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated )
12:15:59.0496 0x0d74  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
12:15:59.0496 0x0d74  Win FW state via NFP2: enabled ( trusted )
12:15:59.0496 0x0d74  ============================================================
12:15:59.0496 0x0d74  Scan finished
12:15:59.0496 0x0d74  ============================================================
12:15:59.0512 0x0998  Detected object count: 4
12:15:59.0512 0x0998  Actual detected object count: 4
12:17:55.0022 0x0998  Intel® Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:55.0022 0x0998  Intel® Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:17:55.0022 0x0998  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:55.0022 0x0998  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:17:55.0022 0x0998  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:55.0022 0x0998  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:17:55.0022 0x0998  BlazeServoTool ( UnsignedFile.Multi.Generic ) - skipped by user
12:17:55.0022 0x0998  BlazeServoTool ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:18:11.0975 0x0474  Deinitialize success
 
 

ADWCleaner Logfile

 

# AdwCleaner v5.028 - Logfile created 07/01/2016 at 12:25:20
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Ian - DESKTOP-0B7J1CH
# Running from : C:\Users\Ian\Downloads\AdwCleaner (1).exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [662 bytes] ##########

 

 
 
Farbar Service Scanner Logfile
 
Farbar Service Scanner Version: 03-01-2016
Ran by Ian (administrator) on 07-01-2016 at 12:34:52
Running from "C:\Users\Ian\Desktop"
Microsoft Windows 10 Home  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Disabled. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
 
MiniToolBox Logfile
 
MiniToolBox by Farbar  Version: 02-11-2015
Ran by Ian (administrator) on 07-01-2016 at 12:36:03
Running from "C:\Users\Ian\Desktop"
Microsoft Windows 10 Home  (X64)
Model: B85M-D3H Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 t3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 ood.opsource.net
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.com
127.0.0.1 tpractivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp
127.0.0.1 practivate.adobe.ipp
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.wip.adobe.com
127.0.0.1 ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com
 
There are 156 entries.
 
========================= IP Configuration: ================================
 
HUAWEI Mobile Connect - 3G Network Card = Ethernet 23 (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Ethernet 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 31" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 29" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 30" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 15" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 7" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 28" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 10" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 21" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 14" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 22" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 16" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 17" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 20" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 6" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 8" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 5" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 27" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 18" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 19" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 24" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 25" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 26" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : DESKTOP-0B7J1CH
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : FC-AA-14-98-F2-45
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet 23:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : HUAWEI Mobile Connect - 3G Network Card #22
   Physical Address. . . . . . . . . : 00-1E-10-1F-2D-A4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::108a:1b9a:d8d6:6cb6%15(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.64.216.62(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.252
   Lease Obtained. . . . . . . . . . : Thursday, 7 January 2016 12:27:39 PM
   Lease Expires . . . . . . . . . . : Thursday, 7 January 2016 2:27:39 PM
   Default Gateway . . . . . . . . . : 10.64.216.61
   DHCP Server . . . . . . . . . . . : 10.64.216.61
   DHCPv6 IAID . . . . . . . . . . . : 671096336
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-66-3F-69-FC-AA-14-98-F2-45
   DNS Servers . . . . . . . . . . . : 211.29.132.12
                                       198.142.0.51
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{8429D9C8-A4E3-40F2-BDEA-A50733B0DE1C}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:3ceb:7cd:ce49:fc9f(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3ceb:7cd:ce49:fc9f%11(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 687865856
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-66-3F-69-FC-AA-14-98-F2-45
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dns.mas.optusnet.com.au
Address:  211.29.132.12
 
Name:    google.com
Addresses:  2404:6800:4003:804::200e
 198.142.187.35
 198.142.187.34
 198.142.187.49
 198.142.187.55
 198.142.187.40
 198.142.187.54
 198.142.187.39
 198.142.187.25
 198.142.187.20
 198.142.187.29
 198.142.187.59
 198.142.187.50
 198.142.187.24
 198.142.187.30
 198.142.187.45
 198.142.187.44
 
 
Pinging google.com [198.142.187.49] with 32 bytes of data:
Reply from 198.142.187.49: bytes=32 time=170ms TTL=52
Reply from 198.142.187.49: bytes=32 time=107ms TTL=52
 
Ping statistics for 198.142.187.49:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 107ms, Maximum = 170ms, Average = 138ms
Server:  dns.mas.optusnet.com.au
Address:  211.29.132.12
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=276ms TTL=38
Reply from 206.190.36.45: bytes=32 time=324ms TTL=38
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 276ms, Maximum = 324ms, Average = 300ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 30...fc aa 14 98 f2 45 ......Realtek PCIe GBE Family Controller
 15...00 1e 10 1f 2d a4 ......HUAWEI Mobile Connect - 3G Network Card #22
  1...........................Software Loopback Interface 1
  2...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     10.64.216.61     10.64.216.62     40
     10.64.216.60  255.255.255.252         On-link      10.64.216.62    296
     10.64.216.62  255.255.255.255         On-link      10.64.216.62    296
     10.64.216.63  255.255.255.255         On-link      10.64.216.62    296
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      10.64.216.62    296
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      10.64.216.62    296
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 11    306 2001::/32                On-link
 11    306 2001:0:9d38:90d7:3ceb:7cd:ce49:fc9f/128
                                    On-link
 15    296 fe80::/64                On-link
 11    306 fe80::/64                On-link
 15    296 fe80::108a:1b9a:d8d6:6cb6/128
                                    On-link
 11    306 fe80::3ceb:7cd:ce49:fc9f/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    296 ff00::/8                 On-link
 11    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/07/2016 12:26:51 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialised.
 
 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (01/07/2016 12:26:51 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialised.
 
Context: Windows Application
 
 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (01/07/2016 12:26:51 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialised.
 
Context: Windows Application, SystemIndex Catalogue
 
 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (01/07/2016 12:26:51 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialised.
 
Context: Windows Application, SystemIndex Catalogue
 
 
Details:
The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)
 
Error: (01/07/2016 12:26:50 PM) (Source: Windows Search Service) (User: )
Description: The plug-in manager <Search.TripoliIndexer> cannot be initialised.
 
Context: Windows Application
 
 
Details:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
 
Error: (01/07/2016 12:26:50 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalogue is corrupt.   0xc0041801 (0xc0041801)
 
Error: (01/07/2016 12:26:49 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4810 - base\appmodel\search\search\ytrip\common\util\jetutil.cpp (203)}. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
0x8e5e0210 (0x8e5e0210)
 
Error: (01/07/2016 12:26:49 PM) (Source: ESENT) (User: )
Description: SearchIndexer (5176) Windows: Error -1811 (0xfffff8ed) occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00029.log.
 
