Jump to content

BlackenBlue

Honorary Members
  • Posts

    32
  • Joined

  • Last visited

Everything posted by BlackenBlue

  1. ok done with both updates, Java went as expected but you may want to change the standard rhetoric for the Flash player upgrade for those with Google Chrome, its pretty obnoxious to have to figure out. Also, the uninstall_flash_player.exe "link" is not a link at all. But otherwise, ready to proceed.
  2. Results of screen317's Security Check version 0.99.38 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.61.0.1400 JavaFX 2.1.1 JavaFX 2.1.0 SDK Java 7 Update 5 Java SE Development Kit 7 Update 4 Java version out of date! Adobe Flash Player 10 Flash Player out of date! Adobe Flash Player 10.1.102.64 Flash Player out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSASCui.exe Malwarebytes Anti-Malware mbamservice.exe Spybot Teatimer.exe is disabled! Windows Defender MSASCui.exe windows defender MpCmdRun.exe ``````````End of Log````````````
  3. ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK Thats the entire log file, no problems found
  4. Ok thanks for re-opening the thread, I spent the past two days interfacing with a microsoft rep, and we were able to resolve the Service Pack install issue by, in essence, swapping out the windows sys files, which worked completely, my machine is now completely updated through windows update. Which I believe was the last of the deficiencies cited. I think thats where we were with things before I got called up
  5. Ok I hit a wall with this one, it says not to run it from windows, but I dont know how to run a specific file without booting up the OS... In any case I'm out of time for the foreseeable future, I have a necessary obligation which will last for the approx. the next two weeks(June 18th(ish)), is there any way to suspend a post or will I have to start from scratch? (as for malware issues I havent noticed any negative issues in speed or stability since we ran TDSSKiller, however Steam no longer runs which is a shame (maybe it'll be resolved after the diag/cleaner programs are removed??)) Whatever the outcome of all of this you've been a fantastic help the whole way, without you my machine would have been stayed bricked and inoperable, Thanks for being a stone cold badass
  6. bluescreened again ComboFix 12-05-25.01 - Shoescifer 05/29/2012 22:22:15.7.2 - x86 Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.2046.1317 [GMT -5:00] Running from: c:\users\Shoescifer\Desktop\ComboFix.exe Command switches used :: c:\users\Shoescifer\Desktop\CFScript.txt . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . . --------------- FCopy --------------- . c:\windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.0.6001.18000_none_e19c138bba6f9093\partmgr.sys --> c:\windows\System32\drivers\partmgr.sys . ((((((((((((((((((((((((( Files Created from 2012-04-28 to 2012-05-30 ))))))))))))))))))))))))))))))) . . 2012-05-30 03:30 . 2012-05-30 03:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-05-30 03:30 . 2012-05-30 03:30 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-29 04:38 . 2012-05-29 08:46 -------- d-----w- C:\0ee755ddd88ee6b3d08d97a7a94f79 2012-05-28 05:32 . 2006-11-02 09:50 50792 ----a-w- c:\windows\system32\drivers\termdd.sys 2012-05-27 23:58 . 2012-05-27 23:58 -------- d-----w- c:\program files\Common Files\Java 2012-05-27 23:58 . 2012-04-04 23:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-05-27 21:23 . 2012-05-27 21:25 -------- d-----w- c:\program files\Oracle 2012-05-27 18:07 . 2012-05-27 18:07 -------- d-----w- c:\windows\CheckSur 2012-05-26 17:24 . 2012-05-26 17:24 -------- d-----w- c:\windows\system32\EventProviders 2012-05-26 10:10 . 2012-05-26 20:06 -------- d-----w- C:\a9294f6d8eb38cef5d3a 2012-05-26 05:14 . 2012-05-26 12:36 -------- d-----w- C:\91f982185cd6ecaba702 2012-05-25 22:53 . 2012-05-25 22:53 -------- d-----w- c:\program files\ESET 2012-05-25 17:30 . 2012-05-25 17:31 -------- d-----w- c:\program files\ERUNT 2012-05-25 07:26 . 2012-05-25 17:37 3993600 ----a-w- c:\program files\GUT7E0A.tmp 2012-05-25 07:26 . 2012-05-25 07:26 -------- d-----w- c:\program files\GUM7E09.tmp 2012-05-25 06:43 . 2012-05-30 03:56 -------- d-----w- c:\users\Shoescifer\AppData\Local\temp 2012-05-25 05:36 . 2012-05-25 18:01 -------- d-----w- C:\TDSSKiller_Quarantine 2012-05-22 04:17 . 2012-05-26 05:42 -------- d-----w- C:\perflogs . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-25 05:38 . 2010-04-09 03:32 495160 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-05-25 05:38 . 2006-11-02 08:58 270336 ----a-w- c:\windows\system32\drivers\afd.sys 2012-05-15 06:43 . 2012-05-29 06:06 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DDA8B80D-4B51-49AA-908F-901E21F5B2AC}\mpengine.dll 2012-04-04 23:47 . 2011-06-27 09:14 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-04-04 20:56 . 2010-10-31 00:50 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-16 02:26 . 2010-01-16 02:26 800544 ----a-w- c:\program files\jre-6u17-windows-i586-iftw-rv.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files\Steam\Steam.exe" [2012-05-29 1242448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "P17RunE"="P17RunE.dll" [2008-03-28 14848] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\99010816.sys] @="" . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun "Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun "Google Update"="c:\users\Shoescifer\AppData\Local\Google\Update\GoogleUpdate.exe" /c "SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiSpywareOverride"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LPDService REG_MULTI_SZ ipripsvc REG_MULTI_SZ iprip . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}] 2008-04-11 22:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}] 2008-08-28 15:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe . Contents of the 'Scheduled Tasks' folder . 2012-05-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-840902920-1704781909-3159423318-1000Core.job - c:\users\Shoescifer\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-06 10:01] . 2012-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-840902920-1704781909-3159423318-1000UA.job - c:\users\Shoescifer\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-06 10:01] . 2012-05-29 c:\windows\Tasks\User_Feed_Synchronization-{9DE75119-81A1-4BA2-A9F4-CAF78063A6EA}.job - c:\windows\system32\msfeedssync.exe [2006-11-02 09:45] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ Trusted Zone: malwarebytes.org\forums TCP: DhcpNameServer = 10.0.0.1 DPF: {8D7624E2-F8CB-412B-9132-FD571DBA78FB} . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-05-29 22:56 Windows 6.0.6000 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-840902920-1704781909-3159423318-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:38,b8,14,9e,15,6d,db,d8,eb,95,d0,e1,08,e8,3f,16,24,c7,c4,3f,8b,51,e8, 41,d1,f4,3c,0b,d2,d6,b2,f8,c0,f2,52,df,5d,c9,b2,bb,c0,f6,b0,a4,66,7b,8a,15,\ "??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d . [HKEY_USERS\S-1-5-21-840902920-1704781909-3159423318-1000\Software\SecuROM\License information*] "datasecu"=hex:82,5f,4e,37,f7,b5,e9,84,f4,8c,49,0e,5e,e9,e2,c3,e2,44,9c,b7,87, b2,36,e8,8f,7e,bc,1d,8f,1c,43,01,db,f2,de,38,89,6e,ab,1d,d4,20,69,45,eb,38,\ "rkeysecu"=hex:dc,44,49,72,7d,37,2a,e1,3b,1d,55,01,31,75,e2,de . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Creative\Shared Files\CTAudSvc.exe c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\windows\System32\tcpsvcs.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\nfsclnt.exe c:\program files\Spybot - Search & Destroy\SDWinSec.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\System32\rundll32.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe . ************************************************************************** . Completion time: 2012-05-29 23:03:20 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-30 04:03 ComboFix2.txt 2012-05-30 02:57 ComboFix3.txt 2012-05-29 23:37 ComboFix4.txt 2012-05-29 21:34 ComboFix5.txt 2012-05-30 03:20 . Pre-Run: 28,405,837,824 bytes free Post-Run: 28,152,799,232 bytes free . - - End Of File - - A35959E2315F3A676E651367A8500A67
  7. ok update, increased paging file to three times RAM on both min and max values, ran script = Blue Screen (the same combo fix one that doesnt state any specific file just the technical information) reduced values to two time RAM both max and min values, running CF now,
  8. ... Dammit dude, Stop Error on restart again, had to use Startup Repair again to get back here ComboFix 12-05-25.01 - Shoescifer 05/29/2012 18:00:14.5.2 - x86 Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.2046.969 [GMT -5:00] Running from: c:\users\Shoescifer\Desktop\ComboFix.exe Command switches used :: c:\users\Shoescifer\Desktop\CFScript.txt . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . . --------------- FCopy --------------- . c:\windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.0.6001.18000_none_e19c138bba6f9093\partmgr.sys --> c:\windows\System32\drivers\partmgr.sys . ((((((((((((((((((((((((( Files Created from 2012-04-28 to 2012-05-29 ))))))))))))))))))))))))))))))) . . 2012-05-29 23:07 . 2012-05-29 23:07 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-05-29 23:07 . 2012-05-29 23:07 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-29 04:38 . 2012-05-29 08:46 -------- d-----w- C:\0ee755ddd88ee6b3d08d97a7a94f79 2012-05-28 05:32 . 2006-11-02 09:50 50792 ----a-w- c:\windows\system32\drivers\termdd.sys 2012-05-27 23:58 . 2012-05-27 23:58 -------- d-----w- c:\program files\Common Files\Java 2012-05-27 23:58 . 2012-04-04 23:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-05-27 21:23 . 2012-05-27 21:25 -------- d-----w- c:\program files\Oracle 2012-05-27 18:07 . 2012-05-27 18:07 -------- d-----w- c:\windows\CheckSur 2012-05-26 17:24 . 2012-05-26 17:24 -------- d-----w- c:\windows\system32\EventProviders 2012-05-26 10:10 . 2012-05-26 20:06 -------- d-----w- C:\a9294f6d8eb38cef5d3a 2012-05-26 05:14 . 2012-05-26 12:36 -------- d-----w- C:\91f982185cd6ecaba702 2012-05-25 22:53 . 2012-05-25 22:53 -------- d-----w- c:\program files\ESET 2012-05-25 17:30 . 2012-05-25 17:31 -------- d-----w- c:\program files\ERUNT 2012-05-25 07:26 . 2012-05-25 17:37 3993600 ----a-w- c:\program files\GUT7E0A.tmp 2012-05-25 07:26 . 2012-05-25 07:26 -------- d-----w- c:\program files\GUM7E09.tmp 2012-05-25 06:43 . 2012-05-29 23:30 -------- d-----w- c:\users\Shoescifer\AppData\Local\temp 2012-05-25 05:36 . 2012-05-25 18:01 -------- d-----w- C:\TDSSKiller_Quarantine 2012-05-22 04:17 . 2012-05-26 05:42 -------- d-----w- C:\perflogs . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-25 05:38 . 2010-04-09 03:32 495160 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-05-25 05:38 . 2006-11-02 08:58 270336 ----a-w- c:\windows\system32\drivers\afd.sys 2012-05-15 06:43 . 2012-05-29 06:06 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DDA8B80D-4B51-49AA-908F-901E21F5B2AC}\mpengine.dll 2012-04-04 23:47 . 