Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

http://uk.woofi.info/ [Closed]

Started by hellomut , Jun 10 2013 09:55 AM

  • This topic is locked This topic is locked

#46
hellomut
Posted 04 July 2013 - 02:15 AM

hellomut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Hi there here are the logs
OTL logfile created on: 04/07/2013 08:55:49 - Run 11
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\shadbolt\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.50 Gb Total Physical Memory | 0.32 Gb Available Physical Memory | 21.13% Memory free
3.25 Gb Paging File | 1.65 Gb Available in Paging File | 50.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 89.92 Gb Free Space | 60.33% Space Free | Partition Type: NTFS

Computer Name: SHADBOLT-PC | User Name: shadbolt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/18 15:21:11 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/06/15 02:28:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/06/11 21:59:49 | 000,814,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
PRC - [2013/06/11 20:42:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\shadbolt\Desktop\OTL.exe
PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/03/21 09:04:28 | 001,124,184 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2013/03/21 09:04:26 | 002,115,416 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008/09/03 13:11:26 | 000,323,584 | ---- | M] (Inventec Corp.) -- C:\Program Files\FSC\Wireless Utility\Wireless Selector.exe
PRC - [2008/08/12 16:21:12 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/18 15:21:30 | 003,285,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/06/15 02:28:42 | 000,393,168 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll
MOD - [2013/06/15 02:28:40 | 004,051,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013/06/15 02:27:48 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2013/04/03 11:50:23 | 000,557,368 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2012/06/27 14:09:06 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV - [2013/06/18 15:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/15 15:46:26 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/03/21 09:04:28 | 001,124,184 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2013/03/01 13:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/06/13 23:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2008/01/21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\SPIXNEW.SYS -- (SUNPLUS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/06/23 13:00:33 | 000,317,424 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\53984\RapportCerberus32_53984.sys -- (RapportCerberus_53984)
DRV - [2013/03/21 09:04:42 | 000,173,880 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2013/03/21 09:04:42 | 000,102,680 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2013/03/21 09:04:42 | 000,102,008 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2013/01/20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2009/09/05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/01 08:19:18 | 009,825,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/07/22 10:21:08 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/07/15 17:00:06 | 000,016,384 | ---- | M] (Inventec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FSCSLII.sys -- (FSCSLII)
DRV - [2007/12/19 18:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2007/10/31 11:23:00 | 000,124,960 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007/10/31 11:23:00 | 000,115,744 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/09/29 13:30:52 | 000,065,024 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bing.co.uk/ [binary data]
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/07/04 08:51:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shadbolt\AppData\Roaming\Mozilla\Extensions
[2012/08/13 10:11:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/07/04 08:49:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/07/04 08:49:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Docs = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Google Drive = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Search = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/06/13 07:46:51 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Touchpad_Hotkey] C:\Program Files\FSC\Wireless Utility\Touchpad Hotkey.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Wireless_Selector] C:\Program Files\FSC\Wireless Utility\Wireless Selector.exe (Inventec Corp.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{947C342D-E596-4FCA-961C-2CF318C18106}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\shadbolt\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\shadbolt\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/04 08:50:18 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\AppData\Roaming\Mozilla
[2013/07/04 08:50:18 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\AppData\Local\Mozilla
[2013/07/04 08:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/07/04 08:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/07/04 08:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/07/04 08:30:56 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\AppData\Local\Deployment
[2013/06/30 12:29:43 | 000,000,000 | ---D | C] -- C:\MATS
[2013/06/28 20:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/06/28 20:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/06/28 10:32:15 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\Desktop\RK_Quarantine
[2013/06/24 22:28:48 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\Desktop\246fix
[2013/06/13 17:43:46 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/06/13 17:43:02 | 000,000,000 | ---D | C] -- C:\JRT
[2013/06/13 17:25:18 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\shadbolt\Desktop\JRT.exe
[2013/06/13 09:28:39 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\Desktop\reply2
[2013/06/13 09:10:06 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\Desktop\New Folder
[2013/06/13 07:46:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/11 20:42:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\shadbolt\Desktop\OTL.exe
[2013/06/09 17:16:32 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\AppData\Roaming\Malwarebytes
[2013/06/09 17:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/06/09 10:36:32 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\AppData\Local\Apps

========== Files - Modified Within 30 Days ==========

[2013/07/04 08:50:08 | 000,000,870 | ---- | M] () -- C:\Users\shadbolt\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/07/04 08:50:08 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/07/04 08:46:18 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/04 08:44:13 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/04 08:37:05 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/04 08:34:30 | 000,001,995 | ---- | M] () -- C:\Users\shadbolt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/07/04 08:33:55 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/04 08:23:57 | 000,032,156 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2013/07/04 07:38:56 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/04 07:38:56 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/03 21:38:59 | 000,032,156 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013/07/03 21:38:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/03 21:38:41 | 1608,863,744 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/03 21:37:59 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/07/03 21:23:37 | 198,819,387 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/07/03 08:16:24 | 000,002,637 | ---- | M] () -- C:\Users\shadbolt\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk
[2013/06/28 10:32:02 | 000,911,360 | ---- | M] () -- C:\Users\shadbolt\Desktop\RogueKiller.exe
[2013/06/28 09:45:59 | 000,020,558 | ---- | M] () -- C:\Users\shadbolt\Desktop\how-to-remove-malware.htm
[2013/06/23 18:36:37 | 000,000,600 | ---- | M] () -- C:\Users\shadbolt\Desktop\sc-cleaner - Shortcut.lnk
[2013/06/13 17:25:20 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\shadbolt\Desktop\JRT.exe
[2013/06/13 09:32:49 | 000,648,201 | ---- | M] () -- C:\Users\shadbolt\Desktop\AdwCleaner.exe
[2013/06/13 08:44:44 | 000,890,839 | ---- | M] () -- C:\Users\shadbolt\Desktop\SecurityCheck.exe
[2013/06/13 07:46:51 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/06/11 20:42:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\shadbolt\Desktop\OTL.exe

========== Files Created - No Company Name ==========

[2013/07/04 08:50:08 | 000,000,870 | ---- | C] () -- C:\Users\shadbolt\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/07/04 08:50:08 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/07/04 08:50:08 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/07/04 08:33:55 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/04 08:32:28 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/04 08:32:26 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/28 10:31:30 | 000,911,360 | ---- | C] () -- C:\Users\shadbolt\Desktop\RogueKiller.exe
[2013/06/28 09:45:59 | 000,020,558 | ---- | C] () -- C:\Users\shadbolt\Desktop\how-to-remove-malware.htm
[2013/06/23 18:36:37 | 000,000,600 | ---- | C] () -- C:\Users\shadbolt\Desktop\sc-cleaner - Shortcut.lnk
[2013/06/13 09:32:48 | 000,648,201 | ---- | C] () -- C:\Users\shadbolt\Desktop\AdwCleaner.exe
[2013/06/13 08:44:43 | 000,890,839 | ---- | C] () -- C:\Users\shadbolt\Desktop\SecurityCheck.exe
[2012/09/01 18:00:37 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2012/01/13 16:06:11 | 000,036,587 | ---- | C] () -- C:\Windows\unvpeye.ini
[2010/08/06 20:04:07 | 000,013,312 | ---- | C] () -- C:\Users\shadbolt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/04 20:18:37 | 000,032,156 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/08/04 20:14:40 | 000,032,156 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/07/29 20:51:13 | 000,000,680 | ---- | C] () -- C:\Users\shadbolt\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========


========== Purity Check ==========



========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
"DefaultConnectionSettings" = 46 00 00 00 2A 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 CD B7 5F B2 F7 77 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 C0 A8 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 9D 38 6A B8 18 A9 14 A1 3F 57 FF FC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
"SavedLegacySettings" = 46 00 00 00 D7 7A 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 CD B7 5F B2 F7 77 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 C0 A8 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 9D 38 6A B8 18 A9 14 A1 3F 57 FF FC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]

< End of report >
OTL Extras logfile created on: 04/07/2013 08:55:49 - Run 11
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\shadbolt\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.50 Gb Total Physical Memory | 0.32 Gb Available Physical Memory | 21.13% Memory free
3.25 Gb Paging File | 1.65 Gb Available in Paging File | 50.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 89.92 Gb Free Space | 60.33% Space Free | Partition Type: NTFS

Computer Name: SHADBOLT-PC | User Name: shadbolt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1354192852-3371487025-2257261009-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E2C0250-7AE5-4151-9D15-A9C9638063C5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2279B924-6ECC-4CE9-BF51-7B652F4FC377}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{400345B6-B29E-4910-8246-BDADB92C181E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A9FE20C-1B30-4A8E-847F-A43A00F1AA93}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{579A72EB-59EC-46FD-A2B5-ECBA30771282}" = lport=2869 | protocol=6 | dir=in | app=system |
"{602DC809-86EB-44A4-8135-5BED17A8267F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7FBC7D60-5253-421C-9251-37C18545EB81}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9F4A6644-71BB-4034-89F6-9E10527A417C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A3672045-1DBE-45F9-80B6-021638F0C5C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{AD8E8D70-17DF-4681-B982-3F5A231E78E5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CDB0F1D8-C28B-477D-906C-BA6CCE90B56A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D00D35D1-9734-4288-986E-2DC7173960F4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{D26684FB-A868-44B5-8354-C2156AA5F434}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FF4581A9-4EE8-4710-97C5-7E9396E042A8}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C8121B-FCDC-419A-8154-EB3123B99851}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2CD9BDDB-8B78-4151-9EB3-5793FECAA73D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{392851F9-9A6A-4E74-ABA5-30A4807940D2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43F11DEB-C794-4427-8F20-056A82FD7C2E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{446933C3-18A8-4C68-9C4A-518FE23CD91B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{456EE8C0-E3F7-47F2-80AD-02EAE34525F4}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{45F13DB1-72E3-428F-B0A7-7BDE3B2B4306}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{47763EDA-9041-40BC-910F-8E87C27B27A4}" = protocol=6 | dir=out | app=system |
"{58938025-154F-4CEC-9D59-C9B94B728E2D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{651F276D-F903-440F-8CC3-AED091E2D459}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6D1EA845-3ADB-42EE-AEFE-A93511804F57}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F11E426-706C-4075-B863-43FA027E31A2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{92BFA062-E482-4E03-B749-552792D13A4E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A3AA04DA-A246-4820-8326-011BB147C350}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A898AA63-69E7-46C2-9C2E-1B0373E38027}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{B9B87347-76AF-4289-A870-FCF9068BEAAF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BE7B9C89-D908-4201-A37D-A24EED8CBC83}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3849FF0-8057-4224-A7D0-F38E9AC23651}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{FC04C91A-7ADD-4224-B74A-CE3C70F56760}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CADA6C3C-C7B5-47F3-98C5-0900326B2E79}" = Wireless Utility
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Google Chrome" = Google Chrome
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 22.0 (x86 en-GB)" = Mozilla Firefox 22.0 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Rapport_msi" = Rapport
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 30/06/2013 08:24:30 | Computer Name = shadbolt-PC | Source = WinMgmt | ID = 10
Description =

Error - 30/06/2013 08:25:19 | Computer Name = shadbolt-PC | Source = Application Error | ID = 1000
Description =

Error - 30/06/2013 08:59:57 | Computer Name = shadbolt-PC | Source = WinMgmt | ID = 10
Description =

