Internet secuirty keeeps stopping..OTL wont work [Solved]
Started by
Harry44
, Jun 16 2013 04:26 AM
This topic is locked
#61
Posted 08 July 2013 - 01:59 AM
Harry44
- Topic Starter
-
- Member
-
- 45 posts
Member
#62
Posted 08 July 2013 - 11:00 AM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
I don't see MalwareBytes Protection loading at start up, but it sounds like you didn't opt out of the 14 day trial period for MalwareBytes Pro when you installed it.just started getting malware anti bytes telling me its blocked malicious sites but the site is Firefox.exe?
Run MBAM CleanUp Tool
Download mbam-clean.exe from this link and save it to the desktop
- Click on the Start
button and select Control Panel. - Under the Programs section, click Uninstall a program. The installed programs list will populate.
- Locate the Malwarebytes Anti-Malware version 1.75.0.1300 program. Right click it and click Uninstall
- Restart your computer (very important).
- Back on the Desktop, Right click the mbam-clean.exe file and click Run as Administrator to run it. OK any UAC prompts.
NOTE: If you get SHGetValue failed with error code 0, that only means that the tool has nothing to perform, continue on with the next step.... - It will ask to restart your computer, please allow it to do so as it is very important.
Is it just one beep and does it happen every time you press a key?normally when am browsing it locks and beeps when press any buttons
I'm not sure what you mean here but this locking/beeping problem sounds like something in the system. Let's check the system files. If that doesn't show anything then the problem can be a nightmare to diagnose. It could be anything from a computer that's full of dust, bad RAM, faulty power supply or fans, incompatible drivers.....keeps freezing and now it wont let the mouse icon go below the bottom of page to click on pages I have open below
Delete Old SFC Log and run SFC
Windows Vista/7
- Open an elevated command prompt. To do that:
- Click Start, click on All Programs and Accessories, then right click on Command Prompt and click on Run as administrator. (See screenshot below)
- A command window will open like the image below:
- Type the following and press ENTER after each line:
cd \windows\Logs\cbs
copy cbs.log cbs.old
del cbs.log
Back at the blinking cursor:
- Type or copy and paste the following command and press Enter:
sfc /scannow
The sfc /scannow command scans all protected system files and replaces incorrect versions with correct Microsoft versions. Note: This may take awhile to finish. - IF SFC complains that it found files that it couldn't repair we will need to see what they are so back at the blinking cursor:
- Type or copy and paste the following command at the blinking cursor, and then press ENTER:
findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >%userprofile%\Desktop\sfcdetails.txt
- Type or copy and paste the following command at the blinking cursor, and then press ENTER:
- Type exit and press the ENTER key to close the command window.
#63
Posted 08 July 2013 - 12:44 PM
Harry44
- Topic Starter
-
- Member
-
- 45 posts
Member
I paid for a lifetime licence on mbam do you still want me to uninstall it?
Is it just one beep and does it happen every time you press a key?
Its just the one beep
Is it just one beep and does it happen every time you press a key?
Its just the one beep
Edited by Harry44, 08 July 2013 - 12:45 PM.
#64
Posted 08 July 2013 - 12:57 PM
Harry44
- Topic Starter
-
- Member
-
- 45 posts
Member
2013-07-08 19:46:47, Info CSI 00000006 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:46:47, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2013-07-08 19:46:51, Info CSI 00000009 [SR] Verify complete
2013-07-08 19:46:52, Info CSI 0000000a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:46:52, Info CSI 0000000b [SR] Beginning Verify and Repair transaction
2013-07-08 19:46:57, Info CSI 0000000d [SR] Verify complete
2013-07-08 19:46:57, Info CSI 0000000e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:46:57, Info CSI 0000000f [SR] Beginning Verify and Repair transaction
2013-07-08 19:46:58, Info CSI 00000011 [SR] Verify complete
2013-07-08 19:46:59, Info CSI 00000012 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:46:59, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:00, Info CSI 00000015 [SR] Verify complete
2013-07-08 19:47:00, Info CSI 00000016 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:00, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:01, Info CSI 00000019 [SR] Verify complete
2013-07-08 19:47:01, Info CSI 0000001a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:01, Info CSI 0000001b [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:02, Info CSI 0000001d [SR] Verify complete
2013-07-08 19:47:02, Info CSI 0000001e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:02, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:03, Info CSI 00000021 [SR] Verify complete
2013-07-08 19:47:04, Info CSI 00000022 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:04, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:04, Info CSI 00000025 [SR] Verify complete
2013-07-08 19:47:07, Info CSI 00000026 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:07, Info CSI 00000027 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:09, Info CSI 00000029 [SR] Verify complete
2013-07-08 19:47:09, Info CSI 0000002a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:09, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:10, Info CSI 0000002d [SR] Verify complete
2013-07-08 19:47:11, Info CSI 0000002e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:11, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:12, Info CSI 00000031 [SR] Verify complete
2013-07-08 19:47:13, Info CSI 00000032 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:13, Info CSI 00000033 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:13, Info CSI 00000035 [SR] Verify complete
2013-07-08 19:47:14, Info CSI 00000036 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:14, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:15, Info CSI 00000039 [SR] Verify complete
2013-07-08 19:47:15, Info CSI 0000003a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:15, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:17, Info CSI 0000003d [SR] Verify complete
2013-07-08 19:47:17, Info CSI 0000003e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:17, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:19, Info CSI 00000041 [SR] Verify complete
2013-07-08 19:47:19, Info CSI 00000042 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:19, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:21, Info CSI 00000045 [SR] Verify complete
2013-07-08 19:47:22, Info CSI 00000046 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:22, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:24, Info CSI 00000049 [SR] Verify complete
2013-07-08 19:47:24, Info CSI 0000004a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:24, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:27, Info CSI 0000004d [SR] Verify complete
2013-07-08 19:47:28, Info CSI 0000004e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:28, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:29, Info CSI 00000051 [SR] Verify complete
2013-07-08 19:47:30, Info CSI 00000052 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:30, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:34, Info CSI 00000055 [SR] Verify complete
2013-07-08 19:47:35, Info CSI 00000056 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:35, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:39, Info CSI 00000059 [SR] Verify complete
2013-07-08 19:47:40, Info CSI 0000005a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:40, Info CSI 0000005b [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:45, Info CSI 0000005d [SR] Verify complete