2011-06-27 09:14 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-04-04 20:56 . 2010-10-31 00:50 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-16 02:26 . 2010-01-16 02:26 800544 ----a-w- c:\program files\jre-6u17-windows-i586-iftw-rv.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files\Steam\Steam.exe" [2012-05-29 1242448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "P17RunE"="P17RunE.dll" [2008-03-28 14848] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\99010816.sys] @="" . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun "Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun "Google Update"="c:\users\Shoescifer\AppData\Local\Google\Update\GoogleUpdate.exe" /c "SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiSpywareOverride"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LPDService REG_MULTI_SZ ipripsvc REG_MULTI_SZ iprip . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}] 2008-04-11 22:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}] 2008-08-28 15:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe . Contents of the 'Scheduled Tasks' folder . 2012-05-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-840902920-1704781909-3159423318-1000Core.job - c:\users\Shoescifer\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-06 10:01] . 2012-05-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-840902920-1704781909-3159423318-1000UA.job - c:\users\Shoescifer\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-06 10:01] . 2012-05-29 c:\windows\Tasks\User_Feed_Synchronization-{9DE75119-81A1-4BA2-A9F4-CAF78063A6EA}.job - c:\windows\system32\msfeedssync.exe [2006-11-02 09:45] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ Trusted Zone: malwarebytes.org\forums TCP: DhcpNameServer = 10.0.0.1 DPF: {8D7624E2-F8CB-412B-9132-FD571DBA78FB} . . ************************************************************************** scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-840902920-1704781909-3159423318-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:38,b8,14,9e,15,6d,db,d8,eb,95,d0,e1,08,e8,3f,16,24,c7,c4,3f,8b,51,e8, 41,d1,f4,3c,0b,d2,d6,b2,f8,c0,f2,52,df,5d,c9,b2,bb,c0,f6,b0,a4,66,7b,8a,15,\ "??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d . [HKEY_USERS\S-1-5-21-840902920-1704781909-3159423318-1000\Software\SecuROM\License information*] "datasecu"=hex:82,5f,4e,37,f7,b5,e9,84,f4,8c,49,0e,5e,e9,e2,c3,e2,44,9c,b7,87, b2,36,e8,8f,7e,bc,1d,8f,1c,43,01,db,f2,de,38,89,6e,ab,1d,d4,20,69,45,eb,38,\ "rkeysecu"=hex:dc,44,49,72,7d,37,2a,e1,3b,1d,55,01,31,75,e2,de . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Creative\Shared Files\CTAudSvc.exe c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\windows\System32\tcpsvcs.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Spybot - Search & Destroy\SDWinSec.exe c:\windows\system32\nfsclnt.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\System32\rundll32.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe . ************************************************************************** . Completion time: 2012-05-29 18:37:04 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-29 23:37 ComboFix2.txt 2012-05-29 21:34 ComboFix3.txt 2012-05-25 17:59 ComboFix4.txt 2012-05-25 06:43 ComboFix5.txt 2012-05-29 22:58 . Pre-Run: 30,767,448,064 bytes free Post-Run: 30,538,993,664 bytes free . - - End Of File - - 75F84394FAA9A22F2ED057514F31CA16
  9. Damn I thought I had a USB -> PS2 converter round here somewhere, suppose not though unfortunately I dont have any user interfaces that don't use USB..... I unplugged the printer, (it may be worth noting that I have two usb slots in the back and two in front, to avoid any other issues I moved both mouse and keyboard to the back)) since I'm still a little wary of ComboFix I wanted to ensure that this (below) is the CFscript.txt you want me to run FCopy:: C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.0.6001.18000_none_e19c138bba6f9093\partmgr.sys | C:\Windows\System32\drivers\partmgr.sys Reboot::
  10. Oh erm... I have a GE dual scroll mouse, a logitech G11 keyboard and a small HP printer (that has no power going to it) all of which are connected through my USB ports... could this be an issue?
  11. SystemLook 30.07.11 by jpshortstuff Log created at 17:27 on 29/05/2012 by Shoescifer Administrator - Elevation successful ========== filefind ========== That time it look only a few seconds here ya go Searching for "partmgr.sys" C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.0.6001.18000_none_e19c138bba6f9093\partmgr.sys ------- 56376 bytes [10:12 26/05/2012] [07:42 19/01/2008] 3B38467E7C3DAED009DFE359E17F139F C:\Windows\System32\drivers\partmgr.sys --a---- 49256 bytes [08:51 02/11/2006] [09:50 02/11/2006] 555A5B2C8022983BC7467BC925B222EE C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.0.6000.16386_none_df65518fbd847fbf\partmgr.sys --a---- 49256 bytes [08:51 02/11/2006] [09:50 02/11/2006] 555A5B2C8022983BC7467BC925B222EE -= EOF =-