Error - 30/06/2013 09:00:45 | Computer Name = shadbolt-PC | Source = Application Error | ID = 1000
Description =

Error - 02/07/2013 07:15:11 | Computer Name = shadbolt-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/07/2013 07:16:25 | Computer Name = shadbolt-PC | Source = Application Error | ID = 1000
Description =

Error - 03/07/2013 16:34:06 | Computer Name = shadbolt-PC | Source = WinMgmt | ID = 10
Description =

Error - 03/07/2013 16:36:42 | Computer Name = shadbolt-PC | Source = Application Error | ID = 1000
Description =

Error - 03/07/2013 16:40:28 | Computer Name = shadbolt-PC | Source = WinMgmt | ID = 10
Description =

Error - 03/07/2013 16:41:36 | Computer Name = shadbolt-PC | Source = Application Error | ID = 1000
Description =

[ System Events ]
Error - 04/07/2013 04:09:19 | Computer Name = shadbolt-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 04/07/2013 04:09:19 | Computer Name = shadbolt-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/07/2013 04:09:31 | Computer Name = shadbolt-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/07/2013 04:09:31 | Computer Name = shadbolt-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 04/07/2013 04:10:05 | Computer Name = shadbolt-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/07/2013 04:10:05 | Computer Name = shadbolt-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 04/07/2013 04:10:11 | Computer Name = shadbolt-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 04/07/2013 04:10:11 | Computer Name = shadbolt-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/07/2013 04:10:51 | Computer Name = shadbolt-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 04/07/2013 04:10:51 | Computer Name = shadbolt-PC | Source = Service Control Manager | ID = 7023
Description =


< End of report >
Thanks
  • 0

Advertisements

#47
Nutloaf
Posted 05 July 2013 - 06:22 AM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi there Hellomut :)

Nope no joy with the proxy there. I am going for a blast this time. I will check a few more keys and see if there are any Group Policy settings present.

The Proxy issue is new to me and I can't thank you enough for sticking with me through this. I have learned a lot thanks to your patience. Hopefully these scans will give me the information needed.

1. OTL Custom Scan
  • Right click the OTL icon and select Run as Administrator.
  • There are 8 None boxes please check all 8.
  • Copy and paste the following into the Custom Scans\Fixes box without the word Quote.

    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings

  • Now Click Run Scan
  • OTL will now scan your computer and produce a log file OTL.txt
  • Please post in your next reply

2. CMD
  • Click Start and in the search bar type cmd in the list that appears right click CMD and Run as Administrator
  • At the prompt copy and paste the following: gpresult /z >nutlook.txt and Press Enter
  • At the next prompt copy and paste: notepad nutlook.txt a log will be opened in Notepad. I need to see this.

Things I want to see in your next post.
  • Nutlook.txt
  • OTL fix log
  • Chrome and Firefox look clean which is a plus :) Has the Google Update error stopped?

  • 0

#48
hellomut
Posted 05 July 2013 - 08:16 AM

hellomut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Hi here are the logs the CMD one I think is all right would not copy and paste so I typed it in. The google update has gone now.

OTL logfile created on: 05/07/2013 14:58:02 - Run 12
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\shadbolt\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.50 Gb Total Physical Memory | 0.48 Gb Available Physical Memory | 31.85% Memory free
3.25 Gb Paging File | 1.90 Gb Available in Paging File | 58.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 89.39 Gb Free Space | 59.98% Space Free | Partition Type: NTFS

Computer Name: SHADBOLT-PC | User Name: shadbolt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Custom Scans ==========

< HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
"SavedLegacySettings" = 46 00 00 00 7E 00 00 00 03 00 00 00 28 00 00 00 68 74 74 70 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 38 37 37 3B 68 74 74 70 73 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 38 37 37 0C 00 00 00 3C 2D 6C 6F 6F 70 62 61 63 6B 3E 3B 00 00 00 00 00 00 00 00 00 00 00 00 10 31 14 AD FA 30 CB 01 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 0C B0 12 6A 3F 57 FF FC 0E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 D1 66 29 AE 62 F9 2D 8A 0C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 C0 A8 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 5E F5 73 BA 0C B0 12 6A 3F 57 FF FC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
"DefaultConnectionSettings" = 46 00 00 00 09 00 00 00 03 00 00 00 28 00 00 00 68 74 74 70 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 38 37 37 3B 68 74 74 70 73 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 38 37 37 0C 00 00 00 3C 2D 6C 6F 6F 70 62 61 63 6B 3E 3B 00 00 00 00 00 00 00 00 00 00 00 00 10 31 14 AD FA 30 CB 01 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 0C B0 12 6A 3F 57 FF FC 0E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 D1 66 29 AE 62 F9 2D 8A 0C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 C0 A8 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 5E F5 73 BA 0C B0 12 6A 3F 57 FF FC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]

< HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
"SavedLegacySettings" = 46 00 00 00 7E 00 00 00 03 00 00 00 28 00 00 00 68 74 74 70 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 38 37 37 3B 68 74 74 70 73 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 38 37 37 0C 00 00 00 3C 2D 6C 6F 6F 70 62 61 63 6B 3E 3B 00 00 00 00 00 00 00 00 00 00 00 00 10 31 14 AD FA 30 CB 01 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 0C B0 12 6A 3F 57 FF FC 0E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 D1 66 29 AE 62 F9 2D 8A 0C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 C0 A8 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 5E F5 73 BA 0C B0 12 6A 3F 57 FF FC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
"DefaultConnectionSettings" = 46 00 00 00 09 00 00 00 03 00 00 00 28 00 00 00 68 74 74 70 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 38 37 37 3B 68 74 74 70 73 3D 31 32 37 2E 30 2E 30 2E 31 3A 38 38 37 37 0C 00 00 00 3C 2D 6C 6F 6F 70 62 61 63 6B 3E 3B 00 00 00 00 00 00 00 00 00 00 00 00 10 31 14 AD FA 30 CB 01 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 0C B0 12 6A 3F 57 FF FC 0E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 FE 80 00 00 00 00 00 00 D1 66 29 AE 62 F9 2D 8A 0C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 C0 A8 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 5E F5 73 BA 0C B0 12 6A 3F 57 FF FC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]

< HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings >
"User Agent" = Mozilla/4.0 (compatible; MSIE 7.0; Win32)
"IE5_UA_Backup_Flag" = 5.0
"EnableNegotiate" = 1
"ProxyEnable" = 1
"ProxyOverride" = <-loopback>;
"ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones]

< HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings >
"User Agent" = Mozilla/4.0 (compatible; MSIE 7.0; Win32)
"IE5_UA_Backup_Flag" = 5.0
"EnableNegotiate" = 1
"ProxyEnable" = 1
"ProxyOverride" = <-loopback>;
"ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones]

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings >
"EnablePunycode" = 1
"MinorVersion" = 0
"ActiveXCache" = C:\Windows\Downloaded Program Files -- [2013/06/30 12:50:02 | 000,000,000 | --SD | M]
"CodeBaseSearchPath" = CODEBASE
"WarnOnIntranet" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ActiveX Cache]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedBehaviors]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedDragImageExts]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedDragProtocols]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Last Update]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\NoFileLifetimeExtension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Passport]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\PluggableProtocols]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Secure Mime Handlers]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SO]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SOIEAK]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Unattend]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Url History]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones]

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
"WinHttpSettings" = 18 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 [binary data]

< HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings >
"ProxyEnable" = 0

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings >
"ProxyEnable" = 0

< End of report >


Microsoft ® Windows ® Operating System Group Policy Result tool v2.0
Copyright © Microsoft Corp. 1981-2001

Created On 05/07/2013 at 15:07:24



RSOP data for shadbolt-PC\shadbolt on SHADBOLT-PC : Logging Mode
-----------------------------------------------------------------

OS Configuration: Standalone Workstation
OS Version: 6.0.6002
Site Name: N/A
Roaming Profile: N/A
Local Profile: C:\Users\shadbolt
Connected over a slow link?: No


COMPUTER SETTINGS
------------------

Last time Group Policy was applied: 04/07/2013 at 14:59:21
Group Policy was applied from: N/A
Group Policy slow link threshold: 500 kbps
Domain Name: SHADBOLT-PC
Domain Type: <Local Computer>

Applied Group Policy Objects
-----------------------------
N/A

The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
Local Group Policy
Filtering: Not Applied (Empty)

The computer is a part of the following security groups
-------------------------------------------------------
BUILTIN\Administrators
Everyone
NT AUTHORITY\Authenticated Users
System Mandatory Level

Resultant Set Of Policies for Computer
---------------------------------------

Software Installations
----------------------
N/A

Startup Scripts
---------------
N/A

Shutdown Scripts
----------------
N/A

Account Policies
----------------
N/A

Audit Policy
------------
N/A

User Rights
-----------
N/A

Security Options
----------------
N/A

N/A

Event Log Settings
------------------
N/A

Restricted Groups
-----------------
N/A

System Services
---------------
N/A

Registry Settings
-----------------
N/A

File System Settings
--------------------
N/A

Public Key Policies
-------------------
N/A

Administrative Templates
------------------------
N/A


USER SETTINGS
--------------

Last time Group Policy was applied: 04/07/2013 at 14:59:25
Group Policy was applied from: N/A
Group Policy slow link threshold: 500 kbps
Domain Name: shadbolt-PC
Domain Type: <Local Computer>

Applied Group Policy Objects
-----------------------------
N/A

The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
Local Group Policy
Filtering: Not Applied (Empty)

The user is a part of the following security groups
---------------------------------------------------
None
Everyone
BUILTIN\Administrators
BUILTIN\Users
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
This Organization
LOCAL
NTLM Authentication
High Mandatory Level

The user has the following security privileges
----------------------------------------------

Bypass traverse checking
Manage auditing and security log
Back up files and directories
Restore files and directories
Change the system time
Shut down the system
Force shutdown from a remote system
Take ownership of files or other objects
Debug programs
Modify firmware environment values
Profile system performance
Profile single process
Increase scheduling priority
Load and unload device drivers
Create a pagefile
Adjust memory quotas for a process
Remove computer from docking station
Perform volume maintenance tasks
Impersonate a client after authentication
Create global objects
Change the time zone
Create symbolic links
Increase a process working set

Resultant Set Of Policies for User
-----------------------------------

Software Installations
----------------------
N/A

Logon Scripts
-------------
N/A

Logoff Scripts
--------------
N/A

Public Key Policies
-------------------
N/A

Administrative Templates
------------------------
N/A

Folder Redirection
------------------
N/A

Internet Explorer Browser User Interface
----------------------------------------
N/A

Internet Explorer Connection
----------------------------
N/A

Internet Explorer URLs
----------------------
N/A

Internet Explorer Security
--------------------------
N/A

Internet Explorer Programs
--------------------------
N/A
  • 0

#49
Nutloaf
Posted 06 July 2013 - 07:42 AM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi there, thank you so much for typing that report don't know why you had a problem. Copy and paste the line in CMD then it should have opened automatically in notepad, anyway it was important to see those results so thanks again.

The first instructions you have done before but there are some changes this time. 2 boxes for you to check and see if anything appears then uncheck again, it's all in the instructions :)

1. Internet Options
  • Click Start and type Internet Options in the search bar and press Enter
  • Select the Connections Tab then click Lan Settings
    Posted Image
  • Check the Automatically detect settings
  • Check the use automatic configuration script and tell me if anything is seen in the Address box, if so what does it say. Now uncheck that box
  • Under Proxy Server Check the Use a proxy server for your LAN again does anything appear in that Address box. Now uncheck that box IMPORTANT - Was the box already checked?
  • Your now left with the settings as seen above. Click O.K

2. OTL Fix
Open OTL then Copy the entire text in the Quote box below, do not include the word QUOTE and Paste into the Custom Scans/Fixes box in OTL.