2013-07-08 19:47:45, Info CSI 0000005e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:45, Info CSI 0000005f [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:50, Info CSI 00000062 [SR] Verify complete
2013-07-08 19:47:50, Info CSI 00000063 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:50, Info CSI 00000064 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:56, Info CSI 00000067 [SR] Verify complete
2013-07-08 19:47:56, Info CSI 00000068 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:56, Info CSI 00000069 [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:02, Info CSI 0000006b [SR] Verify complete
2013-07-08 19:48:03, Info CSI 0000006c [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:03, Info CSI 0000006d [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:11, Info CSI 00000077 [SR] Verify complete
2013-07-08 19:48:11, Info CSI 00000078 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:11, Info CSI 00000079 [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:17, Info CSI 0000007b [SR] Verify complete
2013-07-08 19:48:18, Info CSI 0000007c [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:18, Info CSI 0000007d [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:24, Info CSI 0000007f [SR] Verify complete
2013-07-08 19:48:24, Info CSI 00000080 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:24, Info CSI 00000081 [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:30, Info CSI 00000083 [SR] Verify complete
2013-07-08 19:48:31, Info CSI 00000084 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:31, Info CSI 00000085 [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:37, Info CSI 00000087 [SR] Verify complete
2013-07-08 19:48:38, Info CSI 00000088 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:38, Info CSI 00000089 [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:45, Info CSI 0000008b [SR] Verify complete
2013-07-08 19:48:46, Info CSI 0000008c [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:46, Info CSI 0000008d [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:58, Info CSI 00000091 [SR] Verify complete
2013-07-08 19:48:58, Info CSI 00000092 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:58, Info CSI 00000093 [SR] Beginning Verify and Repair transaction
2013-07-08 19:49:16, Info CSI 00000095 [SR] Verify complete
2013-07-08 19:49:17, Info CSI 00000096 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:49:17, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2013-07-08 19:49:40, Info CSI 00000099 [SR] Verify complete
2013-07-08 19:49:41, Info CSI 0000009a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:49:41, Info CSI 0000009b [SR] Beginning Verify and Repair transaction
2013-07-08 19:49:45, Info CSI 0000009d [SR] Verify complete
2013-07-08 19:49:45, Info CSI 0000009e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:49:45, Info CSI 0000009f [SR] Beginning Verify and Repair transaction
2013-07-08 19:49:48, Info CSI 000000a1 [SR] Verify complete
2013-07-08 19:49:49, Info CSI 000000a2 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:49:49, Info CSI 000000a3 [SR] Beginning Verify and Repair transaction
2013-07-08 19:49:53, Info CSI 000000a5 [SR] Verify complete
2013-07-08 19:49:54, Info CSI 000000a6 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:49:54, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:12, Info CSI 000000c5 [SR] Verify complete
2013-07-08 19:50:13, Info CSI 000000c6 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:13, Info CSI 000000c7 [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:18, Info CSI 000000c9 [SR] Verify complete
2013-07-08 19:50:18, Info CSI 000000ca [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:18, Info CSI 000000cb [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:25, Info CSI 000000cd [SR] Verify complete
2013-07-08 19:50:26, Info CSI 000000ce [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:26, Info CSI 000000cf [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:31, Info CSI 000000d1 [SR] Verify complete
2013-07-08 19:50:31, Info CSI 000000d2 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:31, Info CSI 000000d3 [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:40, Info CSI 000000d5 [SR] Verify complete
2013-07-08 19:50:41, Info CSI 000000d6 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:41, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:53, Info CSI 000000da [SR] Verify complete
2013-07-08 19:50:53, Info CSI 000000db [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:53, Info CSI 000000dc [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:00, Info CSI 000000de [SR] Verify complete
2013-07-08 19:51:00, Info CSI 000000df [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:00, Info CSI 000000e0 [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:08, Info CSI 000000e2 [SR] Verify complete
2013-07-08 19:51:08, Info CSI 000000e3 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:08, Info CSI 000000e4 [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:16, Info CSI 000000e6 [SR] Verify complete
2013-07-08 19:51:16, Info CSI 000000e7 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:16, Info CSI 000000e8 [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:24, Info CSI 000000ea [SR] Verify complete
2013-07-08 19:51:24, Info CSI 000000eb [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:24, Info CSI 000000ec [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:36, Info CSI 00000103 [SR] Verify complete
2013-07-08 19:51:36, Info CSI 00000104 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:36, Info CSI 00000105 [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:49, Info CSI 00000115 [SR] Verify complete
2013-07-08 19:51:49, Info CSI 00000116 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:49, Info CSI 00000117 [SR] Beginning Verify and Repair transaction
2013-07-08 19:52:15, Info CSI 00000119 [SR] Verify complete
2013-07-08 19:52:16, Info CSI 0000011a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:52:16, Info CSI 0000011b [SR] Beginning Verify and Repair transaction
2013-07-08 19:52:29, Info CSI 0000011d [SR] Verify complete
2013-07-08 19:52:30, Info CSI 0000011e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:52:30, Info CSI 0000011f [SR] Beginning Verify and Repair transaction
2013-07-08 19:52:41, Info CSI 00000121 [SR] Verify complete
2013-07-08 19:52:42, Info CSI 00000122 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:52:42, Info CSI 00000123 [SR] Beginning Verify and Repair transaction
2013-07-08 19:52:51, Info CSI 00000125 [SR] Verify complete
2013-07-08 19:52:51, Info CSI 00000126 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:52:51, Info CSI 00000127 [SR] Beginning Verify and Repair transaction
2013-07-08 19:52:59, Info CSI 00000129 [SR] Verify complete
2013-07-08 19:52:59, Info CSI 0000012a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:52:59, Info CSI 0000012b [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:05, Info CSI 0000012d [SR] Verify complete
2013-07-08 19:53:06, Info CSI 0000012e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:06, Info CSI 0000012f [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:11, Info CSI 00000132 [SR] Verify complete
2013-07-08 19:53:12, Info CSI 00000133 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:12, Info CSI 00000134 [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:30, Info CSI 00000136 [SR] Verify complete
2013-07-08 19:53:30, Info CSI 00000137 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:30, Info CSI 00000138 [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:38, Info CSI 0000013a [SR] Verify complete