  12. It BlueScreened during the scan, and then once again when trying to boot back, ran startup repair from the disk, booted up unassisted, I was amazed to find that ComboFix was open once I logged in and tabulating a report. I hope there'/s some useful information in there for you.... ComboFix 12-05-25.01 - Shoescifer 05/29/2012 15:02:01.4.2 - x86 Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.2046.1117 [GMT -5:00] Running from: c:\users\Shoescifer\Desktop\ComboFix.exe Command switches used :: c:\users\Shoescifer\Desktop\CFScript.txt . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . . --------------- FCopy --------------- . c:\windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.0.6001.18000_none_e19c138bba6f9093\partmgr.sys --> c:\windows\System32\drivers\partmgr.sys . ((((((((((((((((((((((((( Files Created from 2012-04-28 to 2012-05-29 ))))))))))))))))))))))))))))))) . . 2012-05-29 20:09 . 2012-05-29 20:09 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-05-29 20:09 . 2012-05-29 20:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-29 06:06 . 2012-05-15 06:43 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DDA8B80D-4B51-49AA-908F-901E21F5B2AC}\mpengine.dll 2012-05-29 04:38 . 2012-05-29 08:46 -------- d-----w- C:\0ee755ddd88ee6b3d08d97a7a94f79 2012-05-28 05:32 . 2006-11-02 09:50 50792 ----a-w- c:\windows\system32\drivers\termdd.sys 2012-05-27 23:58 . 2012-05-27 23:58 -------- d-----w- c:\program files\Common Files\Java 2012-05-27 23:58 . 2012-04-04 23:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-05-27 21:23 . 2012-05-27 21:25 -------- d-----w- c:\program files\Oracle 2012-05-27 18:07 . 2012-05-27 18:07 -------- d-----w- c:\windows\CheckSur 2012-05-26 17:24 . 2012-05-26 17:24 -------- d-----w- c:\windows\system32\EventProviders 2012-05-26 10:10 . 2012-05-26 20:06 -------- d-----w- C:\a9294f6d8eb38cef5d3a 2012-05-26 05:14 . 2012-05-26 12:36 -------- d-----w- C:\91f982185cd6ecaba702 2012-05-25 22:53 . 2012-05-25 22:53 -------- d-----w- c:\program files\ESET 2012-05-25 17:30 . 2012-05-25 17:31 -------- d-----w- c:\program files\ERUNT 2012-05-25 07:26 . 2012-05-25 17:37 3993600 ----a-w- c:\program files\GUT7E0A.tmp 2012-05-25 07:26 . 2012-05-25 07:26 -------- d-----w- c:\program files\GUM7E09.tmp 2012-05-25 06:43 . 2012-05-29 21:30 -------- d-----w- c:\users\Shoescifer\AppData\Local\temp 2012-05-25 05:36 . 2012-05-25 18:01 -------- d-----w- C:\TDSSKiller_Quarantine 2012-05-22 04:17 . 2012-05-26 05:42 -------- d-----w- C:\perflogs . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-25 05:38 . 2010-04-09 03:32 495160 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-05-25 05:38 . 2006-11-02 08:58 270336 ----a-w- c:\windows\system32\drivers\afd.sys 2012-04-04 23:47 . 2011-06-27 09:14 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-04-04 20:56 . 2010-10-31 00:50 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-16 02:26 . 2010-01-16 02:26 800544 ----a-w- c:\program files\jre-6u17-windows-i586-iftw-rv.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files\Steam\Steam.exe" [2012-05-29 1242448] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "P17RunE"="P17RunE.dll" [2008-03-28 14848] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1126400] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\99010816.sys] @="" . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun "Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun "Google Update"="c:\users\Shoescifer\AppData\Local\Google\Update\GoogleUpdate.exe" /c "SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiSpywareOverride"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LPDService REG_MULTI_SZ ipripsvc REG_MULTI_SZ iprip . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}] 2008-04-11 22:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}] 2008-08-28 15:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe . Contents of the 'Scheduled Tasks' folder . 2012-05-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-840902920-1704781909-3159423318-1000Core.job - c:\users\Shoescifer\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-06 10:01] . 2012-05-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-840902920-1704781909-3159423318-1000UA.job - c:\users\Shoescifer\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-06 10:01] . 2012-05-29 c:\windows\Tasks\User_Feed_Synchronization-{9DE75119-81A1-4BA2-A9F4-CAF78063A6EA}.job - c:\windows\system32\msfeedssync.exe [2006-11-02 09:45] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ Trusted Zone: malwarebytes.org\forums TCP: DhcpNameServer = 10.0.0.1 DPF: {8D7624E2-F8CB-412B-9132-FD571DBA78FB} . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-05-29 16:30 Windows 6.0.6000 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-840902920-1704781909-3159423318-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:38,b8,14,9e,15,6d,db,d8,eb,95,d0,e1,08,e8,3f,16,24,c7,c4,3f,8b,51,e8, 41,d1,f4,3c,0b,d2,d6,b2,f8,c0,f2,52,df,5d,c9,b2,bb,c0,f6,b0,a4,66,7b,8a,15,\ "??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d . [HKEY_USERS\S-1-5-21-840902920-1704781909-3159423318-1000\Software\SecuROM\License information*] "datasecu"=hex:82,5f,4e,37,f7,b5,e9,84,f4,8c,49,0e,5e,e9,e2,c3,e2,44,9c,b7,87, b2,36,e8,8f,7e,bc,1d,8f,1c,43,01,db,f2,de,38,89,6e,ab,1d,d4,20,69,45,eb,38,\ "rkeysecu"=hex:dc,44,49,72,7d,37,2a,e1,3b,1d,55,01,31,75,e2,de . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\Creative\Shared Files\CTAudSvc.exe c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\windows\System32\tcpsvcs.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Spybot - Search & Destroy\SDWinSec.exe c:\windows\system32\nfsclnt.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\System32\rundll32.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\windows\system32\wbem\unsecapp.exe . ************************************************************************** . Completion time: 2012-05-29 16:34:24 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-29 21:34 ComboFix2.txt 2012-05-25 17:59 ComboFix3.txt 2012-05-25 06:43 ComboFix4.txt 2012-05-25 06:18 . Pre-Run: 30,571,380,736 bytes free Post-Run: 30,706,405,376 bytes free . - - End Of File - - 4D0AB7528D21DB9C3E86EB05CE80EE01