:COMMANDS
[CREATERESTOREPOINT]

:REG
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]
"DefaultConnectionSettings"=hex:46,00,00,00,2A,00,00,00,01,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,CD,B7,5F,B2,F7,77,CE,01,00,00,\
00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,C0,A8,00,03,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,17,00,00,00,00,00,00,00,\
20,01,00,00,9D,38,6A,B8,18,A9,14,A1,3F,57,FF,FC,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"SavedLegacySettings"=hex:46,00,00,00,D7,7A,00,00,01,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,CD,B7,5F,B2,F7,77,CE,01,00,00,\
00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,C0,A8,00,03,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,17,00,00,00,00,00,00,00,\
20,01,00,00,9D,38,6A,B8,18,A9,14,A1,3F,57,FF,FC,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00


[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]
"DefaultConnectionSettings"=hex:46,00,00,00,2A,00,00,00,01,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,CD,B7,5F,B2,F7,77,CE,01,00,00,\
00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,C0,A8,00,03,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,17,00,00,00,00,00,00,00,\
20,01,00,00,9D,38,6A,B8,18,A9,14,A1,3F,57,FF,FC,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"SavedLegacySettings"=hex:46,00,00,00,D7,7A,00,00,01,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,CD,B7,5F,B2,F7,77,CE,01,00,00,\
00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,C0,A8,00,03,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,17,00,00,00,00,00,00,00,\
20,01,00,00,9D,38,6A,B8,18,A9,14,A1,3F,57,FF,FC,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00

:OTL
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8877;https=127.0.0.1:8877

:COMMANDS
[REBOOT]

  • Then click Run Fix
  • Click O.K if asked to Reboot. If not then please reboot before moving on with the step 3
  • An OTL fix log will be saved in the following location: C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log - Where mmddyyy _hhmmss is the date and time of fix.
  • Copy and Paste the Fix Log in your next reply.

3. OTL Custom Scan
  • After a Reboot Right click the OTL icon and select Run as Administrator.
  • There are 8 None boxes please check all 8.
  • Copy and paste the following into the Custom Scans\Fixes box without the word Quote.

    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections

  • Now Click Run Scan
  • OTL will now scan your computer and produce a log file OTL.txt
  • Please post in your next reply

Things I want to see in your next post.
  • OTL fix.txt
  • OTL.txt
  • Hopefully no proxy settings :)

  • 0

#50
hellomut
Posted 06 July 2013 - 10:04 AM

hellomut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Hi all done
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== REGISTRY ==========
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\"DefaultConnectionSettings"|hex:46,00,00,00,2A,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,CD,B7,5F,B2,F7,77,CE,01,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,C0,A8,00,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,17,00,00,00,00,00,00,00,20,01,00,00,9D,38,6A,B8,18,A9,14,A1,3F,57,FF,FC,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 /E : value set successfully!
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\"SavedLegacySettings"|hex:46,00,00,00,D7,7A,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,CD,B7,5F,B2,F7,77,CE,01,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,C0,A8,00,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,17,00,00,00,00,00,00,00,20,01,00,00,9D,38,6A,B8,18,A9,14,A1,3F,57,FF,FC,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\"DefaultConnectionSettings"|hex:46,00,00,00,2A,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,CD,B7,5F,B2,F7,77,CE,01,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,C0,A8,00,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,17,00,00,00,00,00,00,00,20,01,00,00,9D,38,6A,B8,18,A9,14,A1,3F,57,FF,FC,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\"SavedLegacySettings"|hex:46,00,00,00,D7,7A,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,04,00,00,00,00,00,00,00,CD,B7,5F,B2,F7,77,CE,01,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,C0,A8,00,03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,17,00,00,00,00,00,00,00,20,01,00,00,9D,38,6A,B8,18,A9,14,A1,3F,57,FF,FC,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 /E : value set successfully!
========== OTL ==========
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 07062013_164302


< HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings >
"User Agent" = Mozilla/4.0 (compatible; MSIE 7.0; Win32)
"IE5_UA_Backup_Flag" = 5.0
"EnableNegotiate" = 1
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones]

< HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings >
"User Agent" = Mozilla/4.0 (compatible; MSIE 7.0; Win32)
"IE5_UA_Backup_Flag" = 5.0
"EnableNegotiate" = 1
"ProxyEnable" = 0

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones]

< HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
"SavedLegacySettings" = 46 00 00 00 D8 7A 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 CD B7 5F B2 F7 77 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 C0 A8 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 9D 38 6A B8 18 A9 14 A1 3F 57 FF FC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
"DefaultConnectionSettings" = 46 00 00 00 2A 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 CD B7 5F B2 F7 77 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 C0 A8 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 9D 38 6A B8 18 A9 14 A1 3F 57 FF FC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]

< HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
"SavedLegacySettings" = 46 00 00 00 D8 7A 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 CD B7 5F B2 F7 77 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 C0 A8 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 9D 38 6A B8 18 A9 14 A1 3F 57 FF FC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]
"DefaultConnectionSettings" = 46 00 00 00 2A 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 CD B7 5F B2 F7 77 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 C0 A8 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 17 00 00 00 00 00 00 00 20 01 00 00 9D 38 6A B8 18 A9 14 A1 3F 57 FF FC 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [Binary data over 200 bytes]

< End of report >
hope these are ok, Thanks
  • 0

#51
Nutloaf
Posted 06 July 2013 - 03:22 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi Hellomut I am just waiting for clearence for my next post :thumbsup:
  • 0

#52
Nutloaf
Posted 06 July 2013 - 03:27 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
:)

I'm getting really excited now seeing all those lovely looking proxy free numbers and letters. Yes, it is sad I know but my smile is a large one. :D

Now the big test. I want an OTL scan and the exact error messages, if possible, for the NetBT and Qos scheduler issue. The drivers that are being queried are present on your machine so I will check
your system files for integrity as well.


1. CMD Prompt
  • Click Start and in the search bar type cmd in the list that appears right click CMD and Run as Administrator
  • At the prompt copy and paste the following: sfc /scannow and press Enter
  • System files will know be checked and repaired if necessary. When complete a message will be displayed. Don't close CMD yet.

    • If no problems were found then ignore the following, Reboot and move on to the OTL scan.
    • If problems were found then I need to see what was or was not repaired, so back to the CMD window and:
    • Copy the following: findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt" and Paste at the CMD prompt and press Enter
    • Close CMD window by clicking the X or by typing Exit Now Reboot the machine.

  • On your Desktop should be an SFCdetails.txt copy and paste in your next reply......Let me know if you have trouble with this it's to long to type :)

2. OTL Scan
  • For the millionth time Right click the OTL icon and select Run as Administrator.
  • Select the following boxes:
  • Scan All Users
  • Use Company-Name WhiteList
  • Skip Microsoft Files
  • Use No-Company-Name WhiteList
  • LOP Check
  • Now Click Run Scan
  • OTL will now scan your computer and produce a log file OTL.txt
  • Please post in your next reply

3. Ancillary Function driver for winsock
  • click Start and in the search bar type Device manager and press Enter
  • Click the little arrow alongside other devices then right click Ancilliay Function driver for windsock and select properties
  • In the General tab what does it say beside Location
  • If its a USB location then the device that is causing the problem will have to be reinstalled.
  • If other location then select the Drivers Tab and select Update Driver and choose Search automatically
  • Let me know what happens.

Things I want to see in your next post.
  • OTL.txt
  • SFCdetails.txt
  • Error Messages?

  • 0

#53
hellomut
Posted 07 July 2013 - 08:55 AM

hellomut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Hi there I think I have all the information for you, start with the last request I did divice manager ran through the thing you said at the end it saidwindows can't find the driver software for device. if you know manufacture go thier web site and check the support section for driver software. I have added an attchment for you to see.IMG_0441.JPG IMG_0442.JPG