2013-07-08 19:53:39, Info CSI 0000013b [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:39, Info CSI 0000013c [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:47, Info CSI 0000013e [SR] Verify complete
2013-07-08 19:53:48, Info CSI 0000013f [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:48, Info CSI 00000140 [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:58, Info CSI 00000142 [SR] Verify complete
2013-07-08 19:53:59, Info CSI 00000143 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:59, Info CSI 00000144 [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:06, Info CSI 00000146 [SR] Verify complete
2013-07-08 19:54:07, Info CSI 00000147 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:07, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:18, Info CSI 0000014a [SR] Verify complete
2013-07-08 19:54:18, Info CSI 0000014b [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:18, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:33, Info CSI 0000014f [SR] Verify complete
2013-07-08 19:54:33, Info CSI 00000150 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:33, Info CSI 00000151 [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:39, Info CSI 00000153 [SR] Verify complete
2013-07-08 19:54:39, Info CSI 00000154 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:39, Info CSI 00000155 [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:46, Info CSI 00000157 [SR] Verify complete
2013-07-08 19:54:47, Info CSI 00000158 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:47, Info CSI 00000159 [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:55, Info CSI 0000015c [SR] Verify complete
2013-07-08 19:54:55, Info CSI 0000015d [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:55, Info CSI 0000015e [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:03, Info CSI 00000160 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:55:03, Info CSI 00000162 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:55:03, Info CSI 00000166 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:55:03, Info CSI 00000168 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:55:05, Info CSI 0000016e [SR] Verify complete
2013-07-08 19:55:05, Info CSI 0000016f [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:05, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:14, Info CSI 00000172 [SR] Verify complete
2013-07-08 19:55:15, Info CSI 00000173 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:15, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:23, Info CSI 00000176 [SR] Verify complete
2013-07-08 19:55:23, Info CSI 00000177 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:23, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:27, Info CSI 0000017a [SR] Verify complete
2013-07-08 19:55:27, Info CSI 0000017b [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:27, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:34, Info CSI 0000017e [SR] Verify complete
2013-07-08 19:55:34, Info CSI 0000017f [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:34, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:41, Info CSI 00000182 [SR] Verify complete
2013-07-08 19:55:42, Info CSI 00000183 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:42, Info CSI 00000184 [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:47, Info CSI 00000186 [SR] Verify complete
2013-07-08 19:55:49, Info CSI 00000187 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:49, Info CSI 00000188 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:05, Info CSI 0000018a [SR] Verify complete
2013-07-08 19:56:05, Info CSI 0000018b [SR] Verifying 100 (0x00000064) components
2013-07-08 19:56:05, Info CSI 0000018c [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:11, Info CSI 0000018e [SR] Verify complete
2013-07-08 19:56:11, Info CSI 0000018f [SR] Verifying 100 (0x00000064) components
2013-07-08 19:56:11, Info CSI 00000190 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:16, Info CSI 00000192 [SR] Verify complete
2013-07-08 19:56:16, Info CSI 00000193 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:56:16, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:24, Info CSI 0000019f [SR] Verify complete
2013-07-08 19:56:24, Info CSI 000001a0 [SR] Verifying 42 (0x0000002a) components
2013-07-08 19:56:24, Info CSI 000001a1 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:26, Info CSI 000001a3 [SR] Verify complete
2013-07-08 19:56:26, Info CSI 000001a4 [SR] Repairing 2 components
2013-07-08 19:56:26, Info CSI 000001a5 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:26, Info CSI 000001a7 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:56:26, Info CSI 000001a9 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:56:26, Info CSI 000001ad [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:56:26, Info CSI 000001af [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:56:27, Info CSI 000001b3 [SR] Repair complete
2013-07-08 19:56:27, Info CSI 000001b4 [SR] Committing transaction
2013-07-08 19:56:27, Info CSI 000001b5 [SR] Cannot commit interactively, there are boot critical components being repaired
2013-07-08 19:56:27, Info CSI 000001b6 [SR] Repairing 2 components
2013-07-08 19:56:27, Info CSI 000001b7 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:27, Info CSI 000001b9 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:56:27, Info CSI 000001bb [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:56:27, Info CSI 000001bf [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:56:27, Info CSI 000001c1 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:56:27, Info CSI 000001c5 [SR] Repair complete
2013-07-08 19:46:47, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2013-07-08 19:46:51, Info CSI 00000009 [SR] Verify complete
2013-07-08 19:46:52, Info CSI 0000000a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:46:52, Info CSI 0000000b [SR] Beginning Verify and Repair transaction
2013-07-08 19:46:57, Info CSI 0000000d [SR] Verify complete
2013-07-08 19:46:57, Info CSI 0000000e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:46:57, Info CSI 0000000f [SR] Beginning Verify and Repair transaction
2013-07-08 19:46:58, Info CSI 00000011 [SR] Verify complete
2013-07-08 19:46:59, Info CSI 00000012 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:46:59, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:00, Info CSI 00000015 [SR] Verify complete
2013-07-08 19:47:00, Info CSI 00000016 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:00, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:01, Info CSI 00000019 [SR] Verify complete
2013-07-08 19:47:01, Info CSI 0000001a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:01, Info CSI 0000001b [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:02, Info CSI 0000001d [SR] Verify complete
2013-07-08 19:47:02, Info CSI 0000001e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:02, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:03, Info CSI 00000021 [SR] Verify complete
2013-07-08 19:47:04, Info CSI 00000022 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:04, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:04, Info CSI 00000025 [SR] Verify complete
2013-07-08 19:47:07, Info CSI 00000026 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:07, Info CSI 00000027 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:09, Info CSI 00000029 [SR] Verify complete
2013-07-08 19:47:09, Info CSI 0000002a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:09, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:10, Info CSI 0000002d [SR] Verify complete
2013-07-08 19:47:11, Info CSI 0000002e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:11, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:12, Info CSI 00000031 [SR] Verify complete
2013-07-08 19:47:13, Info CSI 00000032 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:13, Info CSI 00000033 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:13, Info CSI 00000035 [SR] Verify complete