  13. SystemLook 30.07.11 by jpshortstuff Log created at 13:41 on 29/05/2012 by Shoescifer Administrator - Elevation successful ========== filefind ========== Searching for "partmgr.sys" C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.0.6001.18000_none_e19c138bba6f9093\partmgr.sys --a---- 56376 bytes [10:12 26/05/2012] [07:42 19/01/2008] 3B38467E7C3DAED009DFE359E17F139F C:\Windows\System32\drivers\partmgr.sys --a---- 49256 bytes [08:51 02/11/2006] [09:50 02/11/2006] 555A5B2C8022983BC7467BC925B222EE C:\Windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.0.6000.16386_none_df65518fbd847fbf\partmgr.sys --a---- 49256 bytes [08:51 02/11/2006] [09:50 02/11/2006] 555A5B2C8022983BC7467BC925B222EE -= EOF =-
  14. Nope, nor is there one that was successful in my update history, many many unsuccessful ones though
  15. dl update, saved to downloads folder, run, agree to EULA, Preparing computer for update, "You must install Service Pack 1 before you can install SP2" ...Bugga
  16. All done, didn't take nearly as long as I expected, it said it found a few things it couldn't repair at the end (I'm guessing that was simply because of the scan only parameters). 2012-05-28 00:24:11, Info CSI 00000006 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:11, Info CSI 00000007 [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:16, Info CSI 00000009 [sR] Verify complete 2012-05-28 00:24:16, Info CSI 0000000a [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:16, Info CSI 0000000b [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:21, Info CSI 0000000d [sR] Verify complete 2012-05-28 00:24:21, Info CSI 0000000e [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:21, Info CSI 0000000f [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:23, Info CSI 00000011 [sR] Verify complete 2012-05-28 00:24:23, Info CSI 00000012 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:23, Info CSI 00000013 [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:24, Info CSI 00000015 [sR] Verify complete 2012-05-28 00:24:24, Info CSI 00000016 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:24, Info CSI 00000017 [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:25, Info CSI 00000019 [sR] Verify complete 2012-05-28 00:24:26, Info CSI 0000001a [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:26, Info CSI 0000001b [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:27, Info CSI 0000001d [sR] Verify complete 2012-05-28 00:24:27, Info CSI 0000001e [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:27, Info CSI 0000001f [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:28, Info CSI 00000021 [sR] Verify complete 2012-05-28 00:24:29, Info CSI 00000022 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:29, Info CSI 00000023 [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:30, Info CSI 00000025 [sR] Verify complete 2012-05-28 00:24:30, Info CSI 00000026 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:30, Info CSI 00000027 [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:31, Info CSI 00000029 [sR] Verify complete 2012-05-28 00:24:32, Info CSI 0000002a [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:32, Info CSI 0000002b [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:33, Info CSI 0000002d [sR] Verify complete 2012-05-28 00:24:33, Info CSI 0000002e [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:33, Info CSI 0000002f [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:35, Info CSI 00000031 [sR] Verify complete 2012-05-28 00:24:35, Info CSI 00000032 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:35, Info CSI 00000033 [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:37, Info CSI 00000035 [sR] Verify complete 2012-05-28 00:24:37, Info CSI 00000036 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:37, Info CSI 00000037 [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:39, Info CSI 00000039 [sR] Verify complete 2012-05-28 00:24:39, Info CSI 0000003a [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:39, Info CSI 0000003b [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:41, Info CSI 0000003d [sR] Verify complete 2012-05-28 00:24:41, Info CSI 0000003e [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:41, Info CSI 0000003f [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:43, Info CSI 00000041 [sR] Verify complete 2012-05-28 00:24:43, Info CSI 00000042 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:43, Info CSI 00000043 [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:45, Info CSI 00000045 [sR] Verify complete 2012-05-28 00:24:46, Info CSI 00000046 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:46, Info CSI 00000047 [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:51, Info CSI 00000049 [sR] Verify complete 2012-05-28 00:24:52, Info CSI 0000004a [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:52, Info CSI 0000004b [sR] Beginning Verify and Repair transaction 2012-05-28 00:24:58, Info CSI 0000004d [sR] Verify complete 2012-05-28 00:24:58, Info CSI 0000004e [sR] Verifying 100 (0x00000064) components 2012-05-28 00:24:58, Info CSI 0000004f [sR] Beginning Verify and Repair transaction 2012-05-28 00:25:03, Info CSI 00000052 [sR] Verify complete 2012-05-28 00:25:03, Info CSI 00000053 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:25:03, Info CSI 00000054 [sR] Beginning Verify and Repair transaction 2012-05-28 00:25:08, Info