2013-07-07 14:11:57, Info CSI 00000006 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:11:57, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:03, Info CSI 00000009 [SR] Verify complete
2013-07-07 14:12:05, Info CSI 0000000a [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:05, Info CSI 0000000b [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:12, Info CSI 0000000d [SR] Verify complete
2013-07-07 14:12:13, Info CSI 0000000e [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:13, Info CSI 0000000f [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:14, Info CSI 00000011 [SR] Verify complete
2013-07-07 14:12:15, Info CSI 00000012 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:15, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:17, Info CSI 00000015 [SR] Verify complete
2013-07-07 14:12:18, Info CSI 00000016 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:18, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:20, Info CSI 00000019 [SR] Verify complete
2013-07-07 14:12:21, Info CSI 0000001a [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:21, Info CSI 0000001b [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:23, Info CSI 0000001d [SR] Verify complete
2013-07-07 14:12:24, Info CSI 0000001e [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:24, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:25, Info CSI 00000021 [SR] Verify complete
2013-07-07 14:12:26, Info CSI 00000022 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:26, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:28, Info CSI 00000025 [SR] Verify complete
2013-07-07 14:12:29, Info CSI 00000026 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:29, Info CSI 00000027 [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:31, Info CSI 00000029 [SR] Verify complete
2013-07-07 14:12:31, Info CSI 0000002a [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:31, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:33, Info CSI 0000002d [SR] Verify complete
2013-07-07 14:12:34, Info CSI 0000002e [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:34, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:36, Info CSI 00000031 [SR] Verify complete
2013-07-07 14:12:37, Info CSI 00000032 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:37, Info CSI 00000033 [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:37, Info CSI 00000034 [SR] Cannot verify component files for 5509d00c13bcd4843a01974b4d9846fa, Version = 7.0.6002.18392, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest may be damaged (TRUE)
2013-07-07 14:12:39, Info CSI 00000036 [SR] Verify complete
2013-07-07 14:12:39, Info CSI 00000037 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:39, Info CSI 00000038 [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:41, Info CSI 0000003a [SR] Verify complete
2013-07-07 14:12:42, Info CSI 0000003b [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:42, Info CSI 0000003c [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:44, Info CSI 0000003e [SR] Verify complete
2013-07-07 14:12:45, Info CSI 0000003f [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:45, Info CSI 00000040 [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:47, Info CSI 00000042 [SR] Verify complete
2013-07-07 14:12:48, Info CSI 00000043 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:48, Info CSI 00000044 [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:50, Info CSI 00000046 [SR] Verify complete
2013-07-07 14:12:51, Info CSI 00000047 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:51, Info CSI 00000048 [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:53, Info CSI 0000004a [SR] Verify complete
2013-07-07 14:12:54, Info CSI 0000004b [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:54, Info CSI 0000004c [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:56, Info CSI 0000004e [SR] Verify complete
2013-07-07 14:12:57, Info CSI 0000004f [SR] Verifying 100 (0x00000064) components
2013-07-07 14:12:57, Info CSI 00000050 [SR] Beginning Verify and Repair transaction
2013-07-07 14:12:59, Info CSI 00000052 [SR] Verify complete
2013-07-07 14:13:00, Info CSI 00000053 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:00, Info CSI 00000054 [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:01, Info CSI 00000056 [SR] Verify complete
2013-07-07 14:13:02, Info CSI 00000057 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:02, Info CSI 00000058 [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:05, Info CSI 0000005a [SR] Verify complete
2013-07-07 14:13:06, Info CSI 0000005b [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:06, Info CSI 0000005c [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:08, Info CSI 0000005e [SR] Verify complete
2013-07-07 14:13:08, Info CSI 0000005f [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:08, Info CSI 00000060 [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:11, Info CSI 00000062 [SR] Verify complete
2013-07-07 14:13:12, Info CSI 00000063 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:12, Info CSI 00000064 [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:14, Info CSI 00000066 [SR] Verify complete
2013-07-07 14:13:14, Info CSI 00000067 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:14, Info CSI 00000068 [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:16, Info CSI 0000006a [SR] Verify complete
2013-07-07 14:13:17, Info CSI 0000006b [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:17, Info CSI 0000006c [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:19, Info CSI 0000006e [SR] Verify complete
2013-07-07 14:13:20, Info CSI 0000006f [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:20, Info CSI 00000070 [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:23, Info CSI 00000072 [SR] Verify complete
2013-07-07 14:13:24, Info CSI 00000073 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:24, Info CSI 00000074 [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:26, Info CSI 00000076 [SR] Verify complete
2013-07-07 14:13:27, Info CSI 00000077 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:27, Info CSI 00000078 [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:29, Info CSI 0000007a [SR] Verify complete
2013-07-07 14:13:30, Info CSI 0000007b [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:30, Info CSI 0000007c [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:33, Info CSI 0000007e [SR] Verify complete
2013-07-07 14:13:34, Info CSI 0000007f [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:34, Info CSI 00000080 [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:41, Info CSI 00000082 [SR] Verify complete
2013-07-07 14:13:41, Info CSI 00000083 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:41, Info CSI 00000084 [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:46, Info CSI 00000086 [SR] Verify complete
2013-07-07 14:13:47, Info CSI 00000087 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:47, Info CSI 00000088 [SR] Beginning Verify and Repair transaction
2013-07-07 14:13:54, Info CSI 0000008b [SR] Verify complete
2013-07-07 14:13:56, Info CSI 0000008c [SR] Verifying 100 (0x00000064) components
2013-07-07 14:13:56, Info CSI 0000008d [SR] Beginning Verify and Repair transaction
2013-07-07 14:14:02, Info CSI 00000090 [SR] Verify complete
2013-07-07 14:14:02, Info CSI 00000091 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:14:02, Info CSI 00000092 [SR] Beginning Verify and Repair transaction
2013-07-07 14:14:08, Info CSI 00000094 [SR] Verify complete
2013-07-07 14:14:08, Info CSI 00000095 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:14:08, Info CSI 00000096 [SR] Beginning Verify and Repair transaction
2013-07-07 14:14:17, Info CSI 0000009a [SR] Verify complete
2013-07-07 14:14:18, Info CSI 0000009b [SR] Verifying 100 (0x00000064) components
2013-07-07 14:14:18, Info CSI 0000009c [SR] Beginning Verify and Repair transaction
2013-07-07 14:14:29, Info CSI 000000a4 [SR] Verify complete
2013-07-07 14:14:29, Info CSI 000000a5 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:14:29, Info CSI 000000a6 [SR] Beginning Verify and Repair transaction
2013-07-07 14:14:36, Info CSI 000000a8 [SR] Verify complete
2013-07-07 14:14:37, Info CSI 000000a9 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:14:37, Info CSI 000000aa [SR] Beginning Verify and Repair transaction
2013-07-07 14:14:43, Info CSI 000000ac [SR] Verify complete
2013-07-07 14:14:44, Info CSI 000000ad [SR] Verifying 100 (0x00000064) components
2013-07-07 14:14:44, Info CSI 000000ae [SR] Beginning Verify and Repair transaction
2013-07-07 14:14:52, Info CSI 000000b0 [SR] Verify complete
2013-07-07 14:14:52, Info CSI 000000b1 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:14:52, Info CSI 000000b2 [SR] Beginning Verify and Repair transaction
2013-07-07 14:15:08, Info CSI 000000b6 [SR] Verify complete
2013-07-07 14:15:09, Info CSI 000000b7 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:15:09, Info CSI 000000b8 [SR] Beginning Verify and Repair transaction
2013-07-07 14:15:23, Info CSI 000000ba [SR] Verify complete
2013-07-07 14:15:23, Info CSI 000000bb [SR] Verifying 100 (0x00000064) components
2013-07-07 14:15:23, Info CSI 000000bc [SR] Beginning Verify and Repair transaction
2013-07-07 14:15:25, Info CSI 000000bd [SR] Cannot verify component files for Microsoft-Windows-Font-TrueType-MSMincho, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest may be damaged (FALSE)
2013-07-07 14:15:42, Info CSI 000000be [SR] Recovered manifest from backup for Microsoft-Windows-Font-TrueType-MSMincho, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral
2013-07-07 14:15:50, Info CSI 000000c0 [SR] Verify complete
2013-07-07 14:15:51, Info CSI 000000c1 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:15:51, Info CSI 000000c2 [SR] Beginning Verify and Repair transaction
2013-07-07 14:16:00, Info CSI 000000c4 [SR] Verify complete
2013-07-07 14:16:01, Info CSI 000000c5 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:16:01, Info CSI 000000c6 [SR] Beginning Verify and Repair transaction
2013-07-07 14:16:04, Info CSI 000000c8 [SR] Verify complete
2013-07-07 14:16:04, Info CSI 000000c9 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:16:04, Info CSI 000000ca [SR] Beginning Verify and Repair transaction
2013-07-07 14:16:08, Info CSI 000000cc [SR] Verify complete
2013-07-07 14:16:09, Info CSI 000000cd [SR] Verifying 100 (0x00000064) components
2013-07-07 14:16:09, Info CSI 000000ce [SR] Beginning Verify and Repair transaction
2013-07-07 14:16:26, Info CSI 000000ec [SR] Verify complete
2013-07-07 14:16:26, Info CSI 000000ed [SR] Verifying 100 (0x00000064) components
2013-07-07 14:16:26, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
2013-07-07 14:16:30, Info CSI 000000f0 [SR] Verify complete
2013-07-07 14:16:30, Info CSI 000000f1 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:16:30, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction
2013-07-07 14:16:36, Info CSI 000000f4 [SR] Verify complete
2013-07-07 14:16:37, Info CSI 000000f5 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:16:37, Info CSI 000000f6 [SR] Beginning Verify and Repair transaction
2013-07-07 14:16:37, Info CSI 000000f7 [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:16:41, Info CSI 000000f8 [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:16:41, Info CSI 000000f9 [SR] This component was referenced by [ml:38{19},l:36{18}]"Windows Foundation"
2013-07-07 14:16:41, Info CSI 000000fa [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"C_20108.NLS"; source file in store is also corrupted
2013-07-07 14:16:41, Info CSI 000000fc [SR] Verify complete
2013-07-07 14:16:42, Info CSI 000000fd [SR] Verifying 100 (0x00000064) components
2013-07-07 14:16:42, Info CSI 000000fe [SR] Beginning Verify and Repair transaction
2013-07-07 14:16:52, Info CSI 00000100 [SR] Verify complete
2013-07-07 14:16:53, Info CSI 00000101 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:16:53, Info CSI 00000102 [SR] Beginning Verify and Repair transaction
2013-07-07 14:17:05, Info CSI 00000105 [SR] Verify complete
2013-07-07 14:17:06, Info CSI 00000106 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:17:06, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
2013-07-07 14:17:10, Info CSI 00000109 [SR] Verify complete
2013-07-07 14:17:11, Info CSI 0000010a [SR] Verifying 100 (0x00000064) components
2013-07-07 14:17:11, Info CSI 0000010b [SR] Beginning Verify and Repair transaction
2013-07-07 14:17:22, Info CSI 0000010d [SR] Verify complete
2013-07-07 14:17:22, Info CSI 0000010e [SR] Verifying 100 (0x00000064) components
2013-07-07 14:17:22, Info CSI 0000010f [SR] Beginning Verify and Repair transaction
2013-07-07 14:17:28, Info CSI 00000111 [SR] Verify complete
2013-07-07 14:17:29, Info CSI 00000112 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:17:29, Info CSI 00000113 [SR] Beginning Verify and Repair transaction
2013-07-07 14:17:36, Info CSI 00000115 [SR] Verify complete
2013-07-07 14:17:37, Info CSI 00000116 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:17:37, Info CSI 00000117 [SR] Beginning Verify and Repair transaction
2013-07-07 14:17:52, Info CSI 0000013c [SR] Verify complete
2013-07-07 14:17:53, Info CSI 0000013d [SR] Verifying 100 (0x00000064) components
2013-07-07 14:17:53, Info CSI 0000013e [SR] Beginning Verify and Repair transaction
2013-07-07 14:18:06, Info CSI 00000140 [SR] Verify complete
2013-07-07 14:18:07, Info CSI 00000141 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:18:07, Info CSI 00000142 [SR] Beginning Verify and Repair transaction
2013-07-07 14:18:32, Info CSI 00000144 [SR] Verify complete
2013-07-07 14:18:32, Info CSI 00000145 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:18:32, Info CSI 00000146 [SR] Beginning Verify and Repair transaction
2013-07-07 14:18:43, Info CSI 00000148 [SR] Verify complete
2013-07-07 14:18:43, Info CSI 00000149 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:18:43, Info CSI 0000014a [SR] Beginning Verify and Repair transaction
2013-07-07 14:18:57, Info CSI 0000014c [SR] Verify complete
2013-07-07 14:18:57, Info CSI 0000014d [SR] Verifying 100 (0x00000064) components
2013-07-07 14:18:57, Info CSI 0000014e [SR] Beginning Verify and Repair transaction
2013-07-07 14:19:00, Info CSI 0000014f [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:19:05, Info CSI 00000150 [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:19:05, Info CSI 00000151 [SR] This component was referenced by [l:160{80}]"Package_25_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-113_neutral_GDR"
2013-07-07 14:19:05, Info CSI 00000152 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"WSDMon.dll"; source file in store is also corrupted
2013-07-07 14:19:05, Info CSI 00000154 [SR] Verify complete
2013-07-07 14:19:06, Info CSI 00000155 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:19:06, Info CSI 00000156 [SR] Beginning Verify and Repair transaction
2013-07-07 14:19:13, Info CSI 00000158 [SR] Verify complete
2013-07-07 14:19:14, Info CSI 00000159 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:19:14, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
2013-07-07 14:19:21, Info CSI 0000015d [SR] Verify complete
2013-07-07 14:19:21, Info CSI 0000015e [SR] Verifying 100 (0x00000064) components
2013-07-07 14:19:21, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2013-07-07 14:19:38, Info CSI 00000161 [SR] Verify complete
2013-07-07 14:19:39, Info CSI 00000162 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:19:39, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2013-07-07 14:19:49, Info CSI 00000165 [SR] Verify complete
2013-07-07 14:19:50, Info CSI 00000166 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:19:50, Info CSI 00000167 [SR] Beginning Verify and Repair transaction
2013-07-07 14:20:00, Info CSI 00000169 [SR] Verify complete
2013-07-07 14:20:01, Info CSI 0000016a [SR] Verifying 100 (0x00000064) components