Error: (01/07/2016 12:07:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
 
Error: (01/07/2016 12:07:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
 
 
System errors:
=============
Error: (01/07/2016 12:26:55 PM) (Source: DCOM) (User: DESKTOP-0B7J1CH)
Description: 1053WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (01/07/2016 12:26:55 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (01/07/2016 12:26:55 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
 
Error: (01/07/2016 12:26:51 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (01/07/2016 12:26:51 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following service-specific error: 
%%2147749126
 
Error: (01/07/2016 12:25:34 PM) (Source: Service Control Manager) (User: )
Description: The User Data Access_1ddbddc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/07/2016 12:25:34 PM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_1ddbddc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/07/2016 12:25:34 PM) (Source: Service Control Manager) (User: )
Description: The Contact Data_1ddbddc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/07/2016 12:25:34 PM) (Source: Service Control Manager) (User: )
Description: The Sync Host_1ddbddc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/07/2016 12:25:34 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2016-01-06 09:22:26.349
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\Windows\System32\DriverStore\FileRepository\c0184226.inf_amd64_eb001f342f546331\B184718\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-06 09:22:26.342
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\Windows\System32\DriverStore\FileRepository\c0184226.inf_amd64_eb001f342f546331\B184718\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-06 09:22:26.334
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\Windows\System32\DriverStore\FileRepository\c0184226.inf_amd64_eb001f342f546331\B184718\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-06 09:22:26.325
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\Windows\System32\DriverStore\FileRepository\c0184226.inf_amd64_eb001f342f546331\B184718\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-06 09:22:26.313
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\Windows\System32\DriverStore\FileRepository\c0184226.inf_amd64_eb001f342f546331\B184718\atikmdag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-06 09:22:26.110
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\Windows\System32\DriverStore\FileRepository\c0184226.inf_amd64_eb001f342f546331\B184718\atikmdag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-06 09:22:25.918
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\Windows\System32\DriverStore\FileRepository\c0184226.inf_amd64_eb001f342f546331\B184718\atikmdag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-06 09:22:25.747
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\Windows\System32\DriverStore\FileRepository\c0184226.inf_amd64_eb001f342f546331\B184718\atikmdag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-06 09:21:08.043
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\Windows\System32\WinBioPlugIns\winbiostorageadapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-06 09:21:08.038
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows.old\Windows\System32\WinBioPlugIns\winbiostorageadapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
Acrobat X Suite (HKLM-x32\...\{3F41BA46-09C3-4500-96D7-DC4390AD0124}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft PhotoStudio 2000 (HKLM-x32\...\ArcSoft PhotoStudio 2000) (Version:  - )
BlazeDTV 6.0 (HKLM-x32\...\BlazeDTV 6.0_is1) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon MP610 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series) (Version:  - )
Canon MP640 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series) (Version:  - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.2.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Driver Support (HKLM-x32\...\DriverSupport) (Version: 10.1.2.41 - PC Drivers HeadQuarters LP)
Eraser 6.2.0.2969 (HKLM\...\{66AB13EA-E7D2-4CFC-9B66-8E9EE44C89EE}) (Version: 6.2.2969 - The Eraser Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Macrium Reflect Home Edition (HKLM\...\{017ED74E-8088-4765-8876-A250B3A1470C}) (Version: 6.1.1000 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Home Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0015-0000-0000-0000000FF1CE}_AccessR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Access 2007 (HKLM-x32\...\AccessR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.2.0 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 en-GB)) (Version: 38.2.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM-x32\...\{8C6CB33A-AA86-446C-8C4D-304A7FA51033}) (Version: 8.10.380 - Nero AG)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 22.5.5.15 - Symantec Corporation)
Optus Wireless Broadband (HKLM-x32\...\Optus Wireless Broadband) (Version: 11.300.05.02.74 - Huawei Technologies Co.,Ltd)
Outlook Express 6 (HKLM-x32\...\Outlook Express 6) (Version:  - )
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
RogueKiller version 11 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 11 - Adlice Software)
Spell Checker For OE 2.1 (HKLM-x32\...\Spell Checker For OE 2.1) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0015-0000-0000-0000000FF1CE}_AccessR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinX DVD Author 6.3.6 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - DigiartySoft, Inc.)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 12%
Total physical RAM: 16329.94 MB
Available physical RAM: 14296.21 MB
Total Virtual: 18761.94 MB
Available Virtual: 16590.07 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows 10) (Fixed) (Total:930.52 GB) (Free:869.04 GB) NTFS
2 Drive d: (Optus Wireless) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\DESKTOP-0B7J1CH
 
Administrator            DefaultAccount           Guest                    
Ian                      
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
 
**** End of log ****


#4 Bollywood

Bollywood
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 06 January 2016 - 09:54 PM

Postscript: I have turned off Windows updating temporarily, in case you are wondering about that.



#5 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:49 PM

Posted 12 January 2016 - 05:59 AM

Hi apologies for not responding sooner. I received your PM to me. I plan to review what you have provided later today and provide the next steps

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:49 PM

Posted 13 January 2016 - 04:34 PM

Hi

 

:step1:

You have run an old version of FSS.

Please delete this, and download the latest version to your desktop

Then run it again via the same instructions as before, and paste the full contents of the log.

 

:step2:

I see from your hosts file, there are multiple entries for adobe.

This is a way of circumventing licensing for adobe software - which may be illegal.

Please follow "Resetting the Hosts File to Microsoft Defaults" here

 

:step3:

Follow the instructions under option 3 (Run SFC /SCANNOW Command in Windows 10) and option 5 (To View Only the "SFC" Scan Results from the CBS.LOG) here

Then post the full contents of the log file in your next reply.

 

:step4:

How is the computer running now?


Edited by dev00790, 13 January 2016 - 04:34 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 Bollywood

Bollywood
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 13 January 2016 - 06:24 PM

I have a problem. Step 2. When I right click in the "Drivers etc." folder and click "New", the only option I have is "Folder".

 

Step 1. Log file here:

 

Farbar Service Scanner Version: 03-01-2016
Ran by  (administrator) on 14-01-2016 at 09:13:47
Running from "C:\Users\Ian\Desktop"
Microsoft Windows 10 Home  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Disabled. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****


#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:49 PM

Posted 13 January 2016 - 06:56 PM

Hi

I have a problem. Step 2. When I right click in the "Drivers etc." folder and click "New", the only option I have is "Folder".

Ok instead open the hosts file via notepad as per the instructions:
 

Open the hosts file with a text editor like notepad. Hosts will not have a file extension.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 Bollywood

Bollywood
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 14 January 2016 - 02:24 AM

Step 1: In Post #7

 

Step 3: SFC Scan results:

 