CSI 00000057 [sR] Verify complete 2012-05-28 00:25:08, Info CSI 00000058 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:25:08, Info CSI 00000059 [sR] Beginning Verify and Repair transaction 2012-05-28 00:25:13, Info CSI 0000005b [sR] Verify complete 2012-05-28 00:25:13, Info CSI 0000005c [sR] Verifying 100 (0x00000064) components 2012-05-28 00:25:13, Info CSI 0000005d [sR] Beginning Verify and Repair transaction 2012-05-28 00:25:24, Info CSI 00000067 [sR] Verify complete 2012-05-28 00:25:24, Info CSI 00000068 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:25:24, Info CSI 00000069 [sR] Beginning Verify and Repair transaction 2012-05-28 00:25:37, Info CSI 0000006b [sR] Verify complete 2012-05-28 00:25:37, Info CSI 0000006c [sR] Verifying 100 (0x00000064) components 2012-05-28 00:25:37, Info CSI 0000006d [sR] Beginning Verify and Repair transaction 2012-05-28 00:25:44, Info CSI 0000006f [sR] Verify complete 2012-05-28 00:25:45, Info CSI 00000070 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:25:45, Info CSI 00000071 [sR] Beginning Verify and Repair transaction 2012-05-28 00:25:50, Info CSI 00000073 [sR] Verify complete 2012-05-28 00:25:50, Info CSI 00000074 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:25:50, Info CSI 00000075 [sR] Beginning Verify and Repair transaction 2012-05-28 00:25:59, Info CSI 00000077 [sR] Verify complete 2012-05-28 00:25:59, Info CSI 00000078 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:25:59, Info CSI 00000079 [sR] Beginning Verify and Repair transaction 2012-05-28 00:26:08, Info CSI 0000007b [sR] Verify complete 2012-05-28 00:26:08, Info CSI 0000007c [sR] Verifying 100 (0x00000064) components 2012-05-28 00:26:08, Info CSI 0000007d [sR] Beginning Verify and Repair transaction 2012-05-28 00:26:19, Info CSI 00000081 [sR] Verify complete 2012-05-28 00:26:20, Info CSI 00000082 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:26:20, Info CSI 00000083 [sR] Beginning Verify and Repair transaction 2012-05-28 00:26:34, Info CSI 00000085 [sR] Verify complete 2012-05-28 00:26:34, Info CSI 00000086 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:26:34, Info CSI 00000087 [sR] Beginning Verify and Repair transaction 2012-05-28 00:26:51, Info CSI 00000089 [sR] Verify complete 2012-05-28 00:26:51, Info CSI 0000008a [sR] Verifying 100 (0x00000064) components 2012-05-28 00:26:51, Info CSI 0000008b [sR] Beginning Verify and Repair transaction 2012-05-28 00:26:59, Info CSI 0000008d [sR] Verify complete 2012-05-28 00:26:59, Info CSI 0000008e [sR] Verifying 100 (0x00000064) components 2012-05-28 00:26:59, Info CSI 0000008f [sR] Beginning Verify and Repair transaction 2012-05-28 00:27:02, Info CSI 00000091 [sR] Verify complete 2012-05-28 00:27:02, Info CSI 00000092 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:27:02, Info CSI 00000093 [sR] Beginning Verify and Repair transaction 2012-05-28 00:27:05, Info CSI 00000095 [sR] Verify complete 2012-05-28 00:27:05, Info CSI 00000096 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:27:05, Info CSI 00000097 [sR] Beginning Verify and Repair transaction 2012-05-28 00:27:08, Info CSI 00000099 [sR] Verify complete 2012-05-28 00:27:09, Info CSI 0000009a [sR] Verifying 100 (0x00000064) components 2012-05-28 00:27:09, Info CSI 0000009b [sR] Beginning Verify and Repair transaction 2012-05-28 00:27:21, Info CSI 000000b9 [sR] Verify complete 2012-05-28 00:27:21, Info CSI 000000ba [sR] Verifying 100 (0x00000064) components 2012-05-28 00:27:21, Info CSI 000000bb [sR] Beginning Verify and Repair transaction 2012-05-28 00:27:24, Info CSI 000000bd [sR] Verify complete 2012-05-28 00:27:25, Info CSI 000000be [sR] Verifying 100 (0x00000064) components 2012-05-28 00:27:25, Info CSI 000000bf [sR] Beginning Verify and Repair transaction 2012-05-28 00:27:30, Info CSI 000000c1 [sR] Verify complete 2012-05-28 00:27:30, Info CSI 000000c2 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:27:30, Info CSI 000000c3 [sR] Beginning Verify and Repair transaction 2012-05-28 00:27:35, Info CSI 000000c5 [sR] Verify complete 2012-05-28 00:27:36, Info CSI 000000c6 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:27:36, Info CSI 000000c7 [sR] Beginning Verify and Repair transaction 2012-05-28 00:27:46, Info CSI 000000c9 [sR] Verify complete 2012-05-28 00:27:46, Info CSI 000000ca [sR] Verifying 100 (0x00000064) components 2012-05-28 00:27:46, Info CSI 000000cb [sR] Beginning Verify and Repair transaction 2012-05-28 00:27:52, Info CSI 000000cd [sR] Verify complete 2012-05-28 00:27:52, Info CSI 000000ce [sR] Verifying 100 (0x00000064) components 2012-05-28 00:27:52, Info CSI 000000cf [sR] Beginning Verify and Repair transaction 2012-05-28 00:28:01, Info CSI 000000d1 [sR] Verify complete 2012-05-28 00:28:02, Info CSI 000000d2 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:28:02, Info CSI 000000d3 [sR] Beginning Verify and Repair transaction 2012-05-28 00:28:06, Info CSI 000000d5 [sR] Verify complete 2012-05-28 00:28:06, Info CSI 000000d6 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:28:06, Info CSI 000000d7 [sR] Beginning Verify and Repair transaction 2012-05-28 00:28:12, Info CSI 000000d9 [sR] Verify complete 2012-05-28 00:28:12, Info CSI 000000da [sR] Verifying 100 (0x00000064) components 2012-05-28 00:28:12, Info CSI 000000db [sR] Beginning Verify and Repair transaction 2012-05-28 00:28:22, Info CSI 000000e4 [sR] Verify complete 2012-05-28 00:28:22, Info CSI 000000e5 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:28:22, Info CSI 000000e6 [sR] Beginning Verify and Repair transaction 2012-05-28 00:28:35, Info CSI 00000104 [sR] Verify complete 2012-05-28 00:28:36, Info CSI 00000105 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:28:36, Info CSI 00000106 [sR] Beginning Verify and Repair transaction 2012-05-28 00:28:45, Info CSI 00000108 [sR] Verify complete 2012-05-28 00:28:45, Info CSI 00000109 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:28:45, Info CSI 0000010a [sR] Beginning Verify and Repair transaction 2012-05-28 00:29:06, Info CSI 0000010c [sR] Verify complete 2012-05-28 00:29:07, Info CSI 0000010d [sR] Verifying 100 (0x00000064) components 2012-05-28 00:29:07, Info CSI 0000010e [sR] Beginning Verify and Repair transaction 2012-05-28 00:29:20, Info CSI 00000110 [sR] Verify complete 2012-05-28 00:29:21, Info CSI 00000111 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:29:21, Info CSI 00000112 [sR] Beginning Verify and Repair transaction 2012-05-28 00:29:30, Info CSI 00000114 [sR] Verify complete 2012-05-28 00:29:30, Info CSI 00000115 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:29:30, Info CSI 00000116 [sR] Beginning Verify and Repair transaction 2012-05-28 00:29:37, Info CSI 00000118 [sR] Verify complete 2012-05-28 00:29:37, Info CSI 00000119 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:29:37, Info CSI 0000011a [sR] Beginning Verify and Repair transaction 2012-05-28 00:29:42, Info CSI 0000011c [sR] Verify complete 2012-05-28 00:29:42, Info CSI 0000011d [sR] Verifying 100 (0x00000064) components 2012-05-28 00:29:42, Info CSI 0000011e [sR] Beginning Verify and Repair transaction 2012-05-28 00:29:48, Info CSI 00000121 [sR] Verify complete 2012-05-28 00:29:48, Info CSI 00000122 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:29:48, Info CSI 00000123 [sR] Beginning Verify and Repair transaction 2012-05-28 00:30:01, Info CSI 00000125 [sR] Verify complete 2012-05-28 00:30:02, Info CSI 00000126 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:30:02, Info CSI 00000127 [sR] Beginning Verify and Repair transaction 2012-05-28 00:30:11, Info CSI 00000129 [sR] Verify complete 2012-05-28 00:30:12, Info CSI 0000012a [sR] Verifying 100 (0x00000064) components 2012-05-28 00:30:12, Info CSI 0000012b [sR] Beginning Verify and Repair transaction 2012-05-28 00:30:18, Info CSI 0000012d [sR] Verify complete 2012-05-28 00:30:18, Info CSI 0000012e [sR] Verifying 100 (0x00000064) components 2012-05-28 00:30:18, Info CSI 0000012f [sR] Beginning Verify and Repair transaction 2012-05-28 00:30:31, Info CSI 00000131 [sR] Verify complete 2012-05-28 00:30:31, Info CSI 00000132 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:30:31, Info CSI 00000133 [sR] Beginning Verify and Repair transaction 2012-05-28 00:30:39, Info CSI 00000135 [sR] Verify complete 2012-05-28 00:30:39, Info CSI 00000136 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:30:39, Info CSI 00000137 [sR] Beginning Verify and Repair transaction 2012-05-28 00:30:45, Info CSI 00000139 [sR] Verify complete 2012-05-28 00:30:45, Info CSI 0000013a [sR] Verifying 100 (0x00000064) components 2012-05-28 00:30:45, Info CSI 0000013b [sR] Beginning Verify and Repair transaction 2012-05-28 00:30:55, Info CSI 0000013d [sR] Verify complete 2012-05-28 00:30:56, Info CSI 0000013e [sR] Verifying 100 (0x00000064) components 2012-05-28 00:30:56, Info CSI 0000013f [sR] Beginning Verify and Repair transaction 2012-05-28 00:31:06, Info CSI 00000142 [sR] Verify complete 2012-05-28 00:31:07, Info CSI 00000143 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:31:07, Info CSI 00000144 [sR] Beginning Verify and Repair transaction 2012-05-28 00:31:13, Info CSI 00000146 [sR] Verify complete 2012-05-28 00:31:13, Info CSI 00000147 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:31:13, Info CSI 00000148 [sR] Beginning Verify and Repair transaction 2012-05-28 00:31:20, Info CSI 0000014a [sR] Verify complete 2012-05-28 00:31:20, Info CSI 0000014b [sR] Verifying 100 (0x00000064) components 2012-05-28 00:31:20, Info CSI 0000014c [sR] Beginning Verify and Repair transaction 2012-05-28 00:31:26, Info CSI 0000014e [sR] Verify complete 2012-05-28 00:31:26, Info CSI 0000014f [sR] Verifying 100 (0x00000064) components 2012-05-28 00:31:26, Info CSI 00000150 [sR] Beginning Verify and Repair transaction 2012-05-28 00:31:34, Info CSI 00000152 [sR] Verify complete 2012-05-28 00:31:34, Info CSI 00000153 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:31:34, Info CSI 00000154 [sR] Beginning Verify and Repair transaction 2012-05-28 00:31:43, Info CSI 00000156 [sR] Verify complete 2012-05-28 00:31:43, Info CSI 00000157 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:31:43, Info CSI 00000158 [sR] Beginning Verify and Repair transaction 2012-05-28 00:31:51, Info CSI 0000015a [sR] Verify complete 2012-05-28 00:31:51, Info CSI 0000015b [sR] Verifying 100 (0x00000064) components 2012-05-28 00:31:51, Info CSI 0000015c [sR] Beginning Verify and Repair transaction 2012-05-28 00:31:55, Info CSI 0000015e [sR] Verify complete 2012-05-28 00:31:55, Info CSI 0000015f [sR] Verifying 100 (0x00000064) components 2012-05-28 00:31:55, Info CSI 00000160 [sR] Beginning Verify and Repair transaction 2012-05-28 00:32:02, Info CSI 00000162 [sR] Verify complete 2012-05-28 00:32:02, Info CSI 00000163 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:32:02, Info CSI 00000164 [sR] Beginning Verify and Repair transaction 2012-05-28 00:32:08, Info CSI 00000166 [sR] Verify complete 2012-05-28 00:32:09, Info CSI 00000167 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:32:09, Info CSI 00000168 [sR] Beginning Verify and Repair transaction 2012-05-28 00:32:14, Info CSI 0000016a [sR] Verify complete 2012-05-28 00:32:14, Info CSI 0000016b [sR] Verifying 100 (0x00000064) components 2012-05-28 00:32:14, Info CSI 0000016c [sR] Beginning Verify and Repair transaction 2012-05-28 00:32:24, Info CSI 0000016e [sR] Verify complete 2012-05-28 00:32:24, Info CSI 0000016f [sR] Verifying 100 (0x00000064) components 2012-05-28 00:32:24, Info CSI 00000170 [sR] Beginning Verify and Repair transaction 2012-05-28 00:32:29, Info CSI 00000172 [sR] Verify complete 2012-05-28 00:32:30, Info CSI 00000173 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:32:30, Info CSI 00000174 [sR] Beginning Verify and Repair transaction 2012-05-28 00:32:34, Info CSI 00000176 [sR] Verify complete 2012-05-28 00:32:35, Info CSI 00000177 [sR] Verifying 100 (0x00000064) components 2012-05-28 00:32:35, Info CSI 00000178 [sR] Beginning Verify and Repair transaction 2012-05-28 00:32:42, Info CSI 0000017a [sR] Verify complete 2012-05-28 00:32:42, Info CSI 0000017b [sR] Verifying 4 components 2012-05-28 00:32:42, Info CSI 0000017c [sR] Beginning Verify and Repair transaction 2012-05-28 00:32:42, Info CSI 0000017e [sR] Verify complete 2012-05-28 00:32:42, Info CSI 0000017f [sR] Repairing 0 components 2012-05-28 00:32:42, Info CSI 00000180 [sR] Beginning Verify and Repair transaction 2012-05-28 00:32:42, Info CSI 00000182 [sR] Repair complete
  17. yes, only account on this machine, and have taken special care to run everything I can "as administrator" cause I know windows can be a bit funny about permissions
  18. it popped up as it has (every time save the first) with the box saying that it was installing part 1 of 1, however (unlike the first) the green progress bar never showed up, although after about thirty minutes it proclaimed that the installation had been completed.
  19. No worries man you've been awesome, restored to earlier point, redid the Java update, reran the readiness tool, heres the scan results Results of screen317's Security Check version 0.99.39 Windows Vista x86 (UAC is enabled) Out of date service pack!! Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.61.0.1400 JavaFX 2.1.0 JavaFX 2.1.0 SDK Java 7 Update 4 Java SE Development Kit 7 Update 4 Adobe Flash Player 10 Flash Player out of date! Adobe Flash Player 10.1.102.64 Flash Player out of Date! Adobe Flash Player 10.1.102.64 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Spybot Teatimer.exe is disabled! `````````````````System Health check````````````````` Total Fragmentation on Drive C: 6 % Defragment your hard drive soon! ````````````````````End of Log``````````````````````
  20. Not quite, it opens, says its installing, (no green loading bar, stays completely blank) then about 30 min later it pops up with install complete (I may have buggered the initial install of the readiness tool because I'm a dumb-ass, would rolling back to the most recent failed SP install and trying the tool again work?). When I tried installing SP2 it said I needed SP1 when I try SP1 I get the stop error.
  21. WVCheck's Registry Check Check ----------------------- Antiwpa: Not Found ----------------------- Chew7Hale: Not Found ----------------------- WVCheck's File Dump ----------------------- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-security-licensing-wga_31bf3856ad364e35_6.0.6001.18000_none_4e4769e7f9aab897\slwga.dll Size: 12288 bytes Creation; 26/5/2012 5:9:45 Modification; 19/1/2008 1:36:30 MD5; 7269a928bc18dafbddcffb96b6e987f1 Matched: slwga.dll ----------------------- C:\Windows\System32\slwga.dll Size: 12288 bytes Creation; 2/11/2006 3:44:14 Modification; 2/11/2006 4:46:13 MD5; b39f1844ad6c656f64acd32caee72caa Matched: slwga.dll ----------------------- C:\Windows\winsxs\x86_microsoft-windows-security-licensing-wga_31bf3856ad364e35_6.0.6000.16386_none_4c10a7ebfcbfa7c3\slwga.dll Size: 12288 bytes Creation; 2/11/2006 3:44:14 Modification; 2/11/2006 4:46:13 MD5; b39f1844ad6c656f64acd32caee72caa Matched: slwga.dll ----------------------- WVCheck's Dir Dump ----------------------- WVCheck found no known bad directories. WVCheck's Missing File Check ----------------------- WVCheck found no missing Windows files. WVCheck's MBAM Quarantine Check ----------------------- There were no bad files quarantined by MBAM. WVCheck's HOSTS File Check ----------------------- WVCheck found no bad lines in the hosts file. Hi, updated Java np, Chrome working fine, here are results WVCheck's MD5 Check EXPERIMENTAL!! ----------------------- user32.dll - 63b4f59d7c89b1bf5277f1ffefd491cd -------- End of File, program close at 1649_27-05-2012 --------
  22. ok tried several times to manually update, (this is a 32bit OS and there are only two options 5 lang. and all tried both)same thing happens install looks like its going well, goes to restart and the same BSOD pops up I assume from incompatibility, roll back everything to right before it happened and each time I'm left two hours later, right where I started. tried installing the Sys. Upd. Read. tool but it hung on the install and wont reinitialize now because it detects a partial file of the same name... Also it may be worth noting that everytime I open a new tab/window in IE a UAC window pops up telling me that Java runtime is out of date. Now I know this is true but the persistence and frequency seems too obnoxious to be legitimate. In any case I dont think the SP update is going to work
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.