2013-07-07 14:20:01, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2013-07-07 14:20:17, Info CSI 0000016d [SR] Verify complete
2013-07-07 14:20:18, Info CSI 0000016e [SR] Verifying 100 (0x00000064) components
2013-07-07 14:20:18, Info CSI 0000016f [SR] Beginning Verify and Repair transaction
2013-07-07 14:20:25, Info CSI 00000171 [SR] Verify complete
2013-07-07 14:20:26, Info CSI 00000172 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:20:26, Info CSI 00000173 [SR] Beginning Verify and Repair transaction
2013-07-07 14:20:35, Info CSI 00000176 [SR] Verify complete
2013-07-07 14:20:35, Info CSI 00000177 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:20:35, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2013-07-07 14:20:42, Info CSI 0000017a [SR] Verify complete
2013-07-07 14:20:43, Info CSI 0000017b [SR] Verifying 100 (0x00000064) components
2013-07-07 14:20:43, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2013-07-07 14:20:50, Info CSI 0000017e [SR] Verify complete
2013-07-07 14:20:50, Info CSI 0000017f [SR] Verifying 100 (0x00000064) components
2013-07-07 14:20:50, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2013-07-07 14:21:00, Info CSI 00000182 [SR] Verify complete
2013-07-07 14:21:00, Info CSI 00000183 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:21:00, Info CSI 00000184 [SR] Beginning Verify and Repair transaction
2013-07-07 14:21:10, Info CSI 00000189 [SR] Verify complete
2013-07-07 14:21:11, Info CSI 0000018a [SR] Verifying 100 (0x00000064) components
2013-07-07 14:21:11, Info CSI 0000018b [SR] Beginning Verify and Repair transaction
2013-07-07 14:21:19, Info CSI 0000018d [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 14:21:19, Info CSI 0000018f [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 14:21:19, Info CSI 00000193 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 14:21:19, Info CSI 00000195 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 14:21:20, Info CSI 00000199 [SR] Verify complete
2013-07-07 14:21:21, Info CSI 0000019a [SR] Verifying 100 (0x00000064) components
2013-07-07 14:21:21, Info CSI 0000019b [SR] Beginning Verify and Repair transaction
2013-07-07 14:21:33, Info CSI 0000019d [SR] Verify complete
2013-07-07 14:21:33, Info CSI 0000019e [SR] Verifying 100 (0x00000064) components
2013-07-07 14:21:33, Info CSI 0000019f [SR] Beginning Verify and Repair transaction
2013-07-07 14:21:37, Info CSI 000001a1 [SR] Verify complete
2013-07-07 14:21:38, Info CSI 000001a2 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:21:38, Info CSI 000001a3 [SR] Beginning Verify and Repair transaction
2013-07-07 14:21:46, Info CSI 000001a5 [SR] Verify complete
2013-07-07 14:21:47, Info CSI 000001a6 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:21:47, Info CSI 000001a7 [SR] Beginning Verify and Repair transaction
2013-07-07 14:21:58, Info CSI 000001a9 [SR] Verify complete
2013-07-07 14:21:59, Info CSI 000001aa [SR] Verifying 100 (0x00000064) components
2013-07-07 14:21:59, Info CSI 000001ab [SR] Beginning Verify and Repair transaction
2013-07-07 14:22:06, Info CSI 000001ad [SR] Verify complete
2013-07-07 14:22:07, Info CSI 000001ae [SR] Verifying 100 (0x00000064) components
2013-07-07 14:22:07, Info CSI 000001af [SR] Beginning Verify and Repair transaction
2013-07-07 14:22:29, Info CSI 000001b1 [SR] Verify complete
2013-07-07 14:22:30, Info CSI 000001b2 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:22:30, Info CSI 000001b3 [SR] Beginning Verify and Repair transaction
2013-07-07 14:22:37, Info CSI 000001b5 [SR] Verify complete
2013-07-07 14:22:38, Info CSI 000001b6 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:22:38, Info CSI 000001b7 [SR] Beginning Verify and Repair transaction
2013-07-07 14:22:44, Info CSI 000001b9 [SR] Verify complete
2013-07-07 14:22:45, Info CSI 000001ba [SR] Verifying 100 (0x00000064) components
2013-07-07 14:22:45, Info CSI 000001bb [SR] Beginning Verify and Repair transaction
2013-07-07 14:22:57, Info CSI 000001c6 [SR] Verify complete
2013-07-07 14:22:57, Info CSI 000001c7 [SR] Verifying 44 (0x0000002c) components
2013-07-07 14:22:57, Info CSI 000001c8 [SR] Beginning Verify and Repair transaction
2013-07-07 14:23:00, Info CSI 000001ca [SR] Verify complete
2013-07-07 14:23:00, Info CSI 000001cb [SR] Repairing 6 components
2013-07-07 14:23:00, Info CSI 000001cc [SR] Beginning Verify and Repair transaction
2013-07-07 14:23:00, Info CSI 000001cd [SR] Cannot verify component files for 5509d00c13bcd4843a01974b4d9846fa, Version = 7.0.6002.18392, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest may be damaged (FALSE)
2013-07-07 14:23:00, Info CSI 000001ce [SR] Cannot verify component files for Microsoft-Windows-Font-TrueType-MSMincho, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest may be damaged (TRUE)
2013-07-07 14:23:01, Info CSI 000001cf [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:23:01, Info CSI 000001d0 [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:23:01, Info CSI 000001d2 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 14:23:01, Info CSI 000001d4 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 14:23:01, Info CSI 000001d7 [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:23:01, Info CSI 000001d8 [SR] This component was referenced by [l:160{80}]"Package_25_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-113_neutral_GDR"
2013-07-07 14:23:01, Info CSI 000001d9 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"WSDMon.dll"; source file in store is also corrupted
2013-07-07 14:23:01, Info CSI 000001db [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 14:23:01, Info CSI 000001dd [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 14:23:01, Info CSI 000001e0 [SR] Recovered manifest from backup for Microsoft-Windows-Font-TrueType-MSMincho, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral
2013-07-07 14:23:02, Info CSI 000001e1 [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:23:02, Info CSI 000001e2 [SR] This component was referenced by [ml:38{19},l:36{18}]"Windows Foundation"
2013-07-07 14:23:02, Info CSI 000001e3 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"C_20108.NLS"; source file in store is also corrupted
2013-07-07 14:23:02, Info CSI 000001e5 [SR] Repair complete
2013-07-07 14:23:02, Info CSI 000001e6 [SR] Committing transaction
2013-07-07 14:23:02, Info CSI 000001e7 [SR] Cannot commit interactively, there are boot critical components being repaired
2013-07-07 14:23:02, Info CSI 000001e8 [SR] Repairing 6 components
2013-07-07 14:23:02, Info CSI 000001e9 [SR] Beginning Verify and Repair transaction
2013-07-07 14:23:02, Info CSI 000001ea [SR] Cannot verify component files for 5509d00c13bcd4843a01974b4d9846fa, Version = 7.0.6002.18392, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest may be damaged (FALSE)
2013-07-07 14:23:02, Info CSI 000001eb [SR] Cannot verify component files for Microsoft-Windows-Font-TrueType-MSMincho, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest may be damaged (TRUE)
2013-07-07 14:23:02, Info CSI 000001ec [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:23:02, Info CSI 000001ed [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:23:02, Info CSI 000001ef [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 14:23:02, Info CSI 000001f1 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 14:23:03, Info CSI 000001f4 [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:23:03, Info CSI 000001f5 [SR] This component was referenced by [l:160{80}]"Package_25_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-113_neutral_GDR"
2013-07-07 14:23:03, Info CSI 000001f6 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"WSDMon.dll"; source file in store is also corrupted
2013-07-07 14:23:03, Info CSI 000001f8 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 14:23:03, Info CSI 000001fa [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 14:23:03, Info CSI 000001fd [SR] Recovered manifest from backup for Microsoft-Windows-Font-TrueType-MSMincho, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral
2013-07-07 14:23:03, Info CSI 000001fe [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 14:23:03, Info CSI 000001ff [SR] This component was referenced by [ml:38{19},l:36{18}]"Windows Foundation"
2013-07-07 14:23:03, Info CSI 00000200 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"C_20108.NLS"; source file in store is also corrupted
2013-07-07 14:23:03, Info CSI 00000202 [SR] Repair complete
2013-07-07 14:54:58, Info CSI 0000000c [SR] Verifying 100 (0x00000064) components
2013-07-07 14:54:58, Info CSI 0000000d [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:04, Info CSI 0000000f [SR] Verify complete
2013-07-07 14:55:06, Info CSI 00000010 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:06, Info CSI 00000011 [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:12, Info CSI 00000013 [SR] Verify complete
2013-07-07 14:55:14, Info CSI 00000014 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:14, Info CSI 00000015 [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:15, Info CSI 00000017 [SR] Verify complete
2013-07-07 14:55:17, Info CSI 00000018 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:17, Info CSI 00000019 [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:18, Info CSI 0000001b [SR] Verify complete
2013-07-07 14:55:20, Info CSI 0000001c [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:20, Info CSI 0000001d [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:23, Info CSI 0000001f [SR] Verify complete
2013-07-07 14:55:25, Info CSI 00000020 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:25, Info CSI 00000021 [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:28, Info CSI 00000023 [SR] Verify complete
2013-07-07 14:55:28, Info CSI 00000024 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:28, Info CSI 00000025 [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:30, Info CSI 00000027 [SR] Verify complete
2013-07-07 14:55:31, Info CSI 00000028 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:31, Info CSI 00000029 [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:33, Info CSI 0000002b [SR] Verify complete
2013-07-07 14:55:34, Info CSI 0000002c [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:34, Info CSI 0000002d [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:36, Info CSI 0000002f [SR] Verify complete
2013-07-07 14:55:37, Info CSI 00000030 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:37, Info CSI 00000031 [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:39, Info CSI 00000033 [SR] Verify complete
2013-07-07 14:55:41, Info CSI 00000034 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:41, Info CSI 00000035 [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:42, Info CSI 00000037 [SR] Verify complete
2013-07-07 14:55:43, Info CSI 00000038 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:43, Info CSI 00000039 [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:43, Info CSI 0000003a [SR] Cannot verify component files for 5509d00c13bcd4843a01974b4d9846fa, Version = 7.0.6002.18392, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest may be damaged (TRUE)
2013-07-07 14:55:45, Info CSI 0000003c [SR] Verify complete
2013-07-07 14:55:46, Info CSI 0000003d [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:46, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:48, Info CSI 00000040 [SR] Verify complete
2013-07-07 14:55:49, Info CSI 00000041 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:49, Info CSI 00000042 [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:51, Info CSI 00000044 [SR] Verify complete
2013-07-07 14:55:52, Info CSI 00000045 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:52, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:55, Info CSI 00000048 [SR] Verify complete
2013-07-07 14:55:57, Info CSI 00000049 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:55:57, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2013-07-07 14:55:59, Info CSI 0000004c [SR] Verify complete
2013-07-07 14:56:00, Info CSI 0000004d [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:00, Info CSI 0000004e [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:02, Info CSI 00000050 [SR] Verify complete
2013-07-07 14:56:03, Info CSI 00000051 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:03, Info CSI 00000052 [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:05, Info CSI 00000054 [SR] Verify complete
2013-07-07 14:56:06, Info CSI 00000055 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:06, Info CSI 00000056 [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:08, Info CSI 00000058 [SR] Verify complete
2013-07-07 14:56:09, Info CSI 00000059 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:09, Info CSI 0000005a [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:11, Info CSI 0000005c [SR] Verify complete
2013-07-07 14:56:12, Info CSI 0000005d [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:12, Info CSI 0000005e [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:15, Info CSI 00000060 [SR] Verify complete
2013-07-07 14:56:16, Info CSI 00000061 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:16, Info CSI 00000062 [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:18, Info CSI 00000064 [SR] Verify complete
2013-07-07 14:56:19, Info CSI 00000065 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:19, Info CSI 00000066 [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:22, Info CSI 00000068 [SR] Verify complete
2013-07-07 14:56:23, Info CSI 00000069 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:23, Info CSI 0000006a [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:25, Info CSI 0000006c [SR] Verify complete
2013-07-07 14:56:26, Info CSI 0000006d [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:26, Info CSI 0000006e [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:28, Info CSI 00000070 [SR] Verify complete
2013-07-07 14:56:29, Info CSI 00000071 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:29, Info CSI 00000072 [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:31, Info CSI 00000074 [SR] Verify complete
2013-07-07 14:56:32, Info CSI 00000075 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:32, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:36, Info CSI 00000078 [SR] Verify complete
2013-07-07 14:56:37, Info CSI 00000079 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:37, Info CSI 0000007a [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:39, Info CSI 0000007c [SR] Verify complete
2013-07-07 14:56:40, Info CSI 0000007d [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:40, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:42, Info CSI 00000080 [SR] Verify complete
2013-07-07 14:56:43, Info CSI 00000081 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:43, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:46, Info CSI 00000084 [SR] Verify complete
2013-07-07 14:56:47, Info CSI 00000085 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:47, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2013-07-07 14:56:56, Info CSI 00000088 [SR] Verify complete
2013-07-07 14:56:56, Info CSI 00000089 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:56:56, Info CSI 0000008a [SR] Beginning Verify and Repair transaction
2013-07-07 14:57:01, Info CSI 0000008c [SR] Verify complete
2013-07-07 14:57:02, Info CSI 0000008d [SR] Verifying 100 (0x00000064) components
2013-07-07 14:57:02, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
2013-07-07 14:57:10, Info CSI 00000091 [SR] Verify complete
2013-07-07 14:57:11, Info CSI 00000092 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:57:11, Info CSI 00000093 [SR] Beginning Verify and Repair transaction
2013-07-07 14:57:17, Info CSI 00000096 [SR] Verify complete
2013-07-07 14:57:18, Info CSI 00000097 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:57:18, Info CSI 00000098 [SR] Beginning Verify and Repair transaction
2013-07-07 14:57:23, Info CSI 0000009a [SR] Verify complete
2013-07-07 14:57:24, Info CSI 0000009b [SR] Verifying 100 (0x00000064) components