2013-07-08 19:47:14, Info CSI 00000036 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:14, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:15, Info CSI 00000039 [SR] Verify complete
2013-07-08 19:47:15, Info CSI 0000003a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:15, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:17, Info CSI 0000003d [SR] Verify complete
2013-07-08 19:47:17, Info CSI 0000003e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:17, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:19, Info CSI 00000041 [SR] Verify complete
2013-07-08 19:47:19, Info CSI 00000042 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:19, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:21, Info CSI 00000045 [SR] Verify complete
2013-07-08 19:47:22, Info CSI 00000046 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:22, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:24, Info CSI 00000049 [SR] Verify complete
2013-07-08 19:47:24, Info CSI 0000004a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:24, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:27, Info CSI 0000004d [SR] Verify complete
2013-07-08 19:47:28, Info CSI 0000004e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:28, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:29, Info CSI 00000051 [SR] Verify complete
2013-07-08 19:47:30, Info CSI 00000052 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:30, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:34, Info CSI 00000055 [SR] Verify complete
2013-07-08 19:47:35, Info CSI 00000056 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:35, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:39, Info CSI 00000059 [SR] Verify complete
2013-07-08 19:47:40, Info CSI 0000005a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:40, Info CSI 0000005b [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:45, Info CSI 0000005d [SR] Verify complete
2013-07-08 19:47:45, Info CSI 0000005e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:45, Info CSI 0000005f [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:50, Info CSI 00000062 [SR] Verify complete
2013-07-08 19:47:50, Info CSI 00000063 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:50, Info CSI 00000064 [SR] Beginning Verify and Repair transaction
2013-07-08 19:47:56, Info CSI 00000067 [SR] Verify complete
2013-07-08 19:47:56, Info CSI 00000068 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:47:56, Info CSI 00000069 [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:02, Info CSI 0000006b [SR] Verify complete
2013-07-08 19:48:03, Info CSI 0000006c [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:03, Info CSI 0000006d [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:11, Info CSI 00000077 [SR] Verify complete
2013-07-08 19:48:11, Info CSI 00000078 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:11, Info CSI 00000079 [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:17, Info CSI 0000007b [SR] Verify complete
2013-07-08 19:48:18, Info CSI 0000007c [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:18, Info CSI 0000007d [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:24, Info CSI 0000007f [SR] Verify complete
2013-07-08 19:48:24, Info CSI 00000080 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:24, Info CSI 00000081 [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:30, Info CSI 00000083 [SR] Verify complete
2013-07-08 19:48:31, Info CSI 00000084 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:31, Info CSI 00000085 [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:37, Info CSI 00000087 [SR] Verify complete
2013-07-08 19:48:38, Info CSI 00000088 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:38, Info CSI 00000089 [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:45, Info CSI 0000008b [SR] Verify complete
2013-07-08 19:48:46, Info CSI 0000008c [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:46, Info CSI 0000008d [SR] Beginning Verify and Repair transaction
2013-07-08 19:48:58, Info CSI 00000091 [SR] Verify complete
2013-07-08 19:48:58, Info CSI 00000092 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:48:58, Info CSI 00000093 [SR] Beginning Verify and Repair transaction
2013-07-08 19:49:16, Info CSI 00000095 [SR] Verify complete
2013-07-08 19:49:17, Info CSI 00000096 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:49:17, Info CSI 00000097 [SR] Beginning Verify and Repair transaction
2013-07-08 19:49:40, Info CSI 00000099 [SR] Verify complete
2013-07-08 19:49:41, Info CSI 0000009a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:49:41, Info CSI 0000009b [SR] Beginning Verify and Repair transaction
2013-07-08 19:49:45, Info CSI 0000009d [SR] Verify complete
2013-07-08 19:49:45, Info CSI 0000009e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:49:45, Info CSI 0000009f [SR] Beginning Verify and Repair transaction
2013-07-08 19:49:48, Info CSI 000000a1 [SR] Verify complete
2013-07-08 19:49:49, Info CSI 000000a2 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:49:49, Info CSI 000000a3 [SR] Beginning Verify and Repair transaction
2013-07-08 19:49:53, Info CSI 000000a5 [SR] Verify complete
2013-07-08 19:49:54, Info CSI 000000a6 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:49:54, Info CSI 000000a7 [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:12, Info CSI 000000c5 [SR] Verify complete
2013-07-08 19:50:13, Info CSI 000000c6 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:13, Info CSI 000000c7 [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:18, Info CSI 000000c9 [SR] Verify complete
2013-07-08 19:50:18, Info CSI 000000ca [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:18, Info CSI 000000cb [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:25, Info CSI 000000cd [SR] Verify complete
2013-07-08 19:50:26, Info CSI 000000ce [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:26, Info CSI 000000cf [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:31, Info CSI 000000d1 [SR] Verify complete
2013-07-08 19:50:31, Info CSI 000000d2 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:31, Info CSI 000000d3 [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:40, Info CSI 000000d5 [SR] Verify complete
2013-07-08 19:50:41, Info CSI 000000d6 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:41, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction
2013-07-08 19:50:53, Info CSI 000000da [SR] Verify complete
2013-07-08 19:50:53, Info CSI 000000db [SR] Verifying 100 (0x00000064) components
2013-07-08 19:50:53, Info CSI 000000dc [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:00, Info CSI 000000de [SR] Verify complete
2013-07-08 19:51:00, Info CSI 000000df [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:00, Info CSI 000000e0 [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:08, Info CSI 000000e2 [SR] Verify complete
2013-07-08 19:51:08, Info CSI 000000e3 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:08, Info CSI 000000e4 [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:16, Info CSI 000000e6 [SR] Verify complete
2013-07-08 19:51:16, Info CSI 000000e7 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:16, Info CSI 000000e8 [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:24, Info CSI 000000ea [SR] Verify complete
2013-07-08 19:51:24, Info CSI 000000eb [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:24, Info CSI 000000ec [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:36, Info CSI 00000103 [SR] Verify complete
2013-07-08 19:51:36, Info CSI 00000104 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:36, Info CSI 00000105 [SR] Beginning Verify and Repair transaction
2013-07-08 19:51:49, Info CSI 00000115 [SR] Verify complete