2016-01-14 16:11:20, Info                  CSI    0000000a [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:20, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:24, Info                  CSI    00000070 [SR] Verify complete
2016-01-14 16:11:24, Info                  CSI    00000071 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:24, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:26, Info                  CSI    000000d7 [SR] Verify complete
2016-01-14 16:11:26, Info                  CSI    000000d8 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:26, Info                  CSI    000000d9 [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:27, Info                  CSI    0000013e [SR] Verify complete
2016-01-14 16:11:28, Info                  CSI    0000013f [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:28, Info                  CSI    00000140 [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:32, Info                  CSI    000001a5 [SR] Verify complete
2016-01-14 16:11:32, Info                  CSI    000001a6 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:32, Info                  CSI    000001a7 [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:36, Info                  CSI    0000020c [SR] Verify complete
2016-01-14 16:11:36, Info                  CSI    0000020d [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:36, Info                  CSI    0000020e [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:39, Info                  CSI    00000273 [SR] Verify complete
2016-01-14 16:11:39, Info                  CSI    00000274 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:39, Info                  CSI    00000275 [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:41, Info                  CSI    000002da [SR] Verify complete
2016-01-14 16:11:41, Info                  CSI    000002db [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:41, Info                  CSI    000002dc [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:43, Info                  CSI    00000341 [SR] Verify complete
2016-01-14 16:11:44, Info                  CSI    00000342 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:44, Info                  CSI    00000343 [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:45, Info                  CSI    000003a8 [SR] Verify complete
2016-01-14 16:11:46, Info                  CSI    000003a9 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:46, Info                  CSI    000003aa [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:49, Info                  CSI    00000415 [SR] Verify complete
2016-01-14 16:11:49, Info                  CSI    00000416 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:49, Info                  CSI    00000417 [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:50, Info                  CSI    0000047c [SR] Verify complete
2016-01-14 16:11:50, Info                  CSI    0000047d [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:50, Info                  CSI    0000047e [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:51, Info                  CSI    000004e3 [SR] Verify complete
2016-01-14 16:11:51, Info                  CSI    000004e4 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:51, Info                  CSI    000004e5 [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:53, Info                  CSI    0000054a [SR] Verify complete
2016-01-14 16:11:53, Info                  CSI    0000054b [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:53, Info                  CSI    0000054c [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:54, Info                  CSI    000005bb [SR] Verify complete
2016-01-14 16:11:54, Info                  CSI    000005bc [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:54, Info                  CSI    000005bd [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:55, Info                  CSI    00000622 [SR] Verify complete
2016-01-14 16:11:55, Info                  CSI    00000623 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:55, Info                  CSI    00000624 [SR] Beginning Verify and Repair transaction
2016-01-14 16:11:59, Info                  CSI    00000692 [SR] Verify complete
2016-01-14 16:11:59, Info                  CSI    00000693 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:11:59, Info                  CSI    00000694 [SR] Beginning Verify and Repair transaction
2016-01-14 16:12:05, Info                  CSI    00000710 [SR] Verify complete
2016-01-14 16:12:05, Info                  CSI    00000711 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:12:05, Info                  CSI    00000712 [SR] Beginning Verify and Repair transaction
2016-01-14 16:12:11, Info                  CSI    0000077d [SR] Verify complete
2016-01-14 16:12:11, Info                  CSI    0000077e [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:12:11, Info                  CSI    0000077f [SR] Beginning Verify and Repair transaction
2016-01-14 16:12:15, Info                  CSI    000007ed [SR] Verify complete
2016-01-14 16:12:15, Info                  CSI    000007ee [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:12:15, Info                  CSI    000007ef [SR] Beginning Verify and Repair transaction
2016-01-14 16:12:19, Info                  CSI    0000085c [SR] Verify complete
2016-01-14 16:12:19, Info                  CSI    0000085d [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:12:19, Info                  CSI    0000085e [SR] Beginning Verify and Repair transaction
2016-01-14 16:12:25, Info                  CSI    000008c3 [SR] Verify complete
2016-01-14 16:12:25, Info                  CSI    000008c4 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:12:25, Info                  CSI    000008c5 [SR] Beginning Verify and Repair transaction
2016-01-14 16:12:30, Info                  CSI    0000092c [SR] Verify complete
2016-01-14 16:12:30, Info                  CSI    0000092d [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:12:30, Info                  CSI    0000092e [SR] Beginning Verify and Repair transaction
2016-01-14 16:12:31, Info                  CSI    00000993 [SR] Verify complete
2016-01-14 16:12:32, Info                  CSI    00000994 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:12:32, Info                  CSI    00000995 [SR] Beginning Verify and Repair transaction
2016-01-14 16:12:41, Info                  CSI    000009fd [SR] Verify complete
2016-01-14 16:12:41, Info                  CSI    000009fe [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:12:41, Info                  CSI    000009ff [SR] Beginning Verify and Repair transaction
2016-01-14 16:12:49, Info                  CSI    00000a84 [SR] Verify complete
2016-01-14 16:12:49, Info                  CSI    00000a85 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:12:49, Info                  CSI    00000a86 [SR] Beginning Verify and Repair transaction
2016-01-14 16:12:54, Info                  CSI    00000af9 [SR] Verify complete
2016-01-14 16:12:54, Info                  CSI    00000afa [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:12:54, Info                  CSI    00000afb [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:00, Info                  CSI    00000b8b [SR] Verify complete
2016-01-14 16:13:00, Info                  CSI    00000b8c [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:00, Info                  CSI    00000b8d [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:04, Info                  CSI    00000bfb [SR] Verify complete
2016-01-14 16:13:04, Info                  CSI    00000bfc [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:04, Info                  CSI    00000bfd [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:09, Info                  CSI    00000c6a [SR] Verify complete
2016-01-14 16:13:09, Info                  CSI    00000c6b [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:09, Info                  CSI    00000c6c [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:14, Info                  CSI    00000ce0 [SR] Verify complete
2016-01-14 16:13:14, Info                  CSI    00000ce1 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:14, Info                  CSI    00000ce2 [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:18, Info                  CSI    00000d58 [SR] Verify complete
2016-01-14 16:13:18, Info                  CSI    00000d59 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:18, Info                  CSI    00000d5a [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:23, Info                  CSI    00000dc9 [SR] Verify complete
2016-01-14 16:13:23, Info                  CSI    00000dca [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:23, Info                  CSI    00000dcb [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:27, Info                  CSI    00000e30 [SR] Verify complete
2016-01-14 16:13:27, Info                  CSI    00000e31 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:27, Info                  CSI    00000e32 [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:31, Info                  CSI    00000e9b [SR] Verify complete
2016-01-14 16:13:31, Info                  CSI    00000e9c [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:31, Info                  CSI    00000e9d [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:37, Info                  CSI    00000f19 [SR] Verify complete
2016-01-14 16:13:37, Info                  CSI    00000f1a [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:37, Info                  CSI    00000f1b [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:42, Info                  CSI    00000fb1 [SR] Verify complete
2016-01-14 16:13:43, Info                  CSI    00000fb2 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:43, Info                  CSI    00000fb3 [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:48, Info                  CSI    00001037 [SR] Verify complete
2016-01-14 16:13:49, Info                  CSI    00001038 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:49, Info                  CSI    00001039 [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:55, Info                  CSI    000010c2 [SR] Verify complete
2016-01-14 16:13:55, Info                  CSI    000010c3 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:55, Info                  CSI    000010c4 [SR] Beginning Verify and Repair transaction
2016-01-14 16:13:59, Info                  CSI    00001132 [SR] Verify complete
2016-01-14 16:13:59, Info                  CSI    00001133 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:13:59, Info                  CSI    00001134 [SR] Beginning Verify and Repair transaction
2016-01-14 16:14:03, Info                  CSI    0000119f [SR] Verify complete
2016-01-14 16:14:03, Info                  CSI    000011a0 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:14:03, Info                  CSI    000011a1 [SR] Beginning Verify and Repair transaction
2016-01-14 16:14:09, Info                  CSI    0000121b [SR] Verify complete
2016-01-14 16:14:09, Info                  CSI    0000121c [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:14:09, Info                  CSI    0000121d [SR] Beginning Verify and Repair transaction
2016-01-14 16:14:12, Info                  CSI    00001282 [SR] Verify complete
2016-01-14 16:14:12, Info                  CSI    00001283 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:14:12, Info                  CSI    00001284 [SR] Beginning Verify and Repair transaction
2016-01-14 16:14:14, Info                  CSI    000012e9 [SR] Verify complete
2016-01-14 16:14:15, Info                  CSI    000012ea [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:14:15, Info                  CSI    000012eb [SR] Beginning Verify and Repair transaction
2016-01-14 16:14:20, Info                  CSI    0000135d [SR] Verify complete
2016-01-14 16:14:20, Info                  CSI    0000135e [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:14:20, Info                  CSI    0000135f [SR] Beginning Verify and Repair transaction
2016-01-14 16:14:23, Info                  CSI    000013c5 [SR] Verify complete
2016-01-14 16:14:23, Info                  CSI    000013c6 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:14:23, Info                  CSI    000013c7 [SR] Beginning Verify and Repair transaction
2016-01-14 16:14:28, Info                  CSI    0000143a [SR] Verify complete
2016-01-14 16:14:28, Info                  CSI    0000143b [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:14:28, Info                  CSI    0000143c [SR] Beginning Verify and Repair transaction
2016-01-14 16:14:34, Info                  CSI    000014b6 [SR] Verify complete
2016-01-14 16:14:34, Info                  CSI    000014b7 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:14:34, Info                  CSI    000014b8 [SR] Beginning Verify and Repair transaction
2016-01-14 16:14:38, Info                  CSI    00001522 [SR] Verify complete
2016-01-14 16:14:38, Info                  CSI    00001523 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:14:38, Info                  CSI    00001524 [SR] Beginning Verify and Repair transaction
2016-01-14 16:14:43, Info                  CSI    000015a3 [SR] Verify complete
2016-01-14 16:14:43, Info                  CSI    000015a4 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:14:43, Info                  CSI    000015a5 [SR] Beginning Verify and Repair transaction
2016-01-14 16:14:50, Info                  CSI    00001611 [SR] Verify complete
2016-01-14 16:14:51, Info                  CSI    00001612 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:14:51, Info                  CSI    00001613 [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:00, Info                  CSI    00001683 [SR] Verify complete
2016-01-14 16:15:00, Info                  CSI    00001684 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:00, Info                  CSI    00001685 [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:04, Info                  CSI    000016ea [SR] Verify complete
2016-01-14 16:15:04, Info                  CSI    000016eb [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:04, Info                  CSI    000016ec [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:10, Info                  CSI    0000175c [SR] Verify complete
2016-01-14 16:15:10, Info                  CSI    0000175d [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:10, Info                  CSI    0000175e [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:20, Info                  CSI    000017ed [SR] Verify complete
2016-01-14 16:15:20, Info                  CSI    000017ee [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:20, Info                  CSI    000017ef [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:23, Info                  CSI    00001858 [SR] Verify complete
2016-01-14 16:15:23, Info                  CSI    00001859 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:23, Info                  CSI    0000185a [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:27, Info                  CSI    000018c4 [SR] Verify complete
2016-01-14 16:15:27, Info                  CSI    000018c5 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:27, Info                  CSI    000018c6 [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:30, Info                  CSI    00001935 [SR] Verify complete
2016-01-14 16:15:30, Info                  CSI    00001936 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:30, Info                  CSI    00001937 [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:37, Info                  CSI    000019cf [SR] Verify complete
2016-01-14 16:15:37, Info                  CSI    000019d0 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:37, Info                  CSI    000019d1 [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:40, Info                  CSI    00001a36 [SR] Verify complete
2016-01-14 16:15:40, Info                  CSI    00001a37 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:40, Info                  CSI    00001a38 [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:45, Info                  CSI    00001ab6 [SR] Verify complete
2016-01-14 16:15:45, Info                  CSI    00001ab7 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:45, Info                  CSI    00001ab8 [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:50, Info                  CSI    00001b2e [SR] Verify complete
2016-01-14 16:15:50, Info                  CSI    00001b2f [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:50, Info                  CSI    00001b30 [SR] Beginning Verify and Repair transaction
2016-01-14 16:15:54, Info                  CSI    00001b9b [SR] Verify complete
2016-01-14 16:15:54, Info                  CSI    00001b9c [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:15:54, Info                  CSI    00001b9d [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:01, Info                  CSI    00001c26 [SR] Verify complete
2016-01-14 16:16:01, Info                  CSI    00001c27 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:01, Info                  CSI    00001c28 [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:06, Info                  CSI    00001c9e [SR] Verify complete
2016-01-14 16:16:06, Info                  CSI    00001c9f [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:06, Info                  CSI    00001ca0 [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:10, Info                  CSI    00001d0a [SR] Verify complete
2016-01-14 16:16:10, Info                  CSI    00001d0b [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:10, Info                  CSI    00001d0c [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:14, Info                  CSI    00001d74 [SR] Verify complete
2016-01-14 16:16:14, Info                  CSI    00001d75 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:14, Info                  CSI    00001d76 [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:19, Info                  CSI    00001de6 [SR] Verify complete
2016-01-14 16:16:19, Info                  CSI    00001de7 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:19, Info                  CSI    00001de8 [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:23, Info                  CSI    00001e56 [SR] Verify complete
2016-01-14 16:16:23, Info                  CSI    00001e57 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:23, Info                  CSI    00001e58 [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:26, Info                  CSI    00001ebf [SR] Verify complete
2016-01-14 16:16:26, Info                  CSI    00001ec0 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:26, Info                  CSI    00001ec1 [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:32, Info                  CSI    00001f32 [SR] Verify complete
2016-01-14 16:16:32, Info                  CSI    00001f33 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:32, Info                  CSI    00001f34 [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:36, Info                  CSI    00001f86 [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\System32"\[l:11]"pstorec.dll" from store
2016-01-14 16:16:37, Info                  CSI    00001fac [SR] Verify complete
2016-01-14 16:16:37, Info                  CSI    00001fad [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:37, Info                  CSI    00001fae [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:42, Info                  CSI    00002016 [SR] Verify complete
2016-01-14 16:16:42, Info                  CSI    00002017 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:42, Info                  CSI    00002018 [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:51, Info                  CSI    0000208a [SR] Verify complete
2016-01-14 16:16:51, Info                  CSI    0000208b [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:51, Info                  CSI    0000208c [SR] Beginning Verify and Repair transaction
2016-01-14 16:16:58, Info                  CSI    0000212f [SR] Verify complete
2016-01-14 16:16:58, Info                  CSI    00002130 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:16:58, Info                  CSI    00002131 [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:04, Info                  CSI    0000219f [SR] Verify complete
2016-01-14 16:17:04, Info                  CSI    000021a0 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:04, Info                  CSI    000021a1 [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:08, Info                  CSI    0000220c [SR] Verify complete
2016-01-14 16:17:08, Info                  CSI    0000220d [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:08, Info                  CSI    0000220e [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:13, Info                  CSI    00002280 [SR] Verify complete
2016-01-14 16:17:13, Info                  CSI    00002281 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:13, Info                  CSI    00002282 [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:18, Info                  CSI    000022ee [SR] Verify complete
2016-01-14 16:17:18, Info                  CSI    000022ef [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:18, Info                  CSI    000022f0 [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:24, Info                  CSI    0000235b [SR] Verify complete
2016-01-14 16:17:24, Info                  CSI    0000235c [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:24, Info                  CSI    0000235d [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:28, Info                  CSI    000023c6 [SR] Verify complete
2016-01-14 16:17:28, Info                  CSI    000023c7 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:28, Info                  CSI    000023c8 [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:34, Info                  CSI    0000243e [SR] Verify complete
2016-01-14 16:17:34, Info                  CSI    0000243f [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:34, Info                  CSI    00002440 [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:38, Info                  CSI    000024b3 [SR] Verify complete
2016-01-14 16:17:38, Info                  CSI    000024b4 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:38, Info                  CSI    000024b5 [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:43, Info                  CSI    00002522 [SR] Verify complete
2016-01-14 16:17:43, Info                  CSI    00002523 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:43, Info                  CSI    00002524 [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:46, Info                  CSI    00002590 [SR] Verify complete
2016-01-14 16:17:46, Info                  CSI    00002591 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:46, Info                  CSI    00002592 [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:50, Info                  CSI    00002604 [SR] Verify complete
2016-01-14 16:17:50, Info                  CSI    00002605 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:50, Info                  CSI    00002606 [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:54, Info                  CSI    0000266e [SR] Verify complete
2016-01-14 16:17:54, Info                  CSI    0000266f [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:17:54, Info                  CSI    00002670 [SR] Beginning Verify and Repair transaction
2016-01-14 16:17:59, Info                  CSI    000026d5 [SR] Verify complete
2016-01-14 16:18:00, Info                  CSI    000026d6 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:00, Info                  CSI    000026d7 [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:05, Info                  CSI    00002748 [SR] Verify complete
2016-01-14 16:18:05, Info                  CSI    00002749 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:05, Info                  CSI    0000274a [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:18, Info                  CSI    00002826 [SR] Verify complete
2016-01-14 16:18:18, Info                  CSI    00002827 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:18, Info                  CSI    00002828 [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:21, Info                  CSI    0000288f [SR] Verify complete
2016-01-14 16:18:21, Info                  CSI    00002890 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:21, Info                  CSI    00002891 [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:27, Info                  CSI    0000290d [SR] Verify complete
2016-01-14 16:18:27, Info                  CSI    0000290e [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:27, Info                  CSI    0000290f [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:30, Info                  CSI    00002974 [SR] Verify complete
2016-01-14 16:18:30, Info                  CSI    00002975 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:30, Info                  CSI    00002976 [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:35, Info                  CSI    000029dc [SR] Verify complete
2016-01-14 16:18:35, Info                  CSI    000029dd [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:35, Info                  CSI    000029de [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:39, Info                  CSI    00002a43 [SR] Verify complete
2016-01-14 16:18:39, Info                  CSI    00002a44 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:39, Info                  CSI    00002a45 [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:43, Info                  CSI    00002aab [SR] Verify complete
2016-01-14 16:18:43, Info                  CSI    00002aac [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:43, Info                  CSI    00002aad [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:48, Info                  CSI    00002b13 [SR] Verify complete
2016-01-14 16:18:48, Info                  CSI    00002b14 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:48, Info                  CSI    00002b15 [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:52, Info                  CSI    00002b7b [SR] Verify complete
2016-01-14 16:18:52, Info                  CSI    00002b7c [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:52, Info                  CSI    00002b7d [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:54, Info                  CSI    00002be2 [SR] Verify complete
2016-01-14 16:18:54, Info                  CSI    00002be3 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:54, Info                  CSI    00002be4 [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:57, Info                  CSI    00002c49 [SR] Verify complete
2016-01-14 16:18:57, Info                  CSI    00002c4a [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:57, Info                  CSI    00002c4b [SR] Beginning Verify and Repair transaction
2016-01-14 16:18:59, Info                  CSI    00002cb0 [SR] Verify complete
2016-01-14 16:18:59, Info                  CSI    00002cb1 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:18:59, Info                  CSI    00002cb2 [SR] Beginning Verify and Repair transaction
2016-01-14 16:19:03, Info                  CSI    00002d17 [SR] Verify complete
2016-01-14 16:19:03, Info                  CSI    00002d18 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:19:03, Info                  CSI    00002d19 [SR] Beginning Verify and Repair transaction
2016-01-14 16:19:06, Info                  CSI    00002d9c [SR] Verify complete
2016-01-14 16:19:06, Info                  CSI    00002d9d [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:19:06, Info                  CSI    00002d9e [SR] Beginning Verify and Repair transaction
2016-01-14 16:19:10, Info                  CSI    00002e03 [SR] Verify complete
2016-01-14 16:19:10, Info                  CSI    00002e04 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:19:10, Info                  CSI    00002e05 [SR] Beginning Verify and Repair transaction
2016-01-14 16:19:20, Info                  CSI    00002e6d [SR] Verify complete
2016-01-14 16:19:20, Info                  CSI    00002e6e [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:19:20, Info                  CSI    00002e6f [SR] Beginning Verify and Repair transaction
2016-01-14 16:19:29, Info                  CSI    00002ed4 [SR] Verify complete
2016-01-14 16:19:29, Info                  CSI    00002ed5 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:19:29, Info                  CSI    00002ed6 [SR] Beginning Verify and Repair transaction
2016-01-14 16:19:33, Info                  CSI    00002f3b [SR] Verify complete
2016-01-14 16:19:33, Info                  CSI    00002f3c [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:19:33, Info                  CSI    00002f3d [SR] Beginning Verify and Repair transaction
2016-01-14 16:19:38, Info                  CSI    00002fa3 [SR] Verify complete
2016-01-14 16:19:38, Info                  CSI    00002fa4 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:19:38, Info                  CSI    00002fa5 [SR] Beginning Verify and Repair transaction
2016-01-14 16:19:41, Info                  CSI    0000300a [SR] Verify complete
2016-01-14 16:19:41, Info                  CSI    0000300b [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:19:41, Info                  CSI    0000300c [SR] Beginning Verify and Repair transaction
2016-01-14 16:19:50, Info                  CSI    00003074 [SR] Verify complete
2016-01-14 16:19:50, Info                  CSI    00003075 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:19:50, Info                  CSI    00003076 [SR] Beginning Verify and Repair transaction
2016-01-14 16:19:54, Info                  CSI    000030e3 [SR] Verify complete
2016-01-14 16:19:54, Info                  CSI    000030e4 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:19:54, Info                  CSI    000030e5 [SR] Beginning Verify and Repair transaction
2016-01-14 16:19:57, Info                  CSI    0000314a [SR] Verify complete
2016-01-14 16:19:57, Info                  CSI    0000314b [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:19:57, Info                  CSI    0000314c [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:00, Info                  CSI    000031b1 [SR] Verify complete
2016-01-14 16:20:00, Info                  CSI    000031b2 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:00, Info                  CSI    000031b3 [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:03, Info                  CSI    00003221 [SR] Verify complete
2016-01-14 16:20:03, Info                  CSI    00003222 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:03, Info                  CSI    00003223 [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:07, Info                  CSI    0000328c [SR] Verify complete
2016-01-14 16:20:07, Info                  CSI    0000328d [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:07, Info                  CSI    0000328e [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:09, Info                  CSI    000032f3 [SR] Verify complete
2016-01-14 16:20:09, Info                  CSI    000032f4 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:09, Info                  CSI    000032f5 [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:12, Info                  CSI    0000335a [SR] Verify complete
2016-01-14 16:20:12, Info                  CSI    0000335b [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:12, Info                  CSI    0000335c [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:14, Info                  CSI    000033c1 [SR] Verify complete
2016-01-14 16:20:14, Info                  CSI    000033c2 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:14, Info                  CSI    000033c3 [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:18, Info                  CSI    00003428 [SR] Verify complete
2016-01-14 16:20:18, Info                  CSI    00003429 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:18, Info                  CSI    0000342a [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:23, Info                  CSI    0000349d [SR] Verify complete
2016-01-14 16:20:24, Info                  CSI    0000349e [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:24, Info                  CSI    0000349f [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:28, Info                  CSI    00003510 [SR] Verify complete
2016-01-14 16:20:28, Info                  CSI    00003511 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:28, Info                  CSI    00003512 [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:32, Info                  CSI    0000358d [SR] Verify complete
2016-01-14 16:20:32, Info                  CSI    0000358e [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:32, Info                  CSI    0000358f [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:37, Info                  CSI    000035f9 [SR] Verify complete
2016-01-14 16:20:37, Info                  CSI    000035fa [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:37, Info                  CSI    000035fb [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:42, Info                  CSI    00003671 [SR] Verify complete
2016-01-14 16:20:42, Info                  CSI    00003672 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:42, Info                  CSI    00003673 [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:47, Info                  CSI    000036da [SR] Verify complete
2016-01-14 16:20:47, Info                  CSI    000036db [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:47, Info                  CSI    000036dc [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:50, Info                  CSI    00003742 [SR] Verify complete
2016-01-14 16:20:50, Info                  CSI    00003743 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:50, Info                  CSI    00003744 [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:53, Info                  CSI    000037aa [SR] Verify complete
2016-01-14 16:20:53, Info                  CSI    000037ab [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:53, Info                  CSI    000037ac [SR] Beginning Verify and Repair transaction
2016-01-14 16:20:56, Info                  CSI    00003819 [SR] Verify complete
2016-01-14 16:20:56, Info                  CSI    0000381a [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:20:56, Info                  CSI    0000381b [SR] Beginning Verify and Repair transaction
2016-01-14 16:21:02, Info                  CSI    000038a3 [SR] Verify complete
2016-01-14 16:21:02, Info                  CSI    000038a4 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:21:02, Info                  CSI    000038a5 [SR] Beginning Verify and Repair transaction
2016-01-14 16:21:08, Info                  CSI    00003910 [SR] Verify complete
2016-01-14 16:21:08, Info                  CSI    00003911 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:21:08, Info                  CSI    00003912 [SR] Beginning Verify and Repair transaction
2016-01-14 16:21:14, Info                  CSI    0000399e [SR] Verify complete
2016-01-14 16:21:14, Info                  CSI    0000399f [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:21:14, Info                  CSI    000039a0 [SR] Beginning Verify and Repair transaction
2016-01-14 16:21:19, Info                  CSI    00003a20 [SR] Verify complete
2016-01-14 16:21:19, Info                  CSI    00003a21 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:21:19, Info                  CSI    00003a22 [SR] Beginning Verify and Repair transaction
2016-01-14 16:21:24, Info                  CSI    00003a93 [SR] Verify complete
2016-01-14 16:21:24, Info                  CSI    00003a94 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:21:24, Info                  CSI    00003a95 [SR] Beginning Verify and Repair transaction
2016-01-14 16:21:29, Info                  CSI    00003b04 [SR] Verify complete
2016-01-14 16:21:29, Info                  CSI    00003b05 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:21:29, Info                  CSI    00003b06 [SR] Beginning Verify and Repair transaction
2016-01-14 16:21:33, Info                  CSI    00003b3f [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:11]"pstorec.dll" from store
2016-01-14 16:21:34, Info                  CSI    00003b73 [SR] Verify complete
2016-01-14 16:21:34, Info                  CSI    00003b74 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:21:34, Info                  CSI    00003b75 [SR] Beginning Verify and Repair transaction
2016-01-14 16:21:39, Info                  CSI    00003bf4 [SR] Verify complete
2016-01-14 16:21:39, Info                  CSI    00003bf5 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:21:39, Info                  CSI    00003bf6 [SR] Beginning Verify and Repair transaction
2016-01-14 16:21:45, Info                  CSI    00003c69 [SR] Verify complete
2016-01-14 16:21:45, Info                  CSI    00003c6a [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:21:45, Info                  CSI    00003c6b [SR] Beginning Verify and Repair transaction
2016-01-14 16:21:50, Info                  CSI    00003ce3 [SR] Verify complete
2016-01-14 16:21:50, Info                  CSI    00003ce4 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:21:50, Info                  CSI    00003ce5 [SR] Beginning Verify and Repair transaction
2016-01-14 16:21:55, Info                  CSI    00003d5b [SR] Verify complete
2016-01-14 16:21:55, Info                  CSI    00003d5c [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:21:55, Info                  CSI    00003d5d [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:05, Info                  CSI    00003e64 [SR] Verify complete
2016-01-14 16:22:05, Info                  CSI    00003e65 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:05, Info                  CSI    00003e66 [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:10, Info                  CSI    00003ecf [SR] Verify complete
2016-01-14 16:22:10, Info                  CSI    00003ed0 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:10, Info                  CSI    00003ed1 [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:14, Info                  CSI    00003f36 [SR] Verify complete
2016-01-14 16:22:14, Info                  CSI    00003f37 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:14, Info                  CSI    00003f38 [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:17, Info                  CSI    00003f9f [SR] Verify complete
2016-01-14 16:22:17, Info                  CSI    00003fa0 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:17, Info                  CSI    00003fa1 [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:22, Info                  CSI    00004021 [SR] Verify complete
2016-01-14 16:22:22, Info                  CSI    00004022 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:22, Info                  CSI    00004023 [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:27, Info                  CSI    000040ae [SR] Verify complete
2016-01-14 16:22:28, Info                  CSI    000040af [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:28, Info                  CSI    000040b0 [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:32, Info                  CSI    0000411c [SR] Verify complete
2016-01-14 16:22:32, Info                  CSI    0000411d [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:32, Info                  CSI    0000411e [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:36, Info                  CSI    00004184 [SR] Verify complete
2016-01-14 16:22:36, Info                  CSI    00004185 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:36, Info                  CSI    00004186 [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:41, Info                  CSI    00004204 [SR] Verify complete
2016-01-14 16:22:41, Info                  CSI    00004205 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:41, Info                  CSI    00004206 [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:46, Info                  CSI    00004287 [SR] Verify complete
2016-01-14 16:22:46, Info                  CSI    00004288 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:46, Info                  CSI    00004289 [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:52, Info                  CSI    00004304 [SR] Verify complete
2016-01-14 16:22:52, Info                  CSI    00004305 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:52, Info                  CSI    00004306 [SR] Beginning Verify and Repair transaction
2016-01-14 16:22:56, Info                  CSI    0000436f [SR] Verify complete
2016-01-14 16:22:56, Info                  CSI    00004370 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:22:56, Info                  CSI    00004371 [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:01, Info                  CSI    000043e0 [SR] Verify complete
2016-01-14 16:23:01, Info                  CSI    000043e1 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:01, Info                  CSI    000043e2 [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:06, Info                  CSI    00004447 [SR] Verify complete
2016-01-14 16:23:06, Info                  CSI    00004448 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:06, Info                  CSI    00004449 [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:09, Info                  CSI    00004450 [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:12]"inetcomm.dll" from store
2016-01-14 16:23:09, Info                  CSI    00004452 [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:11]"INETRES.dll" from store
2016-01-14 16:23:09, Info                  CSI    0000447a [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:11]"msoert2.dll" from store
2016-01-14 16:23:09, Info                  CSI    0000447c [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:12]"msoeacct.dll" from store
2016-01-14 16:23:09, Info                  CSI    00004486 [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:12]"mapistub.dll" from store
2016-01-14 16:23:09, Info                  CSI    00004488 [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:10]"mapi32.dll" from store
2016-01-14 16:23:10, Info                  CSI    000044bf [SR] Verify complete
2016-01-14 16:23:10, Info                  CSI    000044c0 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:10, Info                  CSI    000044c1 [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:14, Info                  CSI    00004531 [SR] Verify complete
2016-01-14 16:23:14, Info                  CSI    00004532 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:14, Info                  CSI    00004533 [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:19, Info                  CSI    000045b8 [SR] Verify complete
2016-01-14 16:23:19, Info                  CSI    000045b9 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:19, Info                  CSI    000045ba [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:23, Info                  CSI    00004623 [SR] Verify complete
2016-01-14 16:23:23, Info                  CSI    00004624 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:23, Info                  CSI    00004625 [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:26, Info                  CSI    0000468e [SR] Verify complete
2016-01-14 16:23:26, Info                  CSI    0000468f [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:26, Info                  CSI    00004690 [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:31, Info                  CSI    000046f5 [SR] Verify complete
2016-01-14 16:23:31, Info                  CSI    000046f6 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:31, Info                  CSI    000046f7 [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:35, Info                  CSI    00004764 [SR] Verify complete
2016-01-14 16:23:35, Info                  CSI    00004765 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:35, Info                  CSI    00004766 [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:38, Info                  CSI    000047cc [SR] Verify complete
2016-01-14 16:23:38, Info                  CSI    000047cd [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:38, Info                  CSI    000047ce [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:41, Info                  CSI    00004834 [SR] Verify complete
2016-01-14 16:23:42, Info                  CSI    00004835 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:42, Info                  CSI    00004836 [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:45, Info                  CSI    0000489d [SR] Verify complete
2016-01-14 16:23:45, Info                  CSI    0000489e [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:45, Info                  CSI    0000489f [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:50, Info                  CSI    0000490f [SR] Verify complete
2016-01-14 16:23:50, Info                  CSI    00004910 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:50, Info                  CSI    00004911 [SR] Beginning Verify and Repair transaction
2016-01-14 16:23:54, Info                  CSI    00004979 [SR] Verify complete
2016-01-14 16:23:54, Info                  CSI    0000497a [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:23:54, Info                  CSI    0000497b [SR] Beginning Verify and Repair transaction
2016-01-14 16:24:00, Info                  CSI    000049e2 [SR] Verify complete
2016-01-14 16:24:00, Info                  CSI    000049e3 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:24:00, Info                  CSI    000049e4 [SR] Beginning Verify and Repair transaction
2016-01-14 16:24:04, Info                  CSI    00004a49 [SR] Verify complete
2016-01-14 16:24:04, Info                  CSI    00004a4a [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:24:04, Info                  CSI    00004a4b [SR] Beginning Verify and Repair transaction
2016-01-14 16:24:09, Info                  CSI    00004ab0 [SR] Verify complete
2016-01-14 16:24:09, Info                  CSI    00004ab1 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:24:09, Info                  CSI    00004ab2 [SR] Beginning Verify and Repair transaction
2016-01-14 16:24:14, Info                  CSI    00004b18 [SR] Verify complete
2016-01-14 16:24:14, Info                  CSI    00004b19 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:24:14, Info                  CSI    00004b1a [SR] Beginning Verify and Repair transaction
2016-01-14 16:24:16, Info                  CSI    00004b7f [SR] Verify complete
2016-01-14 16:24:16, Info                  CSI    00004b80 [SR] Verifying 100 (0x0000000000000064) components
2016-01-14 16:24:16, Info                  CSI    00004b81 [SR] Beginning Verify and Repair transaction
2016-01-14 16:24:21, Info                  CSI    00004be6 [SR] Verify complete
2016-01-14 16:24:21, Info                  CSI    00004be7 [SR] Verifying 71 (0x0000000000000047) components
2016-01-14 16:24:21, Info                  CSI    00004be8 [SR] Beginning Verify and Repair transaction
2016-01-14 16:24:24, Info                  CSI    00004c30 [SR] Verify complete
2016-01-14 16:24:24, Info                  CSI    00004c31 [SR] Repairing 5 components
2016-01-14 16:24:24, Info                  CSI    00004c32 [SR] Beginning Verify and Repair transaction
2016-01-14 16:24:24, Info                  CSI    00004c34 [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:12]"inetcomm.dll" from store
2016-01-14 16:24:24, Info                  CSI    00004c36 [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:11]"INETRES.dll" from store
2016-01-14 16:24:24, Info                  CSI    00004c39 [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\System32"\[l:11]"pstorec.dll" from store
2016-01-14 16:24:24, Info                  CSI    00004c3c [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:11]"pstorec.dll" from store
2016-01-14 16:24:24, Info                  CSI    00004c3f [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:11]"msoert2.dll" from store
2016-01-14 16:24:24, Info                  CSI    00004c41 [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:12]"msoeacct.dll" from store
2016-01-14 16:24:24, Info                  CSI    00004c44 [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:12]"mapistub.dll" from store
2016-01-14 16:24:24, Info                  CSI    00004c46 [SR] Repairing corrupted file [l:23 ml:24]"\??\C:\WINDOWS\SysWOW64"\[l:10]"mapi32.dll" from store
2016-01-14 16:24:24, Info                  CSI    00004c48 [SR] Repair complete
2016-01-14 16:24:24, Info                  CSI    00004c49 [SR] Committing transaction
2016-01-14 16:24:24, Info                  CSI    00004c4e [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired
 
Step 4: Seems to be running okay so far. I have not had any more ads "courtesy of DNSUnlocker". I did notice all of those dozens of adobe entries. Were they (or some of them) the culprits?

Edited by Bollywood, 14 January 2016 - 02:26 AM.


#10 Bollywood

Bollywood
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 15 January 2016 - 07:25 PM

I have a question. Is it okay to leave all of the above personal information about my computer on this forum page? Anybody can read it. I am concerned that someone could use the information to target my computer in future, or emulate parts of it. It seems to give away a lot of sensitive information relating to internet addresses for example and the names of hard drives and files/processes running on my computer. Can it be deleted?


Edited by Bollywood, 15 January 2016 - 08:24 PM.


#11 Bollywood

Bollywood
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 15 January 2016 - 08:27 PM

I spoke too soon. I am now getting persistent m64.dnsqa.me blocked by Malwarebytes. It seems this has replaced the DNSUnlocker. :smash: Should I open a new thread or continue with this one?



#12 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:49 PM

Posted 17 January 2016 - 09:52 AM

Hi

 

I have a question. Is it okay to leave all of the above personal information about my computer on this forum page? Anybody can read it. I am concerned that someone could use the information to target my computer in future, or emulate parts of it. It seems to give away a lot of sensitive information relating to internet addresses for example and the names of hard drives and files/processes running on my computer. Can it be deleted?

One can ask a moderator to remove the details you don't want after this. - Bear in mind this is a public forum.

 

I spoke too soon. I am now getting persistent m64.dnsqa.me blocked by Malwarebytes. It seems this has replaced the DNSUnlocker. :smash: Should I open a new thread or continue with this one?

Continue with this one for the moment.

 

Ok next:

 

:step1:

Please export the latest Protection log from Malwarebytes Anti-Malware to your Desktop

See https://www.malwarebytes.org/support/guides/mbam/History_AL.html for more information.

 

Post the full contents of the file in your next reply.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#13 Bollywood

Bollywood
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 17 January 2016 - 06:00 PM

Thanks.

 

Is this what you need? I am posting them from the last three days, as I did not appear to have the problem yesterday! Likewise, on the 15/01/2016 I had no problems. When the problem does occur it is like a swarm, effecting every single page I visit.

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Update, 18/01/2016 8:41 AM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, No Internet connection detected, 
Update, 18/01/2016 8:44 AM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Domain Database, 2016.1.16.1, 2016.1.17.1, 
Update, 18/01/2016 8:44 AM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Malware Database, 2016.1.16.5, 2016.1.17.4, 
Protection, 18/01/2016 8:44 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Refresh, Starting, 
Protection, 18/01/2016 8:44 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Stopping, 
Protection, 18/01/2016 8:44 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Stopped, 
Protection, 18/01/2016 8:44 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Refresh, Success, 
Protection, 18/01/2016 8:44 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Starting, 
Protection, 18/01/2016 8:44 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Started, 
Scan, 18/01/2016 8:48 AM, SYSTEM, DESKTOP-0B7J1CH, Context, Start:18/01/2016 8:41 AM, Duration:6 min 58 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, 
 
(end)
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Update, 17/01/2016 8:45 AM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, No Internet connection detected, 
Update, 17/01/2016 8:48 AM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, Unable to access update server, 
Scan, 17/01/2016 8:52 AM, SYSTEM, DESKTOP-0B7J1CH, Context, Start:17/01/2016 8:45 AM, Duration:6 min 29 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, 
Detection, 17/01/2016 11:55 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 53621, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 17/01/2016 11:55 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 53621, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 17/01/2016 11:55 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 53624, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 17/01/2016 12:00 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 53693, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 17/01/2016 12:00 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 53705, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 17/01/2016 12:14 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 54037, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Update, 17/01/2016 12:31 PM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Malware Database, 2016.1.16.2, 2016.1.16.5, 
Protection, 17/01/2016 12:31 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Refresh, Starting, 
Protection, 17/01/2016 12:31 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Stopping, 
Protection, 17/01/2016 12:31 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Stopped, 
Protection, 17/01/2016 12:31 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Refresh, Success, 
Protection, 17/01/2016 12:31 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Starting, 
Protection, 17/01/2016 12:31 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Started, 
Detection, 17/01/2016 12:57 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 54646, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 17/01/2016 12:57 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 54646, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 17/01/2016 12:57 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 54647, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Update, 17/01/2016 1:14 PM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, No Internet connection detected, 
Update, 17/01/2016 1:17 PM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, Unable to access update server, 
Update, 17/01/2016 1:36 PM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, No Internet connection detected, 
Update, 17/01/2016 1:39 PM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, Unable to access update server, 
Protection, 17/01/2016 1:46 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malware Protection, Starting, 
Protection, 17/01/2016 1:46 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malware Protection, Started, 
Protection, 17/01/2016 1:46 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Starting, 
Protection, 17/01/2016 1:46 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Started, 
 
(end)
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Update, 16/01/2016 10:07 AM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, No Internet connection detected, 
Update, 16/01/2016 10:10 AM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Malware Database, 2016.1.15.2, 2016.1.15.8, 
Protection, 16/01/2016 10:10 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Refresh, Starting, 
Protection, 16/01/2016 10:10 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Stopping, 
Protection, 16/01/2016 10:10 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Stopped, 
Protection, 16/01/2016 10:10 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Refresh, Success, 
Protection, 16/01/2016 10:10 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Starting, 
Protection, 16/01/2016 10:10 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Started, 
Scan, 16/01/2016 10:13 AM, SYSTEM, DESKTOP-0B7J1CH, Context, Start:16/01/2016 10:07 AM, Duration:6 min 21 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, 
Detection, 16/01/2016 10:27 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 60368, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 10:27 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 60368, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 10:27 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 60375, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 10:28 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 60669, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 10:29 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 60894, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 10:29 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 61015, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 10:32 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 61427, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 10:32 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 61576, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 10:46 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 61914, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 10:47 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 62092, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 10:47 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 62166, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:20 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 64219, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:22 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 64544, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:22 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 64763, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:23 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 65077, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:25 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 49414, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:29 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 49868, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:34 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 50307, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:34 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 50401, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:36 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 50467, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:37 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 50623, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:37 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 50697, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:39 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 50847, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:39 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 50946, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:40 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 51065, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:41 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 51129, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:42 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 51259, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:43 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 51363, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 11:43 AM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 51514, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 12:24 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 52286, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 12:24 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 52314, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 12:25 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.110, m64.dnsqa.me, 52325, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Update, 16/01/2016 12:40 PM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Domain Database, 2016.1.13.4, 2016.1.16.1, 
Protection, 16/01/2016 12:40 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Refresh, Starting, 
Protection, 16/01/2016 12:40 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Stopping, 
Protection, 16/01/2016 12:40 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Stopped, 
Protection, 16/01/2016 12:40 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Refresh, Success, 
Protection, 16/01/2016 12:40 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Starting, 
Protection, 16/01/2016 12:40 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Started, 
Update, 16/01/2016 1:17 PM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, No Internet connection detected, 
Update, 16/01/2016 1:20 PM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, Unable to access update server, 
Update, 16/01/2016 1:31 PM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, No Internet connection detected, 
Update, 16/01/2016 1:34 PM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Failed, Unable to access update server, 
Detection, 16/01/2016 1:43 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 199.203.131.130, m51.dnsqa.me, 52982, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 1:43 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 199.203.131.130, m51.dnsqa.me, 52982, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 1:43 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 199.203.131.130, m51.dnsqa.me, 52983, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 1:56 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 199.203.131.130, m51.dnsqa.me, 53337, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 5:57 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 53546, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 5:57 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 53546, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 16/01/2016 6:03 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Domain, 82.163.143.31, m73.dnsqa.me, 54380, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Protection, 16/01/2016 6:23 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malware Protection, Starting, 
Protection, 16/01/2016 6:23 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malware Protection, Started, 
Protection, 16/01/2016 6:23 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Starting, 
Protection, 16/01/2016 6:23 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Started, 
Update, 16/01/2016 6:27 PM, SYSTEM, DESKTOP-0B7J1CH, Scheduler, Malware Database, 2016.1.15.8, 2016.1.16.2, 
Protection, 16/01/2016 6:27 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Refresh, Starting, 
Protection, 16/01/2016 6:27 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Stopping, 
Protection, 16/01/2016 6:27 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Stopped, 
Protection, 16/01/2016 6:27 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Refresh, Success, 
Protection, 16/01/2016 6:27 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Starting, 
Protection, 16/01/2016 6:27 PM, SYSTEM, DESKTOP-0B7J1CH, Protection, Malicious Website Protection, Started, 
 
(end)


#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:10:49 PM

Posted 18 January 2016 - 11:22 AM

Ok looks like chrome is trying communicate outbound to three different IP addresses, and each are being blocked by MBAM.

 

 

Next:

 

:step1:

Please follow step 1 on link. Post the full contents of the MBAM log produced referenced in your next reply.

 

:step2:

Please follow step 2 on link. Post the full contents of the HitmanPro log produced referenced in your next reply.

 

:step3:

Please follow step 3 on link. Post the full contents of the Emsisoft Anti-Malware log produced referenced in your next reply.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 Bollywood

Bollywood
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:49 AM

Posted 20 January 2016 - 05:36 AM

Here are the log files. I think the "RunasXp" thing must be a false positive as I got this off what seems to be a reputable website. I am still using Outlook Express and running it as XP. I would like to keep this if possible as I prefer it to other email apps. I recall I downloaded quite a few additional apps to use with the Outlook Express, but have never actually used any of them. The installer file flagged as a Trojan is possibly one of them.

 

Even after running the 3 anti-malware programs I am still experiencing the problem.

 

Note: Some personal info removed by user.
 
 
Step 1:
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 20/01/2016
Scan Time: 5:15 PM
Logfile: 
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.01.20.01
Rootkit Database: v2016.01.09.01
License: 
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: 
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 362772
Time Elapsed: 10 min, 17 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
Step 2:
 
HitmanPro 3.7.12.253
www.hitmanpro.com
 
   Computer name . . . . : DESKTOP
   Windows . . . . . . . : 10.0.0.10586.X64/8
   User name . . . . . . : DESKTOP-I
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : 
   Scan date . . . . . . : 2016-01-20 17:34:38
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 5m 47s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 1
   Traces  . . . . . . . : 2
 
   Objects scanned . . . : 1,632,771
   Files scanned . . . . : 24,480
   Remnants scanned  . . : 407,383 files / 1,200,908 keys
 
Malware _____________________________________________________________________
 
   C:\Users\Ixx\Downloads\SendTo_Intaller.exe -> Quarantined
      Size . . . . . . . : 3,252,224 bytes
      Age  . . . . . . . : 118.1 days (2015-09-24 14:12:27)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 467F83223126796767561CDBA60E6EEF12DE4F2003E347146B90296AFFE585E5
      Product  . . . . . : SendTo
      Publisher  . . . . : Runasxp.com
      Description  . . . : SendTo tool
      Version  . . . . . : 1.00
      Copyright  . . . . : Runasxp.com
      LanguageID . . . . : 1033
    > Bitdefender  . . . : Gen:Trojan.Heur.ZGY.5
      Fuzzy  . . . . . . : 108.0
 
 
Cookies _____________________________________________________________________
 
   C:\Users\Ixx\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
 
 
 
 
Step 3:
 
Emsisoft Anti-Malware - Version 11.0.0.6054
Last update: 20/01/2016 6:45:11 PM
Initiated by: DESKTOP\Ixx
 
Scan settings:
 
Scan type: 
Objects: Rootkits, Memory, Traces, C:\
 
Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 20/01/2016 7:56:08 PM
 
Scanned 381999
Found 0
 
Scan end: 20/01/2016 8:25:10 PM
Scan time: 0:29:02

Edited by Bollywood, 20 January 2016 - 05:38 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users