2013-07-07 14:57:24, Info CSI 0000009c [SR] Beginning Verify and Repair transaction
2013-07-07 14:57:33, Info CSI 000000a0 [SR] Verify complete
2013-07-07 14:57:33, Info CSI 000000a1 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:57:33, Info CSI 000000a2 [SR] Beginning Verify and Repair transaction
2013-07-07 14:57:46, Info CSI 000000aa [SR] Verify complete
2013-07-07 14:57:47, Info CSI 000000ab [SR] Verifying 100 (0x00000064) components
2013-07-07 14:57:47, Info CSI 000000ac [SR] Beginning Verify and Repair transaction
2013-07-07 14:57:55, Info CSI 000000ae [SR] Verify complete
2013-07-07 14:57:56, Info CSI 000000af [SR] Verifying 100 (0x00000064) components
2013-07-07 14:57:56, Info CSI 000000b0 [SR] Beginning Verify and Repair transaction
2013-07-07 14:58:02, Info CSI 000000b2 [SR] Verify complete
2013-07-07 14:58:03, Info CSI 000000b3 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:58:03, Info CSI 000000b4 [SR] Beginning Verify and Repair transaction
2013-07-07 14:58:11, Info CSI 000000b6 [SR] Verify complete
2013-07-07 14:58:11, Info CSI 000000b7 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:58:11, Info CSI 000000b8 [SR] Beginning Verify and Repair transaction
2013-07-07 14:58:26, Info CSI 000000bc [SR] Verify complete
2013-07-07 14:58:27, Info CSI 000000bd [SR] Verifying 100 (0x00000064) components
2013-07-07 14:58:27, Info CSI 000000be [SR] Beginning Verify and Repair transaction
2013-07-07 14:58:42, Info CSI 000000c0 [SR] Verify complete
2013-07-07 14:58:43, Info CSI 000000c1 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:58:43, Info CSI 000000c2 [SR] Beginning Verify and Repair transaction
2013-07-07 14:59:11, Info CSI 000000c4 [SR] Verify complete
2013-07-07 14:59:12, Info CSI 000000c5 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:59:12, Info CSI 000000c6 [SR] Beginning Verify and Repair transaction
2013-07-07 14:59:21, Info CSI 000000c8 [SR] Verify complete
2013-07-07 14:59:21, Info CSI 000000c9 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:59:21, Info CSI 000000ca [SR] Beginning Verify and Repair transaction
2013-07-07 14:59:24, Info CSI 000000cc [SR] Verify complete
2013-07-07 14:59:25, Info CSI 000000cd [SR] Verifying 100 (0x00000064) components
2013-07-07 14:59:25, Info CSI 000000ce [SR] Beginning Verify and Repair transaction
2013-07-07 14:59:29, Info CSI 000000d0 [SR] Verify complete
2013-07-07 14:59:30, Info CSI 000000d1 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:59:30, Info CSI 000000d2 [SR] Beginning Verify and Repair transaction
2013-07-07 14:59:47, Info CSI 000000f0 [SR] Verify complete
2013-07-07 14:59:47, Info CSI 000000f1 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:59:47, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction
2013-07-07 14:59:51, Info CSI 000000f4 [SR] Verify complete
2013-07-07 14:59:52, Info CSI 000000f5 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:59:52, Info CSI 000000f6 [SR] Beginning Verify and Repair transaction
2013-07-07 14:59:58, Info CSI 000000f8 [SR] Verify complete
2013-07-07 14:59:59, Info CSI 000000f9 [SR] Verifying 100 (0x00000064) components
2013-07-07 14:59:59, Info CSI 000000fa [SR] Beginning Verify and Repair transaction
2013-07-07 15:00:00, Info CSI 000000fb [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:00:04, Info CSI 000000fc [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:00:04, Info CSI 000000fd [SR] This component was referenced by [ml:38{19},l:36{18}]"Windows Foundation"
2013-07-07 15:00:04, Info CSI 000000fe [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"C_20108.NLS"; source file in store is also corrupted
2013-07-07 15:00:04, Info CSI 00000100 [SR] Verify complete
2013-07-07 15:00:05, Info CSI 00000101 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:00:05, Info CSI 00000102 [SR] Beginning Verify and Repair transaction
2013-07-07 15:00:17, Info CSI 00000104 [SR] Verify complete
2013-07-07 15:00:18, Info CSI 00000105 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:00:18, Info CSI 00000106 [SR] Beginning Verify and Repair transaction
2013-07-07 15:00:30, Info CSI 00000109 [SR] Verify complete
2013-07-07 15:00:31, Info CSI 0000010a [SR] Verifying 100 (0x00000064) components
2013-07-07 15:00:31, Info CSI 0000010b [SR] Beginning Verify and Repair transaction
2013-07-07 15:00:35, Info CSI 0000010d [SR] Verify complete
2013-07-07 15:00:36, Info CSI 0000010e [SR] Verifying 100 (0x00000064) components
2013-07-07 15:00:36, Info CSI 0000010f [SR] Beginning Verify and Repair transaction
2013-07-07 15:00:48, Info CSI 00000111 [SR] Verify complete
2013-07-07 15:00:48, Info CSI 00000112 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:00:48, Info CSI 00000113 [SR] Beginning Verify and Repair transaction
2013-07-07 15:00:55, Info CSI 00000115 [SR] Verify complete
2013-07-07 15:00:56, Info CSI 00000116 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:00:56, Info CSI 00000117 [SR] Beginning Verify and Repair transaction
2013-07-07 15:01:07, Info CSI 00000119 [SR] Verify complete
2013-07-07 15:01:09, Info CSI 0000011a [SR] Verifying 100 (0x00000064) components
2013-07-07 15:01:09, Info CSI 0000011b [SR] Beginning Verify and Repair transaction
2013-07-07 15:01:51, Info CSI 00000140 [SR] Verify complete
2013-07-07 15:01:53, Info CSI 00000141 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:01:53, Info CSI 00000142 [SR] Beginning Verify and Repair transaction
2013-07-07 15:02:39, Info CSI 00000144 [SR] Verify complete
2013-07-07 15:02:41, Info CSI 00000145 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:02:41, Info CSI 00000146 [SR] Beginning Verify and Repair transaction
2013-07-07 15:03:48, Info CSI 00000148 [SR] Verify complete
2013-07-07 15:03:49, Info CSI 00000149 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:03:49, Info CSI 0000014a [SR] Beginning Verify and Repair transaction
2013-07-07 15:04:01, Info CSI 0000014c [SR] Verify complete
2013-07-07 15:04:01, Info CSI 0000014d [SR] Verifying 100 (0x00000064) components
2013-07-07 15:04:01, Info CSI 0000014e [SR] Beginning Verify and Repair transaction
2013-07-07 15:04:14, Info CSI 00000150 [SR] Verify complete
2013-07-07 15:04:15, Info CSI 00000151 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:04:15, Info CSI 00000152 [SR] Beginning Verify and Repair transaction
2013-07-07 15:04:19, Info CSI 00000153 [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:04:24, Info CSI 00000154 [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:04:24, Info CSI 00000155 [SR] This component was referenced by [l:160{80}]"Package_25_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-113_neutral_GDR"
2013-07-07 15:04:24, Info CSI 00000156 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"WSDMon.dll"; source file in store is also corrupted
2013-07-07 15:04:24, Info CSI 00000158 [SR] Verify complete
2013-07-07 15:04:25, Info CSI 00000159 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:04:25, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
2013-07-07 15:04:32, Info CSI 0000015c [SR] Verify complete
2013-07-07 15:04:33, Info CSI 0000015d [SR] Verifying 100 (0x00000064) components
2013-07-07 15:04:33, Info CSI 0000015e [SR] Beginning Verify and Repair transaction
2013-07-07 15:04:41, Info CSI 00000161 [SR] Verify complete
2013-07-07 15:04:42, Info CSI 00000162 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:04:42, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2013-07-07 15:05:02, Info CSI 00000165 [SR] Verify complete
2013-07-07 15:05:03, Info CSI 00000166 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:05:03, Info CSI 00000167 [SR] Beginning Verify and Repair transaction
2013-07-07 15:05:15, Info CSI 00000169 [SR] Verify complete
2013-07-07 15:05:16, Info CSI 0000016a [SR] Verifying 100 (0x00000064) components
2013-07-07 15:05:16, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2013-07-07 15:05:27, Info CSI 0000016d [SR] Verify complete
2013-07-07 15:05:27, Info CSI 0000016e [SR] Verifying 100 (0x00000064) components
2013-07-07 15:05:27, Info CSI 0000016f [SR] Beginning Verify and Repair transaction
2013-07-07 15:05:45, Info CSI 00000171 [SR] Verify complete
2013-07-07 15:05:46, Info CSI 00000172 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:05:46, Info CSI 00000173 [SR] Beginning Verify and Repair transaction
2013-07-07 15:05:55, Info CSI 00000175 [SR] Verify complete
2013-07-07 15:05:56, Info CSI 00000176 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:05:56, Info CSI 00000177 [SR] Beginning Verify and Repair transaction
2013-07-07 15:06:05, Info CSI 0000017a [SR] Verify complete
2013-07-07 15:06:06, Info CSI 0000017b [SR] Verifying 100 (0x00000064) components
2013-07-07 15:06:06, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2013-07-07 15:06:13, Info CSI 0000017e [SR] Verify complete
2013-07-07 15:06:14, Info CSI 0000017f [SR] Verifying 100 (0x00000064) components
2013-07-07 15:06:14, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2013-07-07 15:06:22, Info CSI 00000182 [SR] Verify complete
2013-07-07 15:06:23, Info CSI 00000183 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:06:23, Info CSI 00000184 [SR] Beginning Verify and Repair transaction
2013-07-07 15:06:32, Info CSI 00000186 [SR] Verify complete
2013-07-07 15:06:33, Info CSI 00000187 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:06:33, Info CSI 00000188 [SR] Beginning Verify and Repair transaction
2013-07-07 15:06:43, Info CSI 0000018d [SR] Verify complete
2013-07-07 15:06:44, Info CSI 0000018e [SR] Verifying 100 (0x00000064) components
2013-07-07 15:06:44, Info CSI 0000018f [SR] Beginning Verify and Repair transaction
2013-07-07 15:06:53, Info CSI 00000191 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 15:06:53, Info CSI 00000193 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 15:06:54, Info CSI 00000197 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 15:06:54, Info CSI 00000199 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 15:06:56, Info CSI 0000019d [SR] Verify complete
2013-07-07 15:06:56, Info CSI 0000019e [SR] Verifying 100 (0x00000064) components
2013-07-07 15:06:56, Info CSI 0000019f [SR] Beginning Verify and Repair transaction
2013-07-07 15:07:10, Info CSI 000001a1 [SR] Verify complete
2013-07-07 15:07:11, Info CSI 000001a2 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:07:11, Info CSI 000001a3 [SR] Beginning Verify and Repair transaction
2013-07-07 15:07:14, Info CSI 000001a5 [SR] Verify complete
2013-07-07 15:07:15, Info CSI 000001a6 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:07:15, Info CSI 000001a7 [SR] Beginning Verify and Repair transaction
2013-07-07 15:07:23, Info CSI 000001a9 [SR] Verify complete
2013-07-07 15:07:24, Info CSI 000001aa [SR] Verifying 100 (0x00000064) components
2013-07-07 15:07:24, Info CSI 000001ab [SR] Beginning Verify and Repair transaction
2013-07-07 15:07:34, Info CSI 000001ad [SR] Verify complete
2013-07-07 15:07:35, Info CSI 000001ae [SR] Verifying 100 (0x00000064) components
2013-07-07 15:07:35, Info CSI 000001af [SR] Beginning Verify and Repair transaction
2013-07-07 15:07:43, Info CSI 000001b1 [SR] Verify complete
2013-07-07 15:07:44, Info CSI 000001b2 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:07:44, Info CSI 000001b3 [SR] Beginning Verify and Repair transaction
2013-07-07 15:08:09, Info CSI 000001b5 [SR] Verify complete
2013-07-07 15:08:09, Info CSI 000001b6 [SR] Verifying 100 (0x00000064) components
2013-07-07 15:08:09, Info CSI 000001b7 [SR] Beginning Verify and Repair transaction
2013-07-07 15:08:17, Info CSI 000001b9 [SR] Verify complete
2013-07-07 15:08:17, Info CSI 000001ba [SR] Verifying 100 (0x00000064) components
2013-07-07 15:08:17, Info CSI 000001bb [SR] Beginning Verify and Repair transaction
2013-07-07 15:08:24, Info CSI 000001bd [SR] Verify complete
2013-07-07 15:08:25, Info CSI 000001be [SR] Verifying 100 (0x00000064) components
2013-07-07 15:08:25, Info CSI 000001bf [SR] Beginning Verify and Repair transaction
2013-07-07 15:08:36, Info CSI 000001ca [SR] Verify complete
2013-07-07 15:08:36, Info CSI 000001cb [SR] Verifying 44 (0x0000002c) components
2013-07-07 15:08:36, Info CSI 000001cc [SR] Beginning Verify and Repair transaction
2013-07-07 15:08:39, Info CSI 000001ce [SR] Verify complete
2013-07-07 15:08:40, Info CSI 000001cf [SR] Repairing 5 components
2013-07-07 15:08:40, Info CSI 000001d0 [SR] Beginning Verify and Repair transaction
2013-07-07 15:08:40, Info CSI 000001d1 [SR] Cannot verify component files for 5509d00c13bcd4843a01974b4d9846fa, Version = 7.0.6002.18392, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest may be damaged (TRUE)
2013-07-07 15:08:40, Info CSI 000001d2 [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:08:40, Info CSI 000001d3 [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:08:40, Info CSI 000001d5 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 15:08:40, Info CSI 000001d7 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 15:08:40, Info CSI 000001da [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:08:40, Info CSI 000001db [SR] This component was referenced by [l:160{80}]"Package_25_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-113_neutral_GDR"
2013-07-07 15:08:40, Info CSI 000001dc [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"WSDMon.dll"; source file in store is also corrupted
2013-07-07 15:08:40, Info CSI 000001de [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 15:08:40, Info CSI 000001e0 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 15:08:40, Info CSI 000001e3 [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:08:40, Info CSI 000001e4 [SR] This component was referenced by [ml:38{19},l:36{18}]"Windows Foundation"
2013-07-07 15:08:40, Info CSI 000001e5 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"C_20108.NLS"; source file in store is also corrupted
2013-07-07 15:08:40, Info CSI 000001e7 [SR] Repair complete
2013-07-07 15:08:40, Info CSI 000001e8 [SR] Committing transaction
2013-07-07 15:08:40, Info CSI 000001e9 [SR] Cannot commit interactively, there are boot critical components being repaired
2013-07-07 15:08:40, Info CSI 000001ea [SR] Repairing 5 components
2013-07-07 15:08:40, Info CSI 000001eb [SR] Beginning Verify and Repair transaction
2013-07-07 15:08:40, Info CSI 000001ec [SR] Cannot verify component files for 5509d00c13bcd4843a01974b4d9846fa, Version = 7.0.6002.18392, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest may be damaged (TRUE)
2013-07-07 15:08:40, Info CSI 000001ed [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:08:40, Info CSI 000001ee [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:08:40, Info CSI 000001f0 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 15:08:40, Info CSI 000001f2 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 15:08:40, Info CSI 000001f5 [SR] Cannot repair member file [l:20{10}]"WSDMon.dll" of Microsoft-Windows-Printing-WSDPortMonitor, Version = 6.0.6002.18005, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:08:40, Info CSI 000001f6 [SR] This component was referenced by [l:160{80}]"Package_25_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.948465-113_neutral_GDR"
2013-07-07 15:08:40, Info CSI 000001f7 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"WSDMon.dll"; source file in store is also corrupted
2013-07-07 15:08:40, Info CSI 000001f9 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-07 15:08:40, Info CSI 000001fb [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-07 15:08:41, Info CSI 000001fe [SR] Cannot repair member file [l:22{11}]"C_20108.NLS" of Microsoft-Windows-International-CodePage-20108, Version = 6.0.6000.16386, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2013-07-07 15:08:41, Info CSI 000001ff [SR] This component was referenced by [ml:38{19},l:36{18}]"Windows Foundation"
2013-07-07 15:08:41, Info CSI 00000200 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"C_20108.NLS"; source file in store is also corrupted
2013-07-07 15:08:41, Info CSI 00000202 [SR] Repair complete