2013-07-08 19:51:49, Info CSI 00000116 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:51:49, Info CSI 00000117 [SR] Beginning Verify and Repair transaction
2013-07-08 19:52:15, Info CSI 00000119 [SR] Verify complete
2013-07-08 19:52:16, Info CSI 0000011a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:52:16, Info CSI 0000011b [SR] Beginning Verify and Repair transaction
2013-07-08 19:52:29, Info CSI 0000011d [SR] Verify complete
2013-07-08 19:52:30, Info CSI 0000011e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:52:30, Info CSI 0000011f [SR] Beginning Verify and Repair transaction
2013-07-08 19:52:41, Info CSI 00000121 [SR] Verify complete
2013-07-08 19:52:42, Info CSI 00000122 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:52:42, Info CSI 00000123 [SR] Beginning Verify and Repair transaction
2013-07-08 19:52:51, Info CSI 00000125 [SR] Verify complete
2013-07-08 19:52:51, Info CSI 00000126 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:52:51, Info CSI 00000127 [SR] Beginning Verify and Repair transaction
2013-07-08 19:52:59, Info CSI 00000129 [SR] Verify complete
2013-07-08 19:52:59, Info CSI 0000012a [SR] Verifying 100 (0x00000064) components
2013-07-08 19:52:59, Info CSI 0000012b [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:05, Info CSI 0000012d [SR] Verify complete
2013-07-08 19:53:06, Info CSI 0000012e [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:06, Info CSI 0000012f [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:11, Info CSI 00000132 [SR] Verify complete
2013-07-08 19:53:12, Info CSI 00000133 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:12, Info CSI 00000134 [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:30, Info CSI 00000136 [SR] Verify complete
2013-07-08 19:53:30, Info CSI 00000137 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:30, Info CSI 00000138 [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:38, Info CSI 0000013a [SR] Verify complete
2013-07-08 19:53:39, Info CSI 0000013b [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:39, Info CSI 0000013c [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:47, Info CSI 0000013e [SR] Verify complete
2013-07-08 19:53:48, Info CSI 0000013f [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:48, Info CSI 00000140 [SR] Beginning Verify and Repair transaction
2013-07-08 19:53:58, Info CSI 00000142 [SR] Verify complete
2013-07-08 19:53:59, Info CSI 00000143 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:53:59, Info CSI 00000144 [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:06, Info CSI 00000146 [SR] Verify complete
2013-07-08 19:54:07, Info CSI 00000147 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:07, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:18, Info CSI 0000014a [SR] Verify complete
2013-07-08 19:54:18, Info CSI 0000014b [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:18, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:33, Info CSI 0000014f [SR] Verify complete
2013-07-08 19:54:33, Info CSI 00000150 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:33, Info CSI 00000151 [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:39, Info CSI 00000153 [SR] Verify complete
2013-07-08 19:54:39, Info CSI 00000154 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:39, Info CSI 00000155 [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:46, Info CSI 00000157 [SR] Verify complete
2013-07-08 19:54:47, Info CSI 00000158 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:47, Info CSI 00000159 [SR] Beginning Verify and Repair transaction
2013-07-08 19:54:55, Info CSI 0000015c [SR] Verify complete
2013-07-08 19:54:55, Info CSI 0000015d [SR] Verifying 100 (0x00000064) components
2013-07-08 19:54:55, Info CSI 0000015e [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:03, Info CSI 00000160 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:55:03, Info CSI 00000162 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:55:03, Info CSI 00000166 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:55:03, Info CSI 00000168 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:55:05, Info CSI 0000016e [SR] Verify complete
2013-07-08 19:55:05, Info CSI 0000016f [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:05, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:14, Info CSI 00000172 [SR] Verify complete
2013-07-08 19:55:15, Info CSI 00000173 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:15, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:23, Info CSI 00000176 [SR] Verify complete
2013-07-08 19:55:23, Info CSI 00000177 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:23, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:27, Info CSI 0000017a [SR] Verify complete
2013-07-08 19:55:27, Info CSI 0000017b [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:27, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:34, Info CSI 0000017e [SR] Verify complete
2013-07-08 19:55:34, Info CSI 0000017f [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:34, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:41, Info CSI 00000182 [SR] Verify complete
2013-07-08 19:55:42, Info CSI 00000183 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:42, Info CSI 00000184 [SR] Beginning Verify and Repair transaction
2013-07-08 19:55:47, Info CSI 00000186 [SR] Verify complete
2013-07-08 19:55:49, Info CSI 00000187 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:55:49, Info CSI 00000188 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:05, Info CSI 0000018a [SR] Verify complete
2013-07-08 19:56:05, Info CSI 0000018b [SR] Verifying 100 (0x00000064) components
2013-07-08 19:56:05, Info CSI 0000018c [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:11, Info CSI 0000018e [SR] Verify complete
2013-07-08 19:56:11, Info CSI 0000018f [SR] Verifying 100 (0x00000064) components
2013-07-08 19:56:11, Info CSI 00000190 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:16, Info CSI 00000192 [SR] Verify complete
2013-07-08 19:56:16, Info CSI 00000193 [SR] Verifying 100 (0x00000064) components
2013-07-08 19:56:16, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:24, Info CSI 0000019f [SR] Verify complete
2013-07-08 19:56:24, Info CSI 000001a0 [SR] Verifying 42 (0x0000002a) components
2013-07-08 19:56:24, Info CSI 000001a1 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:26, Info CSI 000001a3 [SR] Verify complete
2013-07-08 19:56:26, Info CSI 000001a4 [SR] Repairing 2 components
2013-07-08 19:56:26, Info CSI 000001a5 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:26, Info CSI 000001a7 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:56:26, Info CSI 000001a9 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:56:26, Info CSI 000001ad [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:56:26, Info CSI 000001af [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:56:27, Info CSI 000001b3 [SR] Repair complete
2013-07-08 19:56:27, Info CSI 000001b4 [SR] Committing transaction
2013-07-08 19:56:27, Info CSI 000001b5 [SR] Cannot commit interactively, there are boot critical components being repaired
2013-07-08 19:56:27, Info CSI 000001b6 [SR] Repairing 2 components
2013-07-08 19:56:27, Info CSI 000001b7 [SR] Beginning Verify and Repair transaction
2013-07-08 19:56:27, Info CSI 000001b9 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:56:27, Info CSI 000001bb [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:56:27, Info CSI 000001bf [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-07-08 19:56:27, Info CSI 000001c1 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-07-08 19:56:27, Info CSI 000001c5 [SR] Repair complete
#65
Posted 09 July 2013 - 02:09 AM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
If you have paid for a lifetime membership don't uninstall it.
Do you have it running at start up? I don't see it in the OTL log.
Thanks for the information about the beep.
Was that the complete SFC log? It doesn't look like it.
Does the lockup and beep happen when you are not using the browser?
Does it happen only in FF or does it happen in all browsers?
Do you have it running at start up? I don't see it in the OTL log.
Thanks for the information about the beep.
Was that the complete SFC log? It doesn't look like it.
Does the lockup and beep happen when you are not using the browser?
Does it happen only in FF or does it happen in all browsers?
#66
Posted 09 July 2013 - 11:39 AM
Harry44
- Topic Starter
-
- Member
-
- 45 posts
Member
it should be running at start up as its in my taskbar
you want me to run the sfc again?
it locks up even when I am not using the browser. I only use FF so no idea any other browsers
any idea what this means, it keeps popping up
A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete.
Script: http://s.ytimg.com/y...-vflUKORc4.js:9
you want me to run the sfc again?
it locks up even when I am not using the browser. I only use FF so no idea any other browsers
any idea what this means, it keeps popping up
A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete.
Script: http://s.ytimg.com/y...-vflUKORc4.js:9
#67
Posted 10 July 2013 - 01:54 AM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
Hello,
Here is some reading for you.
Click the Start Orb
Click Control Panel, then Ease of Access, then Ease of Access Center. The Access Center will open.
Under the Explore all settings section, click Make the keyboard easier to use
Make sure the boxes beside Turn on Sticky Keys and Turn on Filter Keys Do Not have a check mark in them
Now see if te problem is still there.
Let's get the big hammer out.
Run ComboFix
***Read through this entire procedure and if you have any questions, please ask them before you begin. Then either print out, or copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.***
If you have a previous version of Combofix.exe, delete it and download a fresh copy.
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications before downloading ComboFix. This is usually done via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
Download ComboFix from one of the following locations:
Link 1
Link 2
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" ComboFix. If you have a problem, reply back for further instructions.
3. If you recieve an error "Illegal operation attempted on a registry key that has been marked for deletion". Please restart the computer. That will cure it.
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use. ComboFix Should Not be used unless requested by a forum helper
Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
Don't forget to reenable your Anti-Virus
Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. the comboFix.txt log
Here is some reading for you.
I just don't see it running at start up. But if it's working properly just leave it alone.it should be running at start up as its in my taskbar
No. I was just making sure that you posted the complete sfcdatails.txt logyou want me to run the sfc again?
This sounds like a problem with the system overheating or bad memory ect; but let's try the following:it locks up even when I am not using the browser.
Click the Start Orb
Click Control Panel, then Ease of Access, then Ease of Access Center. The Access Center will open.
Under the Explore all settings section, click Make the keyboard easier to use
Make sure the boxes beside Turn on Sticky Keys and Turn on Filter Keys Do Not have a check mark in them
Now see if te problem is still there.
You have Internet Explorer and Opera on the computer. Please try those browsers and see it the freezing/beeping problem is present in them.I only use FF so no idea any other browsers
This error is telling you that Firefox thinks that a script may be running out of control and would make Firefox hang if nothing is done. The script could be something on a web page you're accessing, in an extension you installed, or even Firefox itself. See the pages here and here for suggestions on how to troubleshoot the problem.A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete.
"The Malwarebytes Anti-Malware web protection is typically activated when a website loads your browser and links embedded attempt to access an IP range which their research has found to deliver malicious content to users when they access a website which is on the IP range indicated. If the alerts only appear when you are surfing with a browser open then the possible trigger is a banner ad." As an example I found this on the Mozilla sitejust started getting malware anti bytes telling me its blocked malicious sites but the site is Firefox.exe?
So as you can see it's gonna take a little detective work by you to find the culprit. It is also possible that an extension or add-on or a personal setting or bookmark can cause this.I recently started running Malwarebytes and it has been telling me that there's a Firefox process that keeps trying to access a supposedly malicious site. The IP address is 109 163 230 92. It's not that a website is trying to access my computer; it's that my computer keeps trying to access the site. Malwarebytes has blocked this, but it keeps trying different ports...
On a hunch, I tested my site on IE9 and got the same warning message, but giving IE as the source process. So I guess this isn't a Mozilla issue, as such. And the warning message is coming up pretty consistently when I access a page on my website, so I suspect this is related to the hack attack I got, which probably coincides with when I started seeing those warnings.
I found out what was causing the problem. It was a link to a 3rd party website that I used to create my Facebook badge. It's apparently involved in servers that aren't exactly picky about their users, if you get my drift, so Malwarebytes considers their IP address a dirty one and blocks it. I've removed the link and it's fine now.
Let's get the big hammer out.
Run ComboFix***Read through this entire procedure and if you have any questions, please ask them before you begin. Then either print out, or copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.***
If you have a previous version of Combofix.exe, delete it and download a fresh copy.
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications before downloading ComboFix. This is usually done via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
Download ComboFix from one of the following locations:
Link 1
Link 2
- Double click on ComboFix.exe & follow the prompts.
- Accept the disclaimer and allow to update if it asks
- When finished, it shall produce a log for you.
- Please include the C:\ComboFix.txt in your next reply.
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" ComboFix. If you have a problem, reply back for further instructions.
3. If you recieve an error "Illegal operation attempted on a registry key that has been marked for deletion". Please restart the computer. That will cure it.
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use. ComboFix Should Not be used unless requested by a forum helper
Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
Don't forget to reenable your Anti-Virus
Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. the comboFix.txt log
#68
Posted 10 July 2013 - 06:26 AM
Harry44
- Topic Starter
-
- Member
-
- 45 posts
Member
IN THE Past comboxfix goes thru stages when running, didnt do that this time
ComboFix 13-07-09.01 - Chris 10/07/2013 10:55:03.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3060.1263 [GMT 1:00]
Running from: c:\users\Chris\Downloads\ComboFix.exe
AV: Bitdefender Antivirus *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
SP: Bitdefender Antispyware *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1370175092.bdinstall.bin
c:\programdata\1370175395.bdinstall.bin
c:\programdata\1371376249.bdinstall.bin
c:\programdata\1371376538.bdinstall.bin
c:\windows\system32\spsys.log
.
.
((((((((((((((((((((((((( Files Created from 2013-06-10 to 2013-07-10 )))))))))))))))))))))))))))))))
.
.
2013-07-10 10:02 . 2013-07-10 10:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-07-10 10:02 . 2013-07-10 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-10 02:17 . 2013-07-10 02:17 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-07-09 12:08 . 2013-07-09 12:08 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CCAEB49-512A-4D3E-9799-3416AFCE1683}\offreg.dll
2013-07-09 11:50 . 2013-06-12 04:18 7068072 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CCAEB49-512A-4D3E-9799-3416AFCE1683}\mpengine.dll
2013-06-16 10:34 . 2013-06-16 10:34 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys
2013-06-16 10:02 . 2013-02-22 18:46 78144 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2013-06-16 10:02 . 2012-11-12 17:11 66392 ----a-w- c:\windows\system32\drivers\bdsandbox.sys
2013-06-16 10:02 . 2013-06-28 19:46 487048 ----a-w- c:\windows\system32\drivers\avckf.sys
2013-06-16 10:02 . 2013-04-17 13:59 633344 ----a-w- c:\windows\system32\drivers\avc3.sys
2013-06-16 09:58 . 2013-06-16 09:58 -------- d-----w- c:\users\Chris\AppData\Roaming\Bitdefender
2013-06-16 09:58 . 2013-06-16 10:05 -------- d-----w- c:\programdata\Bitdefender
2013-06-16 09:56 . 2012-10-04 13:30 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys
2013-06-16 09:56 . 2013-06-16 09:56 -------- d-----w- c:\program files\Bitdefender
2013-06-16 09:56 . 2013-05-28 11:11 355744 ----a-w- c:\windows\system32\drivers\trufos.sys
2013-06-12 11:55 . 2013-05-02 04:04 443904 ----a-w- c:\windows\system32\win32spl.dll
2013-06-12 11:55 . 2013-05-02 04:03 37376 ----a-w- c:\windows\system32\printcom.dll
2013-06-12 11:55 . 2013-04-24 04:00 985600 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 11:55 . 2013-04-24 04:00 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 11:55 . 2013-04-24 04:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 11:55 . 2013-04-24 04:00 41984 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 11:55 . 2013-04-24 01:46 812544 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 11:55 . 2013-05-08 04:37 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-12 11:55 . 2013-05-02 22:03 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-12 11:55 . 2013-05-02 22:03 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-12 11:54 . 2013-04-17 12:30 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-11 07:56 . 2013-06-11 07:56 -------- d-----w- c:\program files\RealNetworks
2013-06-11 07:56 . 2013-06-11 07:56 -------- d-----w- c:\programdata\RealNetworks
2013-06-11 07:55 . 2013-06-11 07:55 -------- d-----w- c:\program files\Common Files\xing shared
2013-06-10 18:39 . 2013-06-10 18:39 -------- d-----w- c:\users\Chris\AppData\Roaming\PeerNetworking
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-30 05:53 . 2012-12-13 19:48 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-30 05:53 . 2012-12-13 19:48 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-30 00:45 . 2011-12-26 22:04 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-30 00:45 . 2011-12-26 22:00 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-11 07:54 . 2008-10-23 12:05 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-06-02 11:53 . 2013-06-02 11:53 15616 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2013-05-02 01:06 . 2011-02-04 13:29 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-15 14:20 . 2013-05-14 23:00 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 10:56 . 2013-05-14 23:00 37376 ----a-w- c:\windows\system32\cdd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-04-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-04-25 170520]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2013-06-11 295512]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-04-24 1611784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-20 20:27 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-13 05:53]
.
2013-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-16 12:16]
.
2013-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-16 12:16]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\63sderl4.default-1373117106094\
FF - ExtSQL: 2013-06-11 08:56; {FCE04E1F-9378-4f39-96F6-5689A9159E45}; c:\programdata\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-10 11:03
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
? [52784]
? [36052]
? [36036]
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
Completion time: 2013-07-10 11:05:43
ComboFix-quarantined-files.txt 2013-07-10 10:05
.
Pre-Run: 206,109,839,360 bytes free
Post-Run: 206,087,237,632 bytes free
.
- - End Of File - - C0A7D38322EE30D1C8B2ABC0823A8BE4
5C616939100B85E558DA92B899A0FC36
ComboFix 13-07-09.01 - Chris 10/07/2013 10:55:03.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3060.1263 [GMT 1:00]
Running from: c:\users\Chris\Downloads\ComboFix.exe
AV: Bitdefender Antivirus *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
SP: Bitdefender Antispyware *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1370175092.bdinstall.bin
c:\programdata\1370175395.bdinstall.bin
c:\programdata\1371376249.bdinstall.bin
c:\programdata\1371376538.bdinstall.bin
c:\windows\system32\spsys.log
.
.
((((((((((((((((((((((((( Files Created from 2013-06-10 to 2013-07-10 )))))))))))))))))))))))))))))))
.
.
2013-07-10 10:02 . 2013-07-10 10:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-07-10 10:02 . 2013-07-10 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-10 02:17 . 2013-07-10 02:17 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-07-09 12:08 . 2013-07-09 12:08 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CCAEB49-512A-4D3E-9799-3416AFCE1683}\offreg.dll
2013-07-09 11:50 . 2013-06-12 04:18 7068072 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CCAEB49-512A-4D3E-9799-3416AFCE1683}\mpengine.dll
2013-06-16 10:34 . 2013-06-16 10:34 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys
2013-06-16 10:02 . 2013-02-22 18:46 78144 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2013-06-16 10:02 . 2012-11-12 17:11 66392 ----a-w- c:\windows\system32\drivers\bdsandbox.sys
2013-06-16 10:02 . 2013-06-28 19:46 487048 ----a-w- c:\windows\system32\drivers\avckf.sys
2013-06-16 10:02 . 2013-04-17 13:59 633344 ----a-w- c:\windows\system32\drivers\avc3.sys
2013-06-16 09:58 . 2013-06-16 09:58 -------- d-----w- c:\users\Chris\AppData\Roaming\Bitdefender
2013-06-16 09:58 . 2013-06-16 10:05 -------- d-----w- c:\programdata\Bitdefender
2013-06-16 09:56 . 2012-10-04 13:30 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys
2013-06-16 09:56 . 2013-06-16 09:56 -------- d-----w- c:\program files\Bitdefender
2013-06-16 09:56 . 2013-05-28 11:11 355744 ----a-w- c:\windows\system32\drivers\trufos.sys
2013-06-12 11:55 . 2013-05-02 04:04 443904 ----a-w- c:\windows\system32\win32spl.dll
2013-06-12 11:55 . 2013-05-02 04:03 37376 ----a-w- c:\windows\system32\printcom.dll
2013-06-12 11:55 . 2013-04-24 04:00 985600 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 11:55 . 2013-04-24 04:00 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 11:55 . 2013-04-24 04:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 11:55 . 2013-04-24 04:00 41984 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 11:55 . 2013-04-24 01:46 812544 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 11:55 . 2013-05-08 04:37 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-12 11:55 . 2013-05-02 22:03 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-12 11:55 . 2013-05-02 22:03 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-12 11:54 . 2013-04-17 12:30 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-11 07:56 . 2013-06-11 07:56 -------- d-----w- c:\program files\RealNetworks
2013-06-11 07:56 . 2013-06-11 07:56 -------- d-----w- c:\programdata\RealNetworks
2013-06-11 07:55 . 2013-06-11 07:55 -------- d-----w- c:\program files\Common Files\xing shared
2013-06-10 18:39 . 2013-06-10 18:39 -------- d-----w- c:\users\Chris\AppData\Roaming\PeerNetworking
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-30 05:53 . 2012-12-13 19:48 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-30 05:53 . 2012-12-13 19:48 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-30 00:45 . 2011-12-26 22:04 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-30 00:45 . 2011-12-26 22:00 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-11 07:54 . 2008-10-23 12:05 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-06-02 11:53 . 2013-06-02 11:53 15616 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2013-05-02 01:06 . 2011-02-04 13:29 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-15 14:20 . 2013-05-14 23:00 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 10:56 . 2013-05-14 23:00 37376 ----a-w- c:\windows\system32\cdd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-04-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-04-25 170520]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2013-06-11 295512]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-04-24 1611784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-20 20:27 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-13 05:53]
.
2013-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-16 12:16]
.
2013-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-16 12:16]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\63sderl4.default-1373117106094\
FF - ExtSQL: 2013-06-11 08:56; {FCE04E1F-9378-4f39-96F6-5689A9159E45}; c:\programdata\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-10 11:03
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
? [52784]
? [36052]
? [36036]
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
Completion time: 2013-07-10 11:05:43
ComboFix-quarantined-files.txt 2013-07-10 10:05
.
Pre-Run: 206,109,839,360 bytes free
Post-Run: 206,087,237,632 bytes free
.
- - End Of File - - C0A7D38322EE30D1C8B2ABC0823A8BE4
5C616939100B85E558DA92B899A0FC36
#69
Posted 10 July 2013 - 10:22 AM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
Please tell me what problems remain.
#70
Posted 10 July 2013 - 02:32 PM
Harry44
- Topic Starter
-
- Member
-
- 45 posts
Member
it all seems okay, not been freezing
my logs okay?
my logs okay?
#71
Posted 10 July 2013 - 10:34 PM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
Let's do one more anti rootkit scan.
GMER Rootkit Revealer
Download GMER from Here. The file will be randomly named so note the file's name and save it to the Desktop.
Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The Ark.txt log
GMER Rootkit RevealerDownload GMER from Here. The file will be randomly named so note the file's name and save it to the Desktop.
- Disconnect from the Internet and close all running programs. Click on this link to see a list of programs that should be disabled. (This means your antivirus program and the MalwareBytes program)
- Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
- Before scanning make sure no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
- Double-click on the downloaded file to start the program. If running Vista / Windows 7, right click on it and select "Run as an Administrator"
- Allow the driver to load if asked.
- The first screen you will see is the initial scan screen shown in the screen shot below:
- GMER will carry out an initial scan and you must allow it to complete. If rootkit activity is found, GMER will give a warning message as shown in the screen shot below:
- If GMER gives this warning, click NO to the warning, then save a log to desktop and post back the results.
- If you do not get the Rootkit activity Warning!!!, click the "Rootkit/Malware" tab.
- In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED...
- IAT/EAT
- Drives/Partition other than Systemdrive (typically C:\)
- Show All (don't miss this one)
- Click the Scan button to begin. (Please be patient as it can take some time to complete)
- Do not use the computer for anything else during the scan.
- When the scan is finished, click Save and save the scan results to your Desktop.
- Save the file as Ark.txt and copy/paste the contents in your next reply.
- Exit the program and re-enable all active protection when done.
Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The Ark.txt log
#72
Posted 11 July 2013 - 01:20 PM
Harry44
- Topic Starter
-
- Member
-
- 45 posts
Member
it took 5 hours to run and it wont let me save, I click on save and nothing happens tried to copy but not enough space
there is a lot of stuff comes up in the malware section all about bitdefender but cant post a screenshot as nothing will work now
there is a lot of stuff comes up in the malware section all about bitdefender but cant post a screenshot as nothing will work now
Edited by Harry44, 11 July 2013 - 01:48 PM.
#73
Posted 11 July 2013 - 01:40 PM
Harry44
- Topic Starter
-
- Member
-
- 45 posts
Member
that was odd, I ran it and kept getting message user had stopped it --I couldnt save the screenshot or do anything when it was done so had to reboot my comp t ran it again (screenshot of malware) and then all of a sudden got blue screen of death on my comp
do i run it again, it was meant to be full scan and not quick scan?
do i run it again, it was meant to be full scan and not quick scan?
Attached Thumbnails
Edited by Harry44, 11 July 2013 - 01:45 PM.
#74
Posted 12 July 2013 - 08:00 AM
godawgs
-
- Retired Staff
-
- 8,228 posts
Teacher
Did the initial scan take 5 hrs., or was it after you unchecked the boxes I asked you to uncheck and then clicked the Scan button?
Did you get a warning after the initial scan like the one I showed above?
Did you get a warning after the initial scan like the one I showed above?
#75
Posted 12 July 2013 - 10:18 AM
Harry44
- Topic Starter
-
- Member
-
- 45 posts
Member
initial scan took 5 hours, no warning
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