OTL logfile created on: 07/07/2013 15:15:12 - Run 14
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\shadbolt\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.50 Gb Total Physical Memory | 0.74 Gb Available Physical Memory | 49.19% Memory free
3.24 Gb Paging File | 2.47 Gb Available in Paging File | 76.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 89.69 Gb Free Space | 60.18% Space Free | Partition Type: NTFS

Computer Name: SHADBOLT-PC | User Name: shadbolt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/18 16:14:14 | 002,115,864 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2013/06/18 16:14:14 | 001,124,632 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2013/06/11 20:42:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\shadbolt\Desktop\OTL.exe
PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/03/01 13:11:32 | 000,161,384 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Updater\Updater.exe
PRC - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/03 13:11:26 | 000,323,584 | ---- | M] (Inventec Corp.) -- C:\Program Files\FSC\Wireless Utility\Wireless Selector.exe
PRC - [2008/08/12 16:21:12 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/03 11:50:23 | 000,557,368 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2012/06/27 15:09:06 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV - [2013/06/18 16:14:14 | 001,124,632 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2013/06/18 15:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/15 15:46:26 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/03/01 13:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/06/13 23:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2008/01/21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\SPIXNEW.SYS -- (SUNPLUS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{644AFC1B-96DC-4D4C-B4F3-1376923B6424}\MpKsl87662e6d.sys -- (MpKsl87662e6d)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/06/23 13:00:33 | 000,317,424 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\53984\RapportCerberus32_53984.sys -- (RapportCerberus_53984)
DRV - [2013/06/18 16:14:30 | 000,103,120 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2013/06/18 16:14:28 | 000,174,320 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2013/06/18 16:14:28 | 000,102,448 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2013/01/20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010/08/12 12:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2009/09/05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/01 08:19:18 | 009,825,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/07/22 10:21:08 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/07/15 17:00:06 | 000,016,384 | ---- | M] (Inventec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FSCSLII.sys -- (FSCSLII)
DRV - [2007/12/19 18:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2007/10/31 11:23:00 | 000,124,960 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007/10/31 11:23:00 | 000,115,744 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/09/29 13:30:52 | 000,065,024 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bing.co.uk/ [binary data]
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1354192852-3371487025-2257261009-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/07/04 08:51:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\shadbolt\AppData\Roaming\Mozilla\Extensions
[2012/08/13 10:11:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/07/04 08:49:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/07/04 08:49:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\shadbolt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/06/13 07:46:51 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Touchpad_Hotkey] C:\Program Files\FSC\Wireless Utility\Touchpad Hotkey.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Wireless_Selector] C:\Program Files\FSC\Wireless Utility\Wireless Selector.exe (Inventec Corp.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{947C342D-E596-4FCA-961C-2CF318C18106}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\shadbolt\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\shadbolt\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/04 08:50:18 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\AppData\Roaming\Mozilla
[2013/07/04 08:50:18 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\AppData\Local\Mozilla
[2013/07/04 08:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/07/04 08:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/07/04 08:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/07/04 08:30:56 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\AppData\Local\Deployment
[2013/06/30 12:29:43 | 000,000,000 | ---D | C] -- C:\MATS
[2013/06/28 20:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/06/28 20:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/06/28 10:32:15 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\Desktop\RK_Quarantine
[2013/06/24 22:28:48 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\Desktop\246fix
[2013/06/18 16:14:28 | 000,102,448 | ---- | C] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2013/06/13 17:43:46 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/06/13 17:43:02 | 000,000,000 | ---D | C] -- C:\JRT
[2013/06/13 17:25:18 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\shadbolt\Desktop\JRT.exe
[2013/06/13 09:28:39 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\Desktop\reply2
[2013/06/13 09:10:06 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\Desktop\New Folder
[2013/06/13 07:46:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/11 20:42:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\shadbolt\Desktop\OTL.exe
[2013/06/09 17:16:32 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\AppData\Roaming\Malwarebytes
[2013/06/09 17:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/06/09 10:36:32 | 000,000,000 | ---D | C] -- C:\Users\shadbolt\AppData\Local\Apps

========== Files - Modified Within 30 Days ==========

[2013/07/07 15:13:47 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/07 15:13:47 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/07 15:13:44 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/07 15:13:16 | 000,032,156 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2013/07/07 15:13:14 | 000,032,156 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013/07/07 15:12:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/07 15:12:23 | 1608,945,664 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/07 15:11:29 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/07/07 14:46:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/07 14:37:01 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/07 13:55:30 | 000,612,100 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/07/07 13:55:30 | 000,109,516 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/07/07 13:51:10 | 000,108,950 | ---- | M] () -- C:\Users\shadbolt\Desktop\IMG_0442.JPG
[2013/07/07 13:46:38 | 000,113,366 | ---- | M] () -- C:\Users\shadbolt\Desktop\IMG_0441.JPG
[2013/07/06 12:28:48 | 000,002,637 | ---- | M] () -- C:\Users\shadbolt\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk
[2013/07/04 14:59:31 | 000,001,995 | ---- | M] () -- C:\Users\shadbolt\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/07/04 08:50:08 | 000,000,870 | ---- | M] () -- C:\Users\shadbolt\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/07/04 08:50:08 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/07/04 08:33:55 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/03 21:23:37 | 198,819,387 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/06/28 10:32:02 | 000,911,360 | ---- | M] () -- C:\Users\shadbolt\Desktop\RogueKiller.exe
[2013/06/28 09:45:59 | 000,020,558 | ---- | M] () -- C:\Users\shadbolt\Desktop\how-to-remove-malware.htm
[2013/06/23 18:36:37 | 000,000,600 | ---- | M] () -- C:\Users\shadbolt\Desktop\sc-cleaner - Shortcut.lnk
[2013/06/18 16:14:28 | 000,102,448 | ---- | M] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2013/06/13 17:25:20 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\shadbolt\Desktop\JRT.exe
[2013/06/13 09:32:49 | 000,648,201 | ---- | M] () -- C:\Users\shadbolt\Desktop\AdwCleaner.exe
[2013/06/13 08:44:44 | 000,890,839 | ---- | M] () -- C:\Users\shadbolt\Desktop\SecurityCheck.exe
[2013/06/13 07:46:51 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/06/11 20:42:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\shadbolt\Desktop\OTL.exe

========== Files Created - No Company Name ==========

[2013/07/07 13:55:00 | 000,108,950 | ---- | C] () -- C:\Users\shadbolt\Desktop\IMG_0442.JPG
[2013/07/07 13:54:20 | 000,113,366 | ---- | C] () -- C:\Users\shadbolt\Desktop\IMG_0441.JPG
[2013/07/04 08:50:08 | 000,000,870 | ---- | C] () -- C:\Users\shadbolt\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/07/04 08:50:08 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/07/04 08:50:08 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/07/04 08:33:55 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/04 08:32:28 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/04 08:32:26 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/28 10:31:30 | 000,911,360 | ---- | C] () -- C:\Users\shadbolt\Desktop\RogueKiller.exe
[2013/06/28 09:45:59 | 000,020,558 | ---- | C] () -- C:\Users\shadbolt\Desktop\how-to-remove-malware.htm
[2013/06/23 18:36:37 | 000,000,600 | ---- | C] () -- C:\Users\shadbolt\Desktop\sc-cleaner - Shortcut.lnk
[2013/06/13 09:32:48 | 000,648,201 | ---- | C] () -- C:\Users\shadbolt\Desktop\AdwCleaner.exe
[2013/06/13 08:44:43 | 000,890,839 | ---- | C] () -- C:\Users\shadbolt\Desktop\SecurityCheck.exe
[2012/09/01 18:00:37 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2012/01/13 16:06:11 | 000,036,587 | ---- | C] () -- C:\Windows\unvpeye.ini
[2010/08/06 20:04:07 | 000,013,312 | ---- | C] () -- C:\Users\shadbolt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/04 20:18:37 | 000,032,156 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/08/04 20:14:40 | 000,032,156 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/07/29 20:51:13 | 000,000,680 | ---- | C] () -- C:\Users\shadbolt\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========


< End of report >
  • 0

#54
Nutloaf
Posted 07 July 2013 - 03:11 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi there :)

Well the proxy issue is now fixed and the OTL log is clean also, but there are some corrupt files that need fixing so...

What is the make and model of the PC?

Do you have access to a Vista disk?
  • 0

#55
hellomut
Posted 08 July 2013 - 05:19 AM

hellomut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Hi my computer is a Fujitsu siemens ESPRIMO Mobile V6515, I can't find the disc that came with it at the moment, I will have a good look for it
and get back to you.
Regards
Hellomut
  • 0

Advertisements

#56
Nutloaf
Posted 08 July 2013 - 10:01 AM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hello there, don't worry about that disk just yet I only wanted to know if you had a Vista disk just in case really.

I am working on the issue this evening.

One of the issues flagged by SFC was a Norwegian Language Code Page. If this is not needed then there is no problem, if it is let me know.

The other issue is with the WSD Printer Port Monitor. Any problems with a printer installation?
  • 0

#57
hellomut
Posted 08 July 2013 - 11:51 AM

hellomut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Hi I don't know much about Norway I did go there once about forty years ago! I dont need that page also I dont use this machine with a printer.
Regards
Hellomut
  • 0

#58
Nutloaf
Posted 08 July 2013 - 06:52 PM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Awaiting clearance for my NETBT post :thumbsup:
  • 0

#59
Nutloaf
Posted 09 July 2013 - 08:11 AM

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts

Hi I don't know much about Norway I did go there once about forty years ago!

Well that answers that question, nothing more needs to be done, but if you ever want a Norwegian PC then let me know :lol:


Some of the driver files for NETBT may be corrupt so it's best I think to reinstall Service Pack 2. I also want to run a custom scan, if the reinstall method fails I will do it manually but need to look at 2 more drivers.

1. Service Pack
  • Click Start and in the search bar type Appwiz.cpl and press Enter
  • Click View installed updates.
  • Top right of the page is a search bar type in: service Pack Service Pack 2 may be called KB948465 Click this entry and select Uninstall
  • Once complete Reboot.

2. Service Pack Continued
  • Click Start and in the search bar type Windows Update and press Enter
  • Select Check For Updates once complete click the link for updates found and check if Service Pack 2 is available and install. Then Reboot.
  • If not present install updates found and repeat this process. If still no luck we will manually download the Pack

3. OTL Custom Scan
  • After a Reboot Right click the OTL icon and select Run as Administrator.
  • There are 8 None boxes please check all 8.
  • Copy and paste the following into the Custom Scans\Fixes box without the word Quote.

    /md5start
    tcpip.*
    afd.*
    /md5stop

  • Now Click Run Scan
  • OTL will now scan your computer and produce a log file OTL.txt
  • Please post in your next reply

Things I want to see in your next post.
  • OTL.txt
  • Error Messages still present if Service Pack installed? If the NETBT message opens then click Search Automatically then select Search the Internet if asked.

  • 0

#60
hellomut
Posted 09 July 2013 - 03:02 PM

hellomut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Hi no service pack present I tried your suggestions but it did not installthe drivers just could not find them, here are hte resukts of the scan.

OTL logfile created on: 09/07/2013 21:50:58 - Run 15
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\shadbolt\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.50 Gb Total Physical Memory | 0.47 Gb Available Physical Memory | 31.32% Memory free
3.25 Gb Paging File | 2.00 Gb Available in Paging File | 61.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 90.24 Gb Free Space | 60.55% Space Free | Partition Type: NTFS

Computer Name: SHADBOLT-PC | User Name: shadbolt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Custom Scans ==========

< MD5 for: AFD.SYS >
[2011/04/21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\System32\drivers\afd.sys
[2011/04/21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[2011/04/21 14:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=48EB99503533C27AC6135648E5474457 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[2011/04/21 14:28:53 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=70EE0FC7A0F384DBD929A01384AEEB4B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[2008/01/21 03:33:55 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=763E172A55177E478CB419F88FD0BA03 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[2009/04/11 05:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=A201207363AA900ABF1A388468688570 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[2011/04/21 14:12:21 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=C8AF25017CECB75906A571AC70D2D306 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys

< MD5 for: AFD.SYS.MUI >
[2006/11/02 13:38:53 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=3B69705A572F1638ED5F081437A15A55 -- C:\Windows\System32\drivers\en-US\afd.sys.mui
[2006/11/02 13:38:53 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=3B69705A572F1638ED5F081437A15A55 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core.resources_31bf3856ad364e35_6.0.6000.16386_en-us_49b1fe5f817b8a13\afd.sys.mui

< MD5 for: TCPIP.CHM >
[2006/11/02 13:39:18 | 000,031,036 | ---- | M] () MD5=0069112BBF212321E43B3B675CB9A0D2 -- C:\Windows\winsxs\x86_server-help-chm.tcpip.resources_31bf3856ad364e35_6.0.6000.16386_en-us_2360d422b69f0e36\tcpip.CHM
[2008/01/21 08:03:00 | 000,030,980 | ---- | M] () MD5=C1C11159F1F731E4A5A6229305661E89 -- C:\Windows\Help\mui\0409\tcpip.CHM
[2008/01/21 08:03:00 | 000,030,980 | ---- | M] () MD5=C1C11159F1F731E4A5A6229305661E89 -- C:\Windows\winsxs\x86_server-help-chm.tcpip.resources_31bf3856ad364e35_6.0.6001.18000_en-us_2597961eb38a1f0a\tcpip.CHM

< MD5 for: TCPIP.MOF >
[2006/09/18 22:36:40 | 000,003,066 | ---- | M] () MD5=EEC4A068DE477651214F6C8014ECBEC0 -- C:\Windows\System32\wbem\tcpip.mof
[2006/09/18 22:36:40 | 000,003,066 | ---- | M] () MD5=EEC4A068DE477651214F6C8014ECBEC0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-mof_31bf3856ad364e35_6.0.6000.16386_none_35a721da88047d1b\tcpip.mof

< MD5 for: TCPIP.SYS >
[2008/04/26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2013/05/08 04:40:36 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=078218D74C4EFC2CE7E4C6DF22A94F2F -- C:\Windows\System32\drivers\tcpip.sys
[2013/05/08 04:40:36 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=078218D74C4EFC2CE7E4C6DF22A94F2F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[2009/04/11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011/09/20 22:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009/08/15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011/06/17 21:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012/03/30 13:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010/02/18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013/01/04 12:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2010/02/18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2013/05/08 05:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[2010/06/16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011/06/17 21:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010/06/16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013/01/04 12:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010/06/16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011/09/20 22:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2008/04/26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/08/14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/02/18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010/06/16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2010/04/05 18:03:01 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=A6A02EF5B5E40FBD31A1ADC577DA54BB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys
[2010/04/05 21:00:48 | 000,910,208 | ---- | M] (Microsoft Corporation) MD5=CC9993701AC57F995554C696DDA49C12 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_b5497d157cdc9c9f\tcpip.sys
[2010/02/18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2012/03/30 13:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008/01/21 03:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< End of report >
Thanks
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP