Jump to content

"The specified service does not exist as an installed service" when loading system/security programs


Boxtop

Recommended Posts

Hello. I've recently been having problems with my computer that I'd like someone to take a look at.

Just this morning I attempted to load up MalwareBytes and recieved the following error:

"The specified service does not exist as an installed service."

I get the message whenever I open any security/system related program (rkill, dds, msconfig, system settings, etc). My other programs, like Firefox, and even CCleaner, work without problems, as well as my Internet and sound.

I booted into safe mode and was able to do a full scan with Malwarebytes. It found 7 items, but all of them were Adware, and their removal did not fix the problem.

The log is here, for future reference:


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.17.07

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Tyler :: TYLER-PC [administrator]

1/17/2013 10:43:48 AM
MBAM-log-2013-01-17 (12-07-29).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 629678
Time elapsed: 1 hour(s), 23 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 7
C:\Sandbox\Tyler\DefaultBox\drive\C\Program Files (x86)\VooMuu\bin\1.0.29.0\VooMuuSA.exe (Adware.HotBar.CP) -> No action taken.
C:\Sandbox\Tyler\DefaultBox\drive\C\Program Files (x86)\VooMuu\bin\1.0.29.0\VooMuuSACB.exe (Adware.HotBar.VM) -> No action taken.
C:\Sandbox\Tyler\DefaultBox\drive\C\Program Files (x86)\VooMuu\bin\1.0.29.0\VooMuuSAHook.dll (Adware.HotBar.VM) -> No action taken.
C:\Sandbox\Tyler\DefaultBox\drive\C\Program Files (x86)\VooMuu\bin\1.0.29.0\VooMuuUninstaller.exe (Adware.HotBar.VM) -> No action taken.
C:\Sandbox\Tyler\DefaultBox\user\current\AppData\Local\Temp\nscD6A6.tmp\Install.dll (Adware.Seekmo) -> No action taken.
C:\Sandbox\Tyler\DefaultBox\user\current\AppData\Local\Temp\nscD6A6.tmp\Setup.dll (Adware.Seekmo) -> No action taken.
C:\Users\Tyler\AppData\LocalLow\Retrogamer_2zEI\Installr\Cache\011FCA56.exe (PUP.MyWebSearch) -> No action taken.

(end)

I don't get what's going on here. I was able to run MB last week with no problems, and, likewise, was able to access all the other functions with no problems until today. All the programs are able to load in safe mode, so I do have some recourse there, but still...

The last big thing I remember installing was the game Dungeon Fighter Online, through Steam, so I don't know if that's the culprit or not.

I've had some luck in squashing bugs in the past (Months ago I had some sort of thing that redirected my Google searches to some other search engine, and prevented me from accessing the websites of some security programs for updates; TDSSKiller got rid of that one real quick), but this time I don't want to do anything too rash, lest there's something else that's clogging my computer.

I'm also concerned that my computer has been running CHKDSK at boot up a lot more often, despite the fact that I'm shutting down normally. I'm not sure if that's related to anything, though; I just hope my hard drive isn't dying.

Anyway, here's the DDS report. I'm running dds.com from safe mode because, as I said before, it won't load in normal mode.

If you need any more information, I'll be happy to give it. Thanks!

DDS.txt

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_24

Run by Tyler at 13:06:01 on 2013-01-17

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.3120 [GMT -8:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\Explorer.EXE

C:\Windows\system32\ctfmon.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uURLSearchHooks: <No Name>: - LocalServer32 - <no file>

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Google Update] "C:\Users\Tyler\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe"

mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

StartupFolder: C:\Users\Tyler\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

StartupFolder: C:\Users\Tyler\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Stickies.lnk - C:\Program Files (x86)\Stickies\stickies.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{0B620BFD-8838-4AD7-BAAF-D0E7926DCBD3} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{6370A005-786D-4D0B-B016-2D28AF25CA14} : DHCPNameServer = 192.168.1.1

SSODL: WebCheck - <orphaned>

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab

x64-DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab

x64-SSODL: WebCheck - <orphaned>

x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\opez7x12.default\

FF - prefs.js: browser.search.selectedEngine - Search the Web

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\null\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

FF - plugin: C:\Users\Tyler\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: C:\Users\Tyler\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\opez7x12.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll

FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

FF - ExtSQL: 2012-12-21 12:50; {6AC85730-7D0F-4de0-B3FA-21142DD85326}; C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\opez7x12.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}

FF - ExtSQL: 2012-12-22 01:38; {000F1EA4-5E08-4564-A29B-29076F63A37A}; C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\opez7x12.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}

.

---- FIREFOX POLICIES ----

FF - user.js: extentions.y2layers.installId - 97b380b6-67d8-42eb-bc6c-4bb19b4d8959

FF - user.js: extentions.y2layers.defaultEnableAppsList - PageRage,PageRageGlobal,Buzzdock,BuzzdockTease,PageRage,PageRageGlobal,

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-9-23 55856]

R3 Linksys_adapter_H;Linksys Adapter Network Driver;C:\Windows\System32\drivers\AE2500w764.sys [2011-3-29 1254464]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-4-27 83080]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-4-27 184968]

S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-9-27 239616]

S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-9-28 361984]

S2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]

S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]

S2 Apache2.2;Apache2.2;C:\xampp\apache\bin\httpd.exe [2011-9-10 18432]

S2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2011-1-23 96896]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-1-22 21992]

S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-3-11 46136]

S3 AODDriver4.0;AODDriver4.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-13 96896]

S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;C:\Windows\System32\drivers\netr7364.sys [2009-6-10 707072]

S3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2012-5-14 10568]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-31 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-22 1255736]

.

=============== Created Last 30 ================

.

2013-01-16 01:09:36 -------- d-----w- C:\Users\Tyler\AppData\Roaming\NeopleLauncherDFO

2013-01-15 21:36:17 -------- d-----w- C:\Users\Tyler\AppData\Roaming\.doomseeker

2013-01-15 21:36:16 -------- d-----w- C:\Program Files (x86)\Zandronum

2013-01-15 19:43:26 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{53174576-A6A3-42E4-AAC9-ECF5AFB26E3E}\mpengine.dll

2013-01-13 00:05:53 -------- d-----w- C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP

2013-01-12 11:00:42 -------- d-----w- C:\Windows\CheckSur

2013-01-09 20:48:10 15739912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2013-01-09 00:27:08 -------- d-----w- C:\Program Files (x86)\Common Files\Adobe Systems Shared

2013-01-09 00:24:17 -------- d-----w- C:\PhSp_CS2_UE_Ret

2013-01-04 18:12:09 -------- d-sh--w- C:\found.003

2013-01-01 20:00:44 -------- d-----w- C:\Program Files (x86)\AMD AVT

2013-01-01 20:00:39 -------- d-----w- C:\Program Files (x86)\AMD APP

2012-12-28 09:35:57 -------- dc-h--w- C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}

2012-12-27 03:15:16 -------- d-----w- C:\Users\Tyler\AppData\Roaming\ftblauncher

2012-12-23 06:22:26 -------- d-----w- C:\Users\Tyler\AppData\Roaming\Nifflas

2012-12-23 06:10:31 -------- d-----w- C:\Users\Tyler\AppData\Local\Programs

2012-12-22 09:31:58 -------- d-----w- C:\Users\Tyler\AppData\Roaming\Sony Online Entertainment

2012-12-22 09:31:58 -------- d-----w- C:\Crash

2012-12-19 07:04:15 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-12-19 07:03:58 478208 ----a-w- C:\Windows\System32\dpnet.dll

.

==================== Find3M ====================

.

2013-01-09 20:48:15 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-09 20:48:15 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-01-09 02:05:35 107832 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2013-01-09 02:05:13 66872 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2013-01-09 02:05:13 2250024 ----a-w- C:\Windows\SysWow64\pbsvc.exe

2012-12-15 00:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

.

============= FINISH: 13:07:06.04 ===============

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 1/22/2011 5:15:03 PM

System Uptime: 1/17/2013 12:32:06 PM (1 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | M4A88TD-V EVO/USB3

Processor: AMD Phenom™ II X4 965 Processor | AM3 | 3415/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 931 GiB total, 711.482 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 1 GiB total, 0.53 GiB free.

F: is FIXED (NTFS) - 931 GiB total, 792.711 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Realtek PCIe GBE Family Controller

Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_84321043&REV_06\01000000684CE00000

Manufacturer: Realtek

Name: Realtek PCIe GBE Family Controller

PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_84321043&REV_06\01000000684CE00000

Service: RTL8167

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft ISATAP Adapter

Device ID: ROOT\*ISATAP\0000

Manufacturer: Microsoft

Name: Microsoft ISATAP Adapter

PNP Device ID: ROOT\*ISATAP\0000

Service: tunnel

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

==== System Restore Points ===================

.

RP270: 1/13/2013 12:08:03 PM - Scheduled Checkpoint

RP271: 1/15/2013 11:43:00 AM - Windows Update

.

==== Installed Programs ======================

.

3D Flash Animator 4.9.8.7

7-Zip 9.20

Adobe AIR

Adobe Bridge 1.0

Adobe Common File Installer

Adobe Download Assistant

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Help Center 1.0

Adobe Photoshop CS2

Adobe Photoshop Elements 6.0

Adobe Reader X (10.1.1)

Adobe Shockwave Player 11.6

Adobe Stock Photos 1.0

AI Suite

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Fuel

AMD Media Foundation Decoders

AMD VISION Engine Control Center

Any Video Converter 3.2.7

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ASUSUpdate

ATI Catalyst Registration

aTube Catcher

Audacity 1.3.13 (Unicode)

Bandisoft MPEG-1 Decoder

Bejeweled 3

Bonjour

Borderlands

Canon IJ Network Scan Utility

Canon IJ Network Tool

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

CPUID CPU-Z 1.56

CPUID HWMonitor 1.17

DFOLauncher

Dungeon Fighter Online

Dungeons of Dredmor

EA Installer

Everything 1.2.1.371

Fallout Mod Manager 0.13.21

Fallout: New Vegas

Far Cry

Far Cry 2

Fences

FreeBASIC 0.23.0

Freelancer

GameFly

Google Chrome

Google Update Helper

Half-Life® 2

Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091)

Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674)

Inform 7

Inkscape 0.48.2

iTunes

Java Auto Updater

Java™ 6 Update 22

Java™ 6 Update 24

Java™ 7 (64-bit)

Java™ SE Development Kit 7 (64-bit)

Just Cause 2

Lernout & Hauspie TruVoice American English TTS Engine

Lernout & Hauspie TruVoice for Microsoft Agent

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Compact Framework 2.0 SP2

Microsoft .NET Compact Framework 3.5

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Device Emulator (64 bit) version 3.0 - ENU

Microsoft Document Explorer 2008

Microsoft Game Studios Common Redistributables Pack 1

Microsoft Games for Windows - LIVE Redistributable

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

Microsoft Office Visual Web Developer 2007

Microsoft Office Visual Web Developer MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server Compact 3.5 Design Tools ENU

Microsoft SQL Server Compact 3.5 ENU

Microsoft SQL Server Compact 3.5 for Devices ENU

Microsoft SQL Server Database Publishing Wizard 1.2

Microsoft Text-to-Speech Engine 4.0 (English)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2005 Tools for Office Runtime

Microsoft Visual Studio 2008 Professional Edition - ENU

Microsoft Visual Studio 2008 Remote Debugger - ENU

Microsoft Visual Studio Web Authoring Component

Microsoft Web Publishing Wizard 1.52

Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools

Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries

Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense

Microsoft Windows SDK for Visual Studio 2008 Tools

Microsoft Windows SDK for Visual Studio 2008 Win32 Tools

Microsoft XML Parser

Microsoft XNA Framework Redistributable 4.0

Mozilla Firefox 18.0 (x86 en-US)

Mozilla Maintenance Service

MSI Afterburner 2.2.1

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nation Red

NewBlue Cartoonr for Vegas

NewBlue VideoFX for Sony Vegas MSPS

Notepad++

NVIDIA PhysX

OpenAL

OpenOffice.org 3.3

Oracle VM VirtualBox 4.0.4

Pando Media Booster

Petz 4

PetzA 2.2.5

Pidgin

PunkBuster Services

Python 2.6 PIL-1.1.7

Python 2.6 pygame-1.9.1

Python 2.6.6

QuickTime

Realtek High Definition Audio Driver

Renesas Electronics USB 3.0 Host Controller Driver

Resource Hacker Version 3.6.0

Saints Row: The Third

Section 8 Prejudice

Section 8: Prejudice

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office system 2007 (KB974234)

Shockwave

Soldat 1.6.3

Source SDK

Source SDK Base 2006

Space Rangers 2: Reboot

SpeedFan (remove only)

Steam

Stickies 7.1d

swMSM

The Lord of the Rings FREE Trial

The Ultimate DOOM

Torchlight II

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221)

VC Runtimes MSI

Vegas Movie Studio HD Platinum 10.0

Visual Studio .NET Prerequisites - English

Visual Studio 2005 Tools for Office Second Edition Runtime

Visual Studio Tools for the Office system 3.0 Runtime

Winamp

Winamp Detector Plug-in

Windows Live ID Sign-in Assistant

Windows Mobile 5.0 SDK R2 for Pocket PC

Windows Mobile 5.0 SDK R2 for Smartphone

Windows XP Mode

WinRAR 4.00 beta 6 (64-bit)

Xiph.Org Open Codecs 0.85.17777

Yontoo Layers Runtime 1.10.01

Zandronum

.

==== Event Viewer Messages From Past Week ========

.

1/17/2013 12:32:53 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21

1/17/2013 12:32:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

1/17/2013 12:32:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

1/17/2013 12:32:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

1/17/2013 12:32:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

1/17/2013 12:32:37 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AsIO AsUpIO discache spldr VBoxDrv VBoxUSBMon vpcvmm Wanarpv6

1/17/2013 12:32:20 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.

1/17/2013 12:30:39 PM, Error: Microsoft-Windows-WMPNSS-Service [14329] - Service 'WMPNetworkSvc' did not start correctly because the registry could not be updated due to error '0x80070006'. If possible, reinstall Windows Media Player.

1/17/2013 12:28:38 PM, Error: Service Control Manager [7000] - The AODDriver4.2 service failed to start due to the following error: The system cannot find the file specified.

1/17/2013 12:28:37 PM, Error: Service Control Manager [7022] - The mysql service hung on starting.

1/17/2013 12:26:54 PM, Error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error Incorrect function..

1/14/2013 9:46:51 AM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort2.

1/14/2013 5:04:57 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

1/12/2013 7:14:56 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.

.

==== End Of File ===========================

Link to post
Share on other sites

Download Farbar Recovery Scan Tool on a clean PC (if possible) and save to a flash drive (memory stick). Use which ever of the folllowing is applicable to your system. (32 or 64 bit)

Download http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ <--- 64 bit version Save to USB flash drive

Download http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ <--- 32 bit version Save to USB Flash drive

Plug the flashdrive into the infected PC.

Enter System Recovery Options I give two methods, use whichever is convenient for you.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select Your Country as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select Your Country as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair

System Restore

Windows Complete PC Restore

Windows Memory Diagnostic Tool

Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64 or e:\frst depending on your version. Press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Kevin

Link to post
Share on other sites

Here you go. I was a little confused at first, because I have two drives (one from my old computer, called "Old Drive" here, that I've kept instead of transfering over to my new drive) and the program wanted to know which drive to search, but I managed to figure it out.

Most of the programs/files listed in the Recently Created and Recently Modified sections are games or game mods. My computer's a mess.

I don't know if you want it as an attachment, but I'll post it in this post anyway:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2013

Ran by SYSTEM at 17-01-2013 17:53:30

Running from H:\

Windows 7 Professional (X64) OS Language: English(US)

The current controlset is ControlSet003

==================== Registry (Whitelisted) ===================

HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-05-04] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-04-27] (Renesas Electronics Corporation)

HKLM-x32\...\Run: [QFan Help] "C:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe" [888960 2010-03-25] (ASUSTeK Computer Inc.)

HKLM-x32\...\Run: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [124512 2007-05-21] (CANON INC.)

HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642728 2012-09-28] (Advanced Micro Devices, Inc.)

HKU\Tyler\...\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1354736 2012-12-18] (Valve Corporation)

HKU\Tyler\...\Run: [Google Update] "C:\Users\Tyler\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-06-17] (Google Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Startup: C:\Users\Tyler\Start Menu\Programs\Startup\Adobe Gamma.lnk

ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\Users\Tyler\Start Menu\Programs\Startup\Stickies.lnk

ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)

==================== Services (Whitelisted) ===================

3 Adobe LM Service; "C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" [72704 2013-01-08] (Adobe Systems)

2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] ()

2 Apache2.2; "C:\xampp\apache\bin\httpd.exe" -k runservice [18432 2011-09-10] (Apache Software Foundation)

2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)

3 BDESVC; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)

3 BDESVC; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)

2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2013-01-08] ()

2 PnkBstrB; C:\Windows\SysWow64\PnkBstrB.exe [107832 2013-01-08] ()

2 mysql; C:\xampp\mysql\bin\mysqld.exe --defaults-file=C:\xampp\mysql\bin\my.ini mysql [x]

==================== Drivers (Whitelisted) =====================

3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)

1 AsIO; C:\Windows\SysWow64\Drivers\AsIO.sys [13440 2009-08-03] ()

1 AsUpIO; C:\Windows\SysWow64\Drivers\AsUpIO.sys [13368 2009-07-05] ()

3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-09-04] (Broadcom Corporation)

3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()

3 RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [10568 2012-05-14] ()

0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows ® Server 2003 DDK provider)

3 ALSysIO; \??\C:\Users\Tyler\AppData\Local\Temp\ALSysIO64.sys [x]

3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]

3 X6va005; \??\C:\Users\Tyler\AppData\Local\Temp\00579F6.tmp [x]

==================== NetSvcs (Whitelisted) ====================

==================== One Month Created Files and Folders ========

2013-01-17 17:47 - 2013-01-17 17:47 - 00000000 ____D C:\FRST

2013-01-17 13:07 - 2013-01-17 13:07 - 00012687 ____A C:\Users\Tyler\Desktop\dds.txt

2013-01-17 13:07 - 2013-01-17 13:07 - 00012449 ____A C:\Users\Tyler\Desktop\attach.txt

2013-01-17 12:23 - 2013-01-17 12:23 - 00000218 ____A C:\Users\Tyler\.recently-used.xbel

2013-01-17 12:22 - 2013-01-17 12:22 - 00688992 ____R (Swearware) C:\Users\Tyler\Downloads\dds.com

2013-01-17 10:39 - 2013-01-17 10:40 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Tyler\Downloads\rkill.exe

2013-01-17 10:25 - 2013-01-17 10:25 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\mbam-setup-1.70.0.1100.exe

2013-01-15 20:28 - 2013-01-15 20:28 - 00000222 ____A C:\Users\Tyler\Desktop\Dungeon Fighter Online.url

2013-01-15 17:09 - 2013-01-17 01:06 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\NeopleLauncherDFO

2013-01-15 13:38 - 2013-01-15 13:39 - 15966829 ____A C:\Users\Tyler\Downloads\brutalv017.zip

2013-01-15 13:36 - 2013-01-16 17:30 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\.doomseeker

2013-01-15 13:36 - 2013-01-15 13:39 - 00000000 ____D C:\Program Files (x86)\Zandronum

2013-01-15 13:36 - 2013-01-15 13:36 - 00001111 ____A C:\Users\Tyler\Desktop\Play Zandronum (Online).lnk

2013-01-15 13:35 - 2013-01-15 13:36 - 17073913 ____A (Zandronum) C:\Users\Tyler\Downloads\zandronum1.0-win32-installer.exe

2013-01-14 22:22 - 2013-01-14 22:23 - 88757502 ____A C:\Users\Tyler\Downloads\DoomMetalVol3.zip

2013-01-14 22:19 - 2013-01-14 22:19 - 15264977 ____A C:\Users\Tyler\Downloads\brutalv017gzdoom.zip

2013-01-14 22:17 - 2013-01-15 00:12 - 00000000 ____D C:\Users\Tyler\Downloads\gzdoom-bin-1-7-00

2013-01-14 22:16 - 2013-01-14 22:16 - 02846928 ____A C:\Users\Tyler\Downloads\gzdoom-bin-1-7-00.zip

2013-01-14 22:13 - 2013-01-14 22:13 - 00000220 ____A C:\Users\Tyler\Desktop\The Ultimate DOOM.url

2013-01-14 12:47 - 2013-01-14 12:47 - 00003000 ____A C:\Users\Tyler\Desktop\boxtop5000@gmail.com_boxtop5000@gmail.com.ics

2013-01-14 12:47 - 2013-01-14 12:47 - 00000022 ____A C:\Users\Tyler\Downloads\boxtop5000@gmail.com.ical.zip

2013-01-12 16:05 - 2013-01-12 16:05 - 00000000 ____D C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP

2013-01-12 16:03 - 2013-01-12 16:03 - 00002310 ____A C:\Users\Public\Desktop\Section 8 Prejudice.lnk

2013-01-12 03:00 - 2013-01-12 03:00 - 00000000 ____D C:\Windows\CheckSur

2013-01-11 23:35 - 2013-01-11 23:35 - 00023830 ____A C:\Users\Tyler\Downloads\xbots055-umod.zip

2013-01-11 20:08 - 2013-01-11 20:08 - 00642352 ____A (Unity Technologies ApS) C:\Users\Tyler\Downloads\UnityWebPlayer.exe

2013-01-10 19:08 - 2013-01-10 19:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-01-09 12:48 - 2013-01-09 12:48 - 15739912 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2013-01-08 17:30 - 2013-01-08 17:30 - 00000221 ____A C:\Users\Tyler\Desktop\Far Cry 2.url

2013-01-08 16:30 - 2013-01-08 16:30 - 00000000 ____D C:\Users\Tyler\Documents\Updater

2013-01-08 16:27 - 2013-01-08 16:27 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF

2013-01-08 16:24 - 2013-01-08 16:24 - 00000000 ____D C:\PhSp_CS2_UE_Ret

2013-01-08 16:13 - 2013-01-08 16:17 - 356583291 ____A (Adobe Systems Inc. ) C:\Users\Tyler\Downloads\PhSp_CS2_English.exe

2013-01-06 02:46 - 2013-01-06 02:48 - 00000000 ____D C:\Users\Tyler\Downloads\NPC_Behaviour_Spawns_Shitface_v41

2013-01-06 01:11 - 2013-01-06 01:11 - 00000221 ____A C:\Users\Tyler\Desktop\Saints Row The Third.url

2013-01-06 00:53 - 2013-01-06 00:54 - 14303486 ____A C:\Users\Tyler\Downloads\NPC_Behaviour_Spawns_Shitface_v41.zip

2013-01-05 21:30 - 2013-01-05 21:30 - 00026977 ____A C:\Users\Tyler\Downloads\BetterFonts-1.4.6.zip

2013-01-05 14:59 - 2013-01-05 14:59 - 00000222 ____A C:\Users\Tyler\Desktop\Torchlight II.url

2013-01-05 10:58 - 2013-01-05 10:58 - 02511680 ____A C:\Users\Tyler\Downloads\MineChem-2.0.0pr5.1.zip

2013-01-04 21:05 - 2013-01-04 21:05 - 02386259 ____A C:\Users\Tyler\Downloads\MineChem-2.0.0pr5.zip

2013-01-04 14:05 - 2013-01-04 14:05 - 02305504 ____A C:\Users\Tyler\Downloads\MineChem-2.0.0pr4.1.zip

2013-01-04 10:12 - 2013-01-04 10:12 - 00000000 __SHD C:\found.003

2013-01-02 20:08 - 2013-01-02 20:08 - 00164360 ____A C:\Users\Tyler\Downloads\Flans Mod Simple Parts Pack 1.1.0 for Flans Mod 2.1.zip

2013-01-02 20:03 - 2013-01-02 20:04 - 03313291 ____A C:\Users\Tyler\Downloads\Spino's Vehicles 2.0.zip

2013-01-02 19:43 - 2013-01-02 19:43 - 00492437 ____A C:\Users\Tyler\Downloads\Flans Mod 2.1.0 for Minecraft 1.4.6 Universal.zip

2013-01-02 01:11 - 2013-01-02 01:11 - 00000000 ____D C:\Users\Tyler\Desktop\dust_pages

2013-01-02 01:07 - 2013-01-02 01:07 - 00637894 ____A C:\Users\Tyler\Downloads\dustmod-v1.1.7alphabeta.jar

2013-01-02 01:03 - 2013-01-02 01:03 - 00507443 ____A C:\Users\Tyler\Downloads\dustmod-v1.1.6_CORE.jar

2013-01-02 01:03 - 2013-01-02 01:03 - 00109136 ____A C:\Users\Tyler\Downloads\dustmod-v1.1.6_DEFAULT-RUNES.jar

2013-01-01 23:19 - 2013-01-01 23:19 - 00004180 ____A C:\Users\Tyler\Downloads\Mystcraft Addon 1.4.jar

2013-01-01 12:01 - 2013-01-01 12:01 - 00000000 ____D C:\Users\All Users\ATI

2013-01-01 12:00 - 2013-01-01 12:00 - 00000000 ____D C:\Program Files (x86)\AMD AVT

2013-01-01 12:00 - 2013-01-01 12:00 - 00000000 ____D C:\Program Files (x86)\AMD APP

2012-12-30 23:54 - 2012-12-30 23:54 - 13951924 ____A C:\Users\Tyler\Downloads\DrZharks MoCreatures Mod v4.1.3.zip

2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ____D C:\Users\Tyler\Downloads\removal_tool

2012-12-29 12:18 - 2012-12-29 12:19 - 11276540 ____A C:\Users\Tyler\Downloads\removal_tool.zip

2012-12-28 01:35 - 2012-12-29 10:34 - 00000000 __HDC C:\Users\All Users\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}

2012-12-26 19:47 - 2012-12-30 23:41 - 00000000 ____D C:\Users\Tyler\Downloads\Minecraft Mods

2012-12-26 19:38 - 2013-01-09 20:46 - 00000000 ____D C:\Users\Tyler\Desktop\FTB

2012-12-26 19:35 - 2012-12-26 19:35 - 00000000 ____D C:\Users\Tyler\Downloads\Direwolf20

2012-12-26 19:15 - 2013-01-09 20:46 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\ftblauncher

2012-12-26 19:15 - 2012-12-26 19:15 - 00000000 ____D C:\Users\Tyler\Downloads\MindCrack

2012-12-26 19:14 - 2013-01-09 20:46 - 00533126 ____A () C:\Users\Tyler\Desktop\FTB.exe

2012-12-25 20:58 - 2012-12-25 20:59 - 06662199 ____A C:\Users\Tyler\Downloads\fantity.zip

2012-12-25 15:37 - 2012-12-25 15:44 - 03226708 ____A C:\Users\Tyler\Desktop\test2.wav

2012-12-25 13:21 - 2012-12-25 13:40 - 00000000 ____D C:\Users\Tyler\Downloads\Animal Crossing City Folk {Wii-NTSC-USA}

2012-12-25 13:08 - 2012-12-25 13:08 - 05367997 ____A C:\Users\Tyler\Downloads\Dolphin-win-x64-v3.0-917.7z

2012-12-25 13:08 - 2012-12-25 13:08 - 00000000 ____D C:\Users\Tyler\Downloads\Dolphin-win-x64-v3.0-917

2012-12-24 00:18 - 2012-12-24 00:18 - 05791737 ____A C:\Users\Tyler\Downloads\clv2(1).zip

2012-12-22 22:22 - 2012-12-22 22:22 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\Nifflas

2012-12-22 19:44 - 2012-12-22 19:44 - 00074396 ____A C:\Users\Tyler\Downloads\ConvertVB6toVB7.zip

2012-12-22 19:44 - 2012-12-22 19:44 - 00000000 ____D C:\Users\Tyler\Downloads\ConvertVB6toVB7

2012-12-22 01:31 - 2012-12-22 12:48 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\Sony Online Entertainment

2012-12-22 01:31 - 2012-12-22 01:31 - 00000000 ____D C:\Crash

2012-12-19 16:23 - 2012-12-19 16:37 - 65095354 ____A C:\Users\Tyler\Downloads\Parts-1-4-5a.7z

2012-12-19 03:02 - 2012-11-13 23:06 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-12-19 03:02 - 2012-11-13 22:32 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2012-12-19 03:02 - 2012-11-13 22:11 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2012-12-19 03:02 - 2012-11-13 22:04 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2012-12-19 03:02 - 2012-11-13 22:04 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2012-12-19 03:02 - 2012-11-13 22:02 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2012-12-19 03:02 - 2012-11-13 22:02 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2012-12-19 03:02 - 2012-11-13 21:59 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2012-12-19 03:02 - 2012-11-13 21:58 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2012-12-19 03:02 - 2012-11-13 21:57 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2012-12-19 03:02 - 2012-11-13 21:57 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2012-12-19 03:02 - 2012-11-13 21:55 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2012-12-19 03:02 - 2012-11-13 21:55 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2012-12-19 03:02 - 2012-11-13 21:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2012-12-19 03:02 - 2012-11-13 21:52 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2012-12-19 03:02 - 2012-11-13 21:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2012-12-19 03:02 - 2012-11-13 18:48 - 12320256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2012-12-19 03:02 - 2012-11-13 18:14 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2012-12-19 03:02 - 2012-11-13 18:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2012-12-19 03:02 - 2012-11-13 17:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2012-12-19 03:02 - 2012-11-13 17:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2012-12-19 03:02 - 2012-11-13 17:57 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2012-12-19 03:02 - 2012-11-13 17:55 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2012-12-19 03:02 - 2012-11-13 17:51 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2012-12-19 03:02 - 2012-11-13 17:49 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2012-12-19 03:02 - 2012-11-13 17:49 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2012-12-19 03:02 - 2012-11-13 17:48 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2012-12-19 03:02 - 2012-11-13 17:47 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2012-12-19 03:02 - 2012-11-13 17:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2012-12-19 03:02 - 2012-11-13 17:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2012-12-19 03:02 - 2012-11-13 17:44 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2012-12-19 03:02 - 2012-11-13 17:41 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2012-12-18 23:04 - 2012-10-04 09:46 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll

2012-12-18 23:04 - 2012-10-04 09:46 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll

2012-12-18 23:04 - 2012-10-04 09:46 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll

2012-12-18 23:04 - 2012-10-04 09:45 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll

2012-12-18 23:04 - 2012-10-04 09:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll

2012-12-18 23:04 - 2012-10-04 09:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll

2012-12-18 23:04 - 2012-10-04 09:41 - 00424960 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:47 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2012-12-18 23:04 - 2012-10-04 08:47 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2012-12-18 23:04 - 2012-10-04 08:47 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 07:21 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe

2012-12-18 23:04 - 2012-10-04 06:46 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2012-12-18 23:04 - 2012-10-04 06:46 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2012-12-18 23:04 - 2012-10-04 06:46 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2012-12-18 23:04 - 2012-10-04 06:46 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2012-12-18 23:04 - 2012-10-04 06:41 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 06:41 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 06:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2012-12-18 23:04 - 2012-10-04 06:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2012-12-18 23:04 - 2012-08-30 10:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2012-12-18 23:04 - 2012-08-30 09:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2012-12-18 23:04 - 2012-08-30 09:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2012-12-18 23:04 - 2012-08-22 10:12 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2012-12-18 23:04 - 2012-08-22 10:12 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys

2012-12-18 23:04 - 2012-08-22 10:12 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS

2012-12-18 23:03 - 2012-11-01 21:59 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll

2012-12-18 23:03 - 2012-11-01 21:11 - 00376832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll

2012-12-18 23:03 - 2012-09-25 14:47 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll

2012-12-18 23:03 - 2012-09-25 14:46 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll

2012-12-18 23:03 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll

2012-12-18 23:03 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2012-12-18 23:03 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll

2012-12-18 23:03 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2012-12-18 23:03 - 2012-06-01 21:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll

2012-12-18 23:03 - 2012-06-01 21:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll

2012-12-18 23:03 - 2012-06-01 21:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll

2012-12-18 23:03 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2012-12-18 23:03 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2012-12-18 23:03 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

==================== One Month Modified Files and Folders =======

2013-01-17 17:47 - 2013-01-17 17:47 - 00000000 ____D C:\FRST

2013-01-17 13:07 - 2013-01-17 13:07 - 00012687 ____A C:\Users\Tyler\Desktop\dds.txt

2013-01-17 13:07 - 2013-01-17 13:07 - 00012449 ____A C:\Users\Tyler\Desktop\attach.txt

2013-01-17 12:31 - 2011-01-23 09:22 - 01409969 ____A C:\Windows\WindowsUpdate.log

2013-01-17 12:27 - 2012-08-22 08:37 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\stickies

2013-01-17 12:27 - 2011-01-22 23:03 - 00000000 ____D C:\Program Files (x86)\Steam

2013-01-17 12:26 - 2011-09-09 17:33 - 00023832 ____A C:\Windows\setupact.log

2013-01-17 12:26 - 2011-02-11 21:26 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-01-17 12:26 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-01-17 12:24 - 2009-07-13 20:45 - 00015168 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-01-17 12:24 - 2009-07-13 20:45 - 00015168 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-01-17 12:23 - 2013-01-17 12:23 - 00000218 ____A C:\Users\Tyler\.recently-used.xbel

2013-01-17 12:23 - 2011-01-22 17:15 - 00000000 ____D C:\users\Tyler

2013-01-17 12:22 - 2013-01-17 12:22 - 00688992 ____R (Swearware) C:\Users\Tyler\Downloads\dds.com

2013-01-17 12:17 - 2011-01-24 22:16 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\Winamp

2013-01-17 12:09 - 2011-09-09 17:33 - 00051060 ____A C:\Windows\PFRO.log

2013-01-17 10:40 - 2013-01-17 10:39 - 01752992 ____A (Bleeping Computer, LLC) C:\Users\Tyler\Downloads\rkill.exe

2013-01-17 10:25 - 2013-01-17 10:25 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\mbam-setup-1.70.0.1100.exe

2013-01-17 02:48 - 2012-05-18 10:05 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-01-17 02:09 - 2011-02-11 21:26 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-01-17 01:56 - 2012-06-17 08:25 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2005769712-3935123570-2331020344-1000UA.job

2013-01-17 01:06 - 2013-01-15 17:09 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\NeopleLauncherDFO

2013-01-16 23:56 - 2012-06-17 08:25 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2005769712-3935123570-2331020344-1000Core.job

2013-01-16 23:14 - 2011-02-26 17:17 - 00000000 ____D C:\Program Files (x86)\Everything

2013-01-16 17:30 - 2013-01-15 13:36 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\.doomseeker

2013-01-15 20:28 - 2013-01-15 20:28 - 00000222 ____A C:\Users\Tyler\Desktop\Dungeon Fighter Online.url

2013-01-15 13:39 - 2013-01-15 13:38 - 15966829 ____A C:\Users\Tyler\Downloads\brutalv017.zip

2013-01-15 13:39 - 2013-01-15 13:36 - 00000000 ____D C:\Program Files (x86)\Zandronum

2013-01-15 13:36 - 2013-01-15 13:36 - 00001111 ____A C:\Users\Tyler\Desktop\Play Zandronum (Online).lnk

2013-01-15 13:36 - 2013-01-15 13:35 - 17073913 ____A (Zandronum) C:\Users\Tyler\Downloads\zandronum1.0-win32-installer.exe

2013-01-15 01:40 - 2011-01-22 23:13 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\.purple

2013-01-15 00:12 - 2013-01-14 22:17 - 00000000 ____D C:\Users\Tyler\Downloads\gzdoom-bin-1-7-00

2013-01-14 22:23 - 2013-01-14 22:22 - 88757502 ____A C:\Users\Tyler\Downloads\DoomMetalVol3.zip

2013-01-14 22:19 - 2013-01-14 22:19 - 15264977 ____A C:\Users\Tyler\Downloads\brutalv017gzdoom.zip

2013-01-14 22:16 - 2013-01-14 22:16 - 02846928 ____A C:\Users\Tyler\Downloads\gzdoom-bin-1-7-00.zip

2013-01-14 22:13 - 2013-01-14 22:13 - 00000220 ____A C:\Users\Tyler\Desktop\The Ultimate DOOM.url

2013-01-14 12:59 - 2009-07-13 21:13 - 00785370 ____A C:\Windows\System32\PerfStringBackup.INI

2013-01-14 12:47 - 2013-01-14 12:47 - 00003000 ____A C:\Users\Tyler\Desktop\boxtop5000@gmail.com_boxtop5000@gmail.com.ics

2013-01-14 12:47 - 2013-01-14 12:47 - 00000022 ____A C:\Users\Tyler\Downloads\boxtop5000@gmail.com.ical.zip

2013-01-12 22:46 - 2011-02-04 22:07 - 00000000 ____D C:\Users\Tyler\Documents\Vegas Movie Studio HD Platinum 10.0 Projects

2013-01-12 16:05 - 2013-01-12 16:05 - 00000000 ____D C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP

2013-01-12 16:05 - 2011-09-11 14:49 - 00373209 ____A C:\Windows\DirectX.log

2013-01-12 16:03 - 2013-01-12 16:03 - 00002310 ____A C:\Users\Public\Desktop\Section 8 Prejudice.lnk

2013-01-12 03:00 - 2013-01-12 03:00 - 00000000 ____D C:\Windows\CheckSur

2013-01-11 23:35 - 2013-01-11 23:35 - 00023830 ____A C:\Users\Tyler\Downloads\xbots055-umod.zip

2013-01-11 20:09 - 2011-01-30 16:38 - 00000000 ____D C:\Users\Tyler\AppData\Local\Unity

2013-01-11 20:08 - 2013-01-11 20:08 - 00642352 ____A (Unity Technologies ApS) C:\Users\Tyler\Downloads\UnityWebPlayer.exe

2013-01-11 17:57 - 2012-06-17 08:25 - 00002368 ____A C:\Users\Tyler\Desktop\Google Chrome.lnk

2013-01-11 12:31 - 2012-05-21 17:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-01-10 19:08 - 2013-01-10 19:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-01-09 21:50 - 2011-12-18 14:03 - 00026624 __ASH C:\Users\Tyler\Thumbs.db

2013-01-09 20:46 - 2012-12-26 19:38 - 00000000 ____D C:\Users\Tyler\Desktop\FTB

2013-01-09 20:46 - 2012-12-26 19:15 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\ftblauncher

2013-01-09 20:46 - 2012-12-26 19:14 - 00533126 ____A () C:\Users\Tyler\Desktop\FTB.exe

2013-01-09 15:58 - 2011-01-22 23:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-01-09 12:48 - 2013-01-09 12:48 - 15739912 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2013-01-09 12:48 - 2012-05-18 10:04 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-01-09 12:48 - 2011-05-31 12:13 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-01-09 12:30 - 2011-01-22 21:06 - 00088400 ____A C:\Users\Tyler\AppData\Local\GDIPFONTCACHEV1.DAT

2013-01-09 12:27 - 2009-07-13 20:45 - 00361696 ____A C:\Windows\System32\FNTCACHE.DAT

2013-01-09 02:39 - 2011-10-28 22:38 - 00781348 ____A C:\Windows\SysWOW64\PerfStringBackup.INI

2013-01-09 02:34 - 2011-01-22 22:47 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-01-08 18:06 - 2011-03-18 20:43 - 00000000 ____D C:\Users\Tyler\Documents\My Games

2013-01-08 18:05 - 2012-05-19 18:28 - 02250024 ____A C:\Windows\SysWOW64\pbsvc.exe

2013-01-08 18:05 - 2011-01-30 20:53 - 00107832 ____A C:\Windows\SysWOW64\PnkBstrB.exe

2013-01-08 18:05 - 2011-01-30 20:53 - 00066872 ____A C:\Windows\SysWOW64\PnkBstrA.exe

2013-01-08 17:30 - 2013-01-08 17:30 - 00000221 ____A C:\Users\Tyler\Desktop\Far Cry 2.url

2013-01-08 16:30 - 2013-01-08 16:30 - 00000000 ____D C:\Users\Tyler\Documents\Updater

2013-01-08 16:30 - 2011-01-25 19:41 - 00000000 ____D C:\Users\Tyler\AppData\Local\Adobe

2013-01-08 16:30 - 2011-01-22 23:26 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\Adobe

2013-01-08 16:29 - 2011-01-25 19:41 - 00000000 ____D C:\Program Files (x86)\Adobe

2013-01-08 16:27 - 2013-01-08 16:27 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF

2013-01-08 16:26 - 2011-01-25 19:41 - 00000000 ____D C:\Users\All Users\Adobe

2013-01-08 16:24 - 2013-01-08 16:24 - 00000000 ____D C:\PhSp_CS2_UE_Ret

2013-01-08 16:17 - 2013-01-08 16:13 - 356583291 ____A (Adobe Systems Inc. ) C:\Users\Tyler\Downloads\PhSp_CS2_English.exe

2013-01-06 02:48 - 2013-01-06 02:46 - 00000000 ____D C:\Users\Tyler\Downloads\NPC_Behaviour_Spawns_Shitface_v41

2013-01-06 01:11 - 2013-01-06 01:11 - 00000221 ____A C:\Users\Tyler\Desktop\Saints Row The Third.url

2013-01-06 00:54 - 2013-01-06 00:53 - 14303486 ____A C:\Users\Tyler\Downloads\NPC_Behaviour_Spawns_Shitface_v41.zip

2013-01-05 21:30 - 2013-01-05 21:30 - 00026977 ____A C:\Users\Tyler\Downloads\BetterFonts-1.4.6.zip

2013-01-05 14:59 - 2013-01-05 14:59 - 00000222 ____A C:\Users\Tyler\Desktop\Torchlight II.url

2013-01-05 10:58 - 2013-01-05 10:58 - 02511680 ____A C:\Users\Tyler\Downloads\MineChem-2.0.0pr5.1.zip

2013-01-04 21:05 - 2013-01-04 21:05 - 02386259 ____A C:\Users\Tyler\Downloads\MineChem-2.0.0pr5.zip

2013-01-04 14:05 - 2013-01-04 14:05 - 02305504 ____A C:\Users\Tyler\Downloads\MineChem-2.0.0pr4.1.zip

2013-01-04 10:12 - 2013-01-04 10:12 - 00000000 __SHD C:\found.003

2013-01-02 20:08 - 2013-01-02 20:08 - 00164360 ____A C:\Users\Tyler\Downloads\Flans Mod Simple Parts Pack 1.1.0 for Flans Mod 2.1.zip

2013-01-02 20:04 - 2013-01-02 20:03 - 03313291 ____A C:\Users\Tyler\Downloads\Spino's Vehicles 2.0.zip

2013-01-02 19:43 - 2013-01-02 19:43 - 00492437 ____A C:\Users\Tyler\Downloads\Flans Mod 2.1.0 for Minecraft 1.4.6 Universal.zip

2013-01-02 01:11 - 2013-01-02 01:11 - 00000000 ____D C:\Users\Tyler\Desktop\dust_pages

2013-01-02 01:07 - 2013-01-02 01:07 - 00637894 ____A C:\Users\Tyler\Downloads\dustmod-v1.1.7alphabeta.jar

2013-01-02 01:03 - 2013-01-02 01:03 - 00507443 ____A C:\Users\Tyler\Downloads\dustmod-v1.1.6_CORE.jar

2013-01-02 01:03 - 2013-01-02 01:03 - 00109136 ____A C:\Users\Tyler\Downloads\dustmod-v1.1.6_DEFAULT-RUNES.jar

2013-01-01 23:19 - 2013-01-01 23:19 - 00004180 ____A C:\Users\Tyler\Downloads\Mystcraft Addon 1.4.jar

2013-01-01 16:32 - 2011-06-18 21:29 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\NationRed

2013-01-01 12:01 - 2013-01-01 12:01 - 00000000 ____D C:\Users\All Users\ATI

2013-01-01 12:00 - 2013-01-01 12:00 - 00000000 ____D C:\Program Files (x86)\AMD AVT

2013-01-01 12:00 - 2013-01-01 12:00 - 00000000 ____D C:\Program Files (x86)\AMD APP

2013-01-01 12:00 - 2011-03-11 14:37 - 00000000 ____D C:\Users\All Users\AMD

2013-01-01 12:00 - 2011-01-22 21:59 - 00000000 ____D C:\Program Files\ATI Technologies

2012-12-30 23:54 - 2012-12-30 23:54 - 13951924 ____A C:\Users\Tyler\Downloads\DrZharks MoCreatures Mod v4.1.3.zip

2012-12-30 23:41 - 2012-12-26 19:47 - 00000000 ____D C:\Users\Tyler\Downloads\Minecraft Mods

2012-12-29 12:48 - 2011-02-26 15:51 - 00000000 ____D C:\Program Files (x86)\Unreal Tournament 2004

2012-12-29 12:40 - 2012-05-26 17:48 - 00000000 ____D C:\Program Files (x86)\Electronic Arts

2012-12-29 12:38 - 2011-08-01 20:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2012-12-29 12:23 - 2011-01-28 20:44 - 00000000 ____D C:\Users\Tyler\Downloads\ProcessExplorer

2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ____D C:\Users\Tyler\Downloads\removal_tool

2012-12-29 12:19 - 2012-12-29 12:18 - 11276540 ____A C:\Users\Tyler\Downloads\removal_tool.zip

2012-12-29 10:34 - 2012-12-28 01:35 - 00000000 __HDC C:\Users\All Users\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}

2012-12-29 10:27 - 2011-12-18 02:39 - 00000000 ___RD C:\Users\Tyler\Dropbox

2012-12-26 19:35 - 2012-12-26 19:35 - 00000000 ____D C:\Users\Tyler\Downloads\Direwolf20

2012-12-26 19:15 - 2012-12-26 19:15 - 00000000 ____D C:\Users\Tyler\Downloads\MindCrack

2012-12-25 21:05 - 2012-06-13 19:08 - 00000817 ____A C:\Users\Public\Desktop\GameFly.lnk

2012-12-25 21:05 - 2012-06-13 19:07 - 00000000 ____D C:\Program Files (x86)\GameFly

2012-12-25 20:59 - 2012-12-25 20:58 - 06662199 ____A C:\Users\Tyler\Downloads\fantity.zip

2012-12-25 15:56 - 2011-10-24 21:49 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\Audacity

2012-12-25 15:44 - 2012-12-25 15:37 - 03226708 ____A C:\Users\Tyler\Desktop\test2.wav

2012-12-25 13:40 - 2012-12-25 13:21 - 00000000 ____D C:\Users\Tyler\Downloads\Animal Crossing City Folk {Wii-NTSC-USA}

2012-12-25 13:08 - 2012-12-25 13:08 - 05367997 ____A C:\Users\Tyler\Downloads\Dolphin-win-x64-v3.0-917.7z

2012-12-25 13:08 - 2012-12-25 13:08 - 00000000 ____D C:\Users\Tyler\Downloads\Dolphin-win-x64-v3.0-917

2012-12-24 00:19 - 2012-08-21 15:32 - 00000000 ____D C:\Users\Tyler\Downloads\clv2

2012-12-24 00:18 - 2012-12-24 00:18 - 05791737 ____A C:\Users\Tyler\Downloads\clv2(1).zip

2012-12-22 22:22 - 2012-12-22 22:22 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\Nifflas

2012-12-22 19:44 - 2012-12-22 19:44 - 00074396 ____A C:\Users\Tyler\Downloads\ConvertVB6toVB7.zip

2012-12-22 19:44 - 2012-12-22 19:44 - 00000000 ____D C:\Users\Tyler\Downloads\ConvertVB6toVB7

2012-12-22 19:19 - 2011-01-25 17:42 - 00000000 ____D C:\Users\Tyler\Documents\Visual Studio 2008

2012-12-22 12:48 - 2012-12-22 01:31 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\Sony Online Entertainment

2012-12-22 03:03 - 2011-03-30 19:39 - 00000000 ___HD C:\Windows\msdownld.tmp

2012-12-22 03:03 - 2011-03-30 19:39 - 00000000 ____D C:\Windows\SysWOW64\directx

2012-12-22 01:31 - 2012-12-22 01:31 - 00000000 ____D C:\Crash

2012-12-21 13:08 - 2011-02-01 15:45 - 00000000 ____D C:\Users\Tyler\Documents\3DFA

2012-12-21 02:36 - 2011-01-23 21:08 - 00000000 ____D C:\Users\Tyler\AppData\Roaming\.minecraft

2012-12-20 11:17 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache

2012-12-19 16:37 - 2012-12-19 16:23 - 65095354 ____A C:\Users\Tyler\Downloads\Parts-1-4-5a.7z

2012-12-19 12:49 - 2011-10-28 20:31 - 00000000 ____D C:\Program Files (x86)\Yontoo Layers Runtime

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-01-13 12:08:19

Restore point made on: 2013-01-15 11:43:16

==================== Memory info ===========================

Percentage of memory in use: 15%

Total physical RAM: 4095.16 MB

Available physical RAM: 3448.77 MB

Total Pagefile: 4093.31 MB

Available Pagefile: 3440.35 MB

Total Virtual: 8192 MB

Available Virtual: 8191.89 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:711.3 GB) NTFS

2 Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]

4 Drive h: () (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT

5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

6 Drive y: (System Reserved) (Fixed) (Total:0.57 GB) (Free:0.53 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 931 GB 0 B

Disk 1 Online 931 GB 0 B

Disk 2 Online 1909 MB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 580 MB 31 KB

Partition 2 Primary 930 GB 580 MB

==================================================================================

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y System Rese NTFS Partition 580 MB Healthy

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 Old Drive NTFS Partition 930 GB Healthy

=========================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 100 MB 1024 KB

Partition 2 Primary 931 GB 101 MB

==================================================================================

Disk: 1

Partition 1

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 D System Rese NTFS Partition 100 MB Healthy

=========================================================

Disk: 1

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 C NTFS Partition 931 GB Healthy

=========================================================

Partitions of Disk 2:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

* Partition 1 Primary 1909 MB 0 B

==================================================================================

Disk: 2

There is no partition selected.

There is no partition selected.

Please select a partition and try again.

=========================================================

Last Boot: 2013-01-14 10:09

==================== End Of Log =============================

FRST.txt

Link to post
Share on other sites

I prefer that logs are copied and pasted and not attached... OK, nothing startling there, continue as follows...

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from the following link :-

http://download.blee...Bs/ComboFix.exe

  • Ensure that Combofix is saved directly to the Desktop <--- Very important
  • Disable all security programs as they will have a negative effect on Combofix, instructions available here http://www.bleepingc...opic114351.html if required. Be aware the list may not have all programs listed, if you need more help please ask.
  • Close any open browsers and any other programs you might have running
  • Double click the combofix.gif icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
  • Instructions for running Combofix available here http://www.bleepingc...to-use-combofix if required.
  • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
  • When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read here http://thespykiller....dex.php?page=20 why disabling autoruns is recommended.

*EXTRA NOTES*

  • If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
  • If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
  • If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

Post the log in next reply please...

Kevin

Link to post
Share on other sites

When I attempt to run combofix in normal mode, even after renaming it as Gotcha.exe, I still get the "The specified service does not exist as an installed service" error. Should I run it in safe mode?

Also, I get the same error when I try to load an elevated console to shut down Windows Firewall manually, because it won't allow me to shut it off through the control panel.

Link to post
Share on other sites

I downloaded a new version of Combofix and called it "Combo-Fix" thinking that would work instead of "Gotcha", but it still wouldn't load in normal mode so I just went to safe mode.

Here's the log.

ComboFix 13-01-17.04 - Tyler 01/18/2013 13:57:54.1.4 - x64 NETWORK

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.3339 [GMT -8:00]

Running from: c:\users\Tyler\Desktop\Combo-Fix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\program files (x86)\Retrogamer_2zEI

c:\users\Tyler\AppData\Local\assembly\tmp

c:\users\Tyler\Documents\YTP - MyDupedConsumers.mov.tmp

.

.

((((((((((((((((((((((((( Files Created from 2012-12-18 to 2013-01-18 )))))))))))))))))))))))))))))))

.

.

2013-01-18 22:06 . 2013-01-18 22:06 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-01-18 20:24 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2711D862-ADA6-496D-B44D-C210798B3020}\mpengine.dll

2013-01-18 01:47 . 2013-01-18 01:47 -------- d-----w- C:\FRST

2013-01-16 01:09 . 2013-01-17 09:06 -------- d-----w- c:\users\Tyler\AppData\Roaming\NeopleLauncherDFO

2013-01-15 21:36 . 2013-01-17 01:30 -------- d-----w- c:\users\Tyler\AppData\Roaming\.doomseeker

2013-01-15 21:36 . 2013-01-15 21:39 -------- d-----w- c:\program files (x86)\Zandronum

2013-01-13 00:05 . 2013-01-13 00:05 -------- d-----w- c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP

2013-01-12 11:00 . 2013-01-12 11:00 -------- d-----w- c:\windows\CheckSur

2013-01-09 20:48 . 2013-01-09 20:48 15739912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2013-01-09 00:27 . 2013-01-09 00:27 -------- d-----w- c:\program files (x86)\Common Files\Adobe Systems Shared

2013-01-09 00:24 . 2013-01-09 00:24 -------- d-----w- C:\PhSp_CS2_UE_Ret

2013-01-04 18:12 . 2013-01-04 18:12 -------- d-----w- C:\found.003

2013-01-01 20:01 . 2013-01-01 20:01 -------- d-----w- c:\programdata\ATI

2013-01-01 20:00 . 2013-01-01 20:00 -------- d-----w- c:\program files (x86)\AMD AVT

2013-01-01 20:00 . 2013-01-01 20:00 -------- d-----w- c:\program files (x86)\AMD APP

2012-12-28 09:35 . 2012-12-29 18:34 -------- dc-h--w- c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}

2012-12-27 03:15 . 2013-01-10 04:46 -------- d-----w- c:\users\Tyler\AppData\Roaming\ftblauncher

2012-12-23 06:22 . 2012-12-23 06:22 -------- d-----w- c:\users\Tyler\AppData\Roaming\Nifflas

2012-12-23 06:10 . 2012-12-23 06:10 -------- d-----w- c:\users\Tyler\AppData\Local\Programs

2012-12-22 09:31 . 2012-12-22 20:48 -------- d-----w- c:\users\Tyler\AppData\Roaming\Sony Online Entertainment

2012-12-22 09:31 . 2012-12-22 09:31 -------- d-----w- C:\Crash

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-09 20:48 . 2012-05-18 18:04 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-01-09 20:48 . 2011-05-31 20:13 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-09 10:34 . 2011-01-23 06:47 67599240 ----a-w- c:\windows\system32\MRT.exe

2013-01-09 02:05 . 2011-01-31 04:53 107832 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2013-01-09 02:05 . 2012-05-20 02:28 2250024 ----a-w- c:\windows\SysWow64\pbsvc.exe

2013-01-09 02:05 . 2011-01-31 04:53 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2012-12-15 00:49 . 2011-01-23 07:02 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-14 07:06 . 2012-12-19 11:02 17811968 ----a-w- c:\windows\system32\mshtml.dll

2012-11-14 06:32 . 2012-12-19 11:02 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-11-14 06:11 . 2012-12-19 11:02 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 06:04 . 2012-12-19 11:02 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-11-14 06:04 . 2012-12-19 11:02 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 06:02 . 2012-12-19 11:02 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 06:02 . 2012-12-19 11:02 237056 ----a-w- c:\windows\system32\url.dll

2012-11-14 05:59 . 2012-12-19 11:02 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-11-14 05:58 . 2012-12-19 11:02 816640 ----a-w- c:\windows\system32\jscript.dll

2012-11-14 05:57 . 2012-12-19 11:02 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 05:57 . 2012-12-19 11:02 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 05:55 . 2012-12-19 11:02 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-11-14 05:55 . 2012-12-19 11:02 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-11-14 05:53 . 2012-12-19 11:02 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-11-14 05:52 . 2012-12-19 11:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-14 05:46 . 2012-12-19 11:02 248320 ----a-w- c:\windows\system32\ieui.dll

2012-11-14 02:09 . 2012-12-19 11:02 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-11-14 01:58 . 2012-12-19 11:02 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-11-14 01:57 . 2012-12-19 11:02 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-11-14 01:49 . 2012-12-19 11:02 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-11-14 01:48 . 2012-12-19 11:02 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-11-14 01:44 . 2012-12-19 11:02 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-11-02 05:59 . 2012-12-19 07:03 478208 ----a-w- c:\windows\system32\dpnet.dll

2012-11-02 05:11 . 2012-12-19 07:03 376832 ----a-w- c:\windows\SysWow64\dpnet.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-12-19 1354736]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-05 311296]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]

"QFan Help"="c:\program files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe" [2010-03-25 888960]

"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-29 642728]

.

c:\users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

Stickies.lnk - c:\program files (x86)\Stickies\stickies.exe [2012-8-22 1134592]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

R1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]

R1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-02-18 228272]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-02-18 56688]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]

R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 361984]

R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]

R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]

R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]

R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]

R3 ALSysIO;ALSysIO;c:\users\Tyler\AppData\Local\Temp\ALSysIO64.sys [x]

R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]

R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]

R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2012-05-14 10568]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-03 51712]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-23 1255736]

R3 X6va005;X6va005;c:\users\Tyler\AppData\Local\Temp\00579F6.tmp [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]

S3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\DRIVERS\AE2500w764.sys [2011-09-05 1254464]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-02-18 156080]

S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-02-18 175664]

.

.

Contents of the 'Scheduled Tasks' folder

.

2013-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-18 20:48]

.

2013-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-12 05:26]

.

2013-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-12 05:26]

.

2013-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2005769712-3935123570-2331020344-1000Core.job

- c:\users\Tyler\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-17 16:25]

.

2013-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2005769712-3935123570-2331020344-1000UA.job

- c:\users\Tyler\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-17 16:25]

.

.

--------- X64 Entries -----------

.

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 192.168.1.1

DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab

FF - ProfilePath - c:\users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\opez7x12.default\

FF - prefs.js: browser.search.selectedEngine - Search the Web

FF - ExtSQL: 2012-12-21 12:50; {6AC85730-7D0F-4de0-B3FA-21142DD85326}; c:\users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\opez7x12.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}

FF - ExtSQL: 2012-12-22 01:38; {000F1EA4-5E08-4564-A29B-29076F63A37A}; c:\users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\opez7x12.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}

FF - user.js: extentions.y2layers.installId - 97b380b6-67d8-42eb-bc6c-4bb19b4d8959

FF - user.js: extentions.y2layers.defaultEnableAppsList - PageRage,PageRageGlobal,Buzzdock,BuzzdockTease,PageRage,PageRageGlobal,

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~2\UNWISE.EXE

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\X6va005]

"ImagePath"="\??\c:\users\Tyler\AppData\Local\Temp\00579F6.tmp"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-2005769712-3935123570-2331020344-1000\Software\SecuROM\License information*]

"datasecu"=hex:e7,68,1b,7f,4f,fe,b9,60,49,9b,93,18,aa,58,da,c1,11,b2,01,42,18,

fe,30,04,f8,3b,3e,98,56,e6,ca,82,e3,4d,85,6b,d4,8c,9f,36,6d,a3,d4,f9,c9,a5,\

"rkeysecu"=hex:66,8d,22,75,bc,d2,bc,ad,3a,26,99,cc,fc,c2,5e,ef

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-01-18 14:08:12

ComboFix-quarantined-files.txt 2013-01-18 22:08

.

Pre-Run: 763,340,001,280 bytes free

Post-Run: 763,188,756,480 bytes free

.

- - End Of File - - 711B6CC544971584411C04DA3BA86801

Link to post
Share on other sites

Ok do the following:

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from the following link :-

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Ensure that Combofix is saved directly to the Desktop and Nowhere else. <--- Very important

Download OTH from here: http://oldtimer.geekstogo.com/OTH.scr save Direct to your Desktop, (Do Not Save Anywhere Else)

Double click the OTH icon OTHb.png to run the tool.

In the new window select Kill All Processes as below:

OTHC.png

Your desktop will go blank except for OTH, that is expected.

Select Start Misc Prog as below:

OTH-2.png

A new Window will open, with Desktop selected and File type .exe scroll to Combofix, either double click the icon or highlight and select Open:

OTHa.png

Combofix should run, If it re-boots Post the produced log, it will be here C:\Combofix.txt

If CF did not re-boot use ReBoot tab on OTH......

Kevin...

Link to post
Share on other sites

No that will not help. It will still only run Combofix in Safemode......

Ok re-boot to safemode again then do the following:

Close all windows, Select > start icon > all programs > accessories > Right click on "command prompt" > select > Run as administrator > ok any alerts > at the command prompt type or copy and paste sfc /scannow then tap enter.When finished type exit Tap enter, re-boot your PC.

***Note the space between sfc and /scannow.

To get the report, open command promt again. type or copy and paste:

findstr /c:"[sR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt Tap enter.

type "exit" then tap enter again. log should be on your Desktop......

Link to post
Share on other sites

Here's the log file:

2013-01-18 16:28:15, Info CSI 00000009 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:15, Info CSI 0000000a [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:17, Info CSI 0000000c [sR] Verify complete

2013-01-18 16:28:18, Info CSI 0000000d [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:18, Info CSI 0000000e [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:19, Info CSI 00000010 [sR] Verify complete

2013-01-18 16:28:20, Info CSI 00000011 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:20, Info CSI 00000012 [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:22, Info CSI 00000014 [sR] Verify complete

2013-01-18 16:28:23, Info CSI 00000015 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:23, Info CSI 00000016 [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:25, Info CSI 00000018 [sR] Verify complete

2013-01-18 16:28:25, Info CSI 00000019 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:25, Info CSI 0000001a [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:27, Info CSI 0000001c [sR] Verify complete

2013-01-18 16:28:28, Info CSI 0000001d [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:28, Info CSI 0000001e [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:30, Info CSI 00000020 [sR] Verify complete

2013-01-18 16:28:31, Info CSI 00000021 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:31, Info CSI 00000022 [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:32, Info CSI 00000024 [sR] Verify complete

2013-01-18 16:28:32, Info CSI 00000025 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:32, Info CSI 00000026 [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:35, Info CSI 00000028 [sR] Verify complete

2013-01-18 16:28:35, Info CSI 00000029 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:35, Info CSI 0000002a [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:37, Info CSI 0000002c [sR] Verify complete

2013-01-18 16:28:37, Info CSI 0000002d [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:37, Info CSI 0000002e [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:38, Info CSI 00000030 [sR] Verify complete

2013-01-18 16:28:39, Info CSI 00000031 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:39, Info CSI 00000032 [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:42, Info CSI 00000035 [sR] Verify complete

2013-01-18 16:28:42, Info CSI 00000036 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:42, Info CSI 00000037 [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:47, Info CSI 0000003a [sR] Verify complete

2013-01-18 16:28:48, Info CSI 0000003b [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:48, Info CSI 0000003c [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:51, Info CSI 00000040 [sR] Verify complete

2013-01-18 16:28:51, Info CSI 00000041 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:51, Info CSI 00000042 [sR] Beginning Verify and Repair transaction

2013-01-18 16:28:55, Info CSI 00000045 [sR] Verify complete

2013-01-18 16:28:55, Info CSI 00000046 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:28:55, Info CSI 00000047 [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:00, Info CSI 00000049 [sR] Verify complete

2013-01-18 16:29:00, Info CSI 0000004a [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:00, Info CSI 0000004b [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:05, Info CSI 0000006d [sR] Verify complete

2013-01-18 16:29:05, Info CSI 0000006e [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:05, Info CSI 0000006f [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:10, Info CSI 00000074 [sR] Verify complete

2013-01-18 16:29:10, Info CSI 00000075 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:10, Info CSI 00000076 [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:14, Info CSI 00000078 [sR] Verify complete

2013-01-18 16:29:14, Info CSI 00000079 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:14, Info CSI 0000007a [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:18, Info CSI 0000007c [sR] Verify complete

2013-01-18 16:29:19, Info CSI 0000007d [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:19, Info CSI 0000007e [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:22, Info CSI 00000080 [sR] Verify complete

2013-01-18 16:29:22, Info CSI 00000081 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:22, Info CSI 00000082 [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:25, Info CSI 00000084 [sR] Verify complete

2013-01-18 16:29:26, Info CSI 00000085 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:26, Info CSI 00000086 [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:32, Info CSI 0000008a [sR] Verify complete

2013-01-18 16:29:32, Info CSI 0000008b [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:32, Info CSI 0000008c [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:37, Info CSI 000000ad [sR] Verify complete

2013-01-18 16:29:37, Info CSI 000000ae [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:37, Info CSI 000000af [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:44, Info CSI 000000b1 [sR] Verify complete

2013-01-18 16:29:44, Info CSI 000000b2 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:44, Info CSI 000000b3 [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:48, Info CSI 000000b5 [sR] Cannot repair member file [l:48{24}]"calendar_ring_docked.png" of Microsoft-Windows-Gadgets-Calendar, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:29:51, Info CSI 000000b7 [sR] Cannot repair member file [l:48{24}]"calendar_ring_docked.png" of Microsoft-Windows-Gadgets-Calendar, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:29:51, Info CSI 000000b8 [sR] This component was referenced by [l:204{102}]"Microsoft-Windows-Gadget-Platform-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsGadgetPlatform"

2013-01-18 16:29:51, Info CSI 000000bb [sR] Could not reproject corrupted file [ml:520{260},l:134{67}]"\??\C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images"\[l:48{24}]"calendar_ring_docked.png"; source file in store is also corrupted

2013-01-18 16:29:52, Info CSI 000000bd [sR] Verify complete

2013-01-18 16:29:53, Info CSI 000000be [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:53, Info CSI 000000bf [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:55, Info CSI 000000c3 [sR] Verify complete

2013-01-18 16:29:55, Info CSI 000000c4 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:55, Info CSI 000000c5 [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:56, Info CSI 000000c7 [sR] Cannot repair member file [l:16{8}]"apds.dll" of Microsoft-Windows-Help-DataLayer, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:29:56, Info CSI 000000c9 [sR] Cannot repair member file [l:16{8}]"apds.dll" of Microsoft-Windows-Help-DataLayer, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:29:56, Info CSI 000000ca [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:29:56, Info CSI 000000cd [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:16{8}]"apds.dll"; source file in store is also corrupted

2013-01-18 16:29:56, Info CSI 000000cf [sR] Verify complete

2013-01-18 16:29:56, Info CSI 000000d0 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:56, Info CSI 000000d1 [sR] Beginning Verify and Repair transaction

2013-01-18 16:29:57, Info CSI 000000d3 [sR] Verify complete

2013-01-18 16:29:57, Info CSI 000000d4 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:29:57, Info CSI 000000d5 [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:02, Info CSI 000000dc [sR] Verify complete

2013-01-18 16:30:02, Info CSI 000000dd [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:02, Info CSI 000000de [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:07, Info CSI 000000ec [sR] Verify complete

2013-01-18 16:30:07, Info CSI 000000ed [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:07, Info CSI 000000ee [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:08, Info CSI 000000f0 [sR] Verify complete

2013-01-18 16:30:08, Info CSI 000000f1 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:08, Info CSI 000000f2 [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:11, Info CSI 000000f4 [sR] Verify complete

2013-01-18 16:30:12, Info CSI 000000f5 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:12, Info CSI 000000f6 [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:15, Info CSI 000000f8 [sR] Verify complete

2013-01-18 16:30:16, Info CSI 000000f9 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:16, Info CSI 000000fa [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:22, Info CSI 000000fd [sR] Verify complete

2013-01-18 16:30:22, Info CSI 000000fe [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:22, Info CSI 000000ff [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:28, Info CSI 00000102 [sR] Verify complete

2013-01-18 16:30:28, Info CSI 00000103 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:28, Info CSI 00000104 [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:31, Info CSI 00000106 [sR] Verify complete

2013-01-18 16:30:31, Info CSI 00000107 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:31, Info CSI 00000108 [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:33, Info CSI 0000010a [sR] Verify complete

2013-01-18 16:30:33, Info CSI 0000010b [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:33, Info CSI 0000010c [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:38, Info CSI 0000010e [sR] Verify complete

2013-01-18 16:30:38, Info CSI 0000010f [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:38, Info CSI 00000110 [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:42, Info CSI 00000112 [sR] Verify complete

2013-01-18 16:30:43, Info CSI 00000113 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:43, Info CSI 00000114 [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:46, Info CSI 00000116 [sR] Cannot repair member file [l:14{7}]"wmp.dll" of Microsoft-Windows-MediaPlayer-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:30:49, Info CSI 00000118 [sR] Cannot repair member file [l:14{7}]"wmp.dll" of Microsoft-Windows-MediaPlayer-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:30:49, Info CSI 00000119 [sR] This component was referenced by [l:190{95}]"Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsMediaPlayer"

2013-01-18 16:30:49, Info CSI 0000011c [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:14{7}]"wmp.dll"; source file in store is also corrupted

2013-01-18 16:30:49, Info CSI 0000011e [sR] Verify complete

2013-01-18 16:30:50, Info CSI 0000011f [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:50, Info CSI 00000120 [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:56, Info CSI 00000138 [sR] Verify complete

2013-01-18 16:30:56, Info CSI 00000139 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:30:56, Info CSI 0000013a [sR] Beginning Verify and Repair transaction

2013-01-18 16:30:57, Info CSI 0000013c [sR] Cannot repair member file [l:30{15}]"msmpeg2vdec.dll" of Microsoft-Windows-MSMPEG2VDEC, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:30:58, Info CSI 0000013e [sR] Cannot repair member file [l:22{11}]"msvcp60.dll" of Microsoft-Windows-MSVCP60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:00, Info CSI 00000140 [sR] Cannot repair member file [l:22{11}]"msvcp60.dll" of Microsoft-Windows-MSVCP60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:00, Info CSI 00000141 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:00, Info CSI 00000144 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"msvcp60.dll"; source file in store is also corrupted

2013-01-18 16:31:00, Info CSI 00000146 [sR] Cannot repair member file [l:30{15}]"msmpeg2vdec.dll" of Microsoft-Windows-MSMPEG2VDEC, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:00, Info CSI 00000147 [sR] This component was referenced by [l:204{102}]"Microsoft-Windows-CodecPack-Basic-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsMediaCodecPack"

2013-01-18 16:31:00, Info CSI 0000014a [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"msmpeg2vdec.dll"; source file in store is also corrupted

2013-01-18 16:31:00, Info CSI 0000014c [sR] Verify complete

2013-01-18 16:31:01, Info CSI 0000014d [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:31:01, Info CSI 0000014e [sR] Beginning Verify and Repair transaction

2013-01-18 16:31:02, Info CSI 00000150 [sR] Cannot repair member file [l:22{11}]"NAPSTAT.EXE" of Microsoft-Windows-NetworkAccessProtection-StatusUI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:02, Info CSI 00000152 [sR] Cannot repair member file [l:26{13}]"msshavmsg.dll" of Microsoft-Windows-NAP-oobsha, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:03, Info CSI 00000154 [sR] Cannot repair member file [l:30{15}]"NlsData0816.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:03, Info CSI 00000156 [sR] Cannot repair member file [l:30{15}]"NlsData0414.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:03, Info CSI 00000158 [sR] Cannot repair member file [l:30{15}]"NlsData004e.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:03, Info CSI 0000015a [sR] Cannot repair member file [l:30{15}]"NlsData004c.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:03, Info CSI 0000015c [sR] Cannot repair member file [l:30{15}]"NlsData004b.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:03, Info CSI 0000015e [sR] Cannot repair member file [l:30{15}]"NlsData004a.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:05, Info CSI 00000160 [sR] Cannot repair member file [l:38{19}]"NlsLexicons000d.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:06, Info CSI 00000162 [sR] Cannot repair member file [l:38{19}]"NlsLexicons0002.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:06, Info CSI 00000164 [sR] Cannot repair member file [l:38{19}]"NlsLexicons0001.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:06, Info CSI 00000166 [sR] Cannot repair member file [l:38{19}]"NlsLexicons0011.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:08, Info CSI 00000168 [sR] Cannot repair member file [l:22{11}]"NAPSTAT.EXE" of Microsoft-Windows-NetworkAccessProtection-StatusUI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:08, Info CSI 00000169 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:08, Info CSI 0000016c [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"NAPSTAT.EXE"; source file in store is also corrupted

2013-01-18 16:31:08, Info CSI 0000016e [sR] Cannot repair member file [l:26{13}]"msshavmsg.dll" of Microsoft-Windows-NAP-oobsha, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:08, Info CSI 0000016f [sR] This component was referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"

2013-01-18 16:31:08, Info CSI 00000172 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:26{13}]"msshavmsg.dll"; source file in store is also corrupted

2013-01-18 16:31:09, Info CSI 00000174 [sR] Cannot repair member file [l:30{15}]"NlsData0816.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:09, Info CSI 00000175 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:09, Info CSI 00000177 [sR] Cannot repair member file [l:30{15}]"NlsData0414.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:09, Info CSI 00000178 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:09, Info CSI 0000017a [sR] Cannot repair member file [l:30{15}]"NlsData004e.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:09, Info CSI 0000017b [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:09, Info CSI 0000017d [sR] Cannot repair member file [l:30{15}]"NlsData004c.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:09, Info CSI 0000017e [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:09, Info CSI 00000180 [sR] Cannot repair member file [l:30{15}]"NlsData004b.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:09, Info CSI 00000181 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:09, Info CSI 00000183 [sR] Cannot repair member file [l:30{15}]"NlsData004a.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:09, Info CSI 00000184 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:10, Info CSI 00000186 [sR] Cannot repair member file [l:38{19}]"NlsLexicons000d.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:10, Info CSI 00000187 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:10, Info CSI 00000189 [sR] Cannot repair member file [l:38{19}]"NlsLexicons0002.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:10, Info CSI 0000018a [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:11, Info CSI 0000018c [sR] Cannot repair member file [l:38{19}]"NlsLexicons0001.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:11, Info CSI 0000018d [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:11, Info CSI 0000018f [sR] Cannot repair member file [l:38{19}]"NlsLexicons0011.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:11, Info CSI 00000190 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:11, Info CSI 00000193 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData0816.dll"; source file in store is also corrupted

2013-01-18 16:31:11, Info CSI 00000196 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData0414.dll"; source file in store is also corrupted

2013-01-18 16:31:12, Info CSI 00000199 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData004e.dll"; source file in store is also corrupted

2013-01-18 16:31:12, Info CSI 0000019c [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData004c.dll"; source file in store is also corrupted

2013-01-18 16:31:12, Info CSI 0000019f [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData004b.dll"; source file in store is also corrupted

2013-01-18 16:31:12, Info CSI 000001a2 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData004a.dll"; source file in store is also corrupted

2013-01-18 16:31:12, Info CSI 000001a5 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:38{19}]"NlsLexicons000d.dll"; source file in store is also corrupted

2013-01-18 16:31:13, Info CSI 000001a8 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:38{19}]"NlsLexicons0002.dll"; source file in store is also corrupted

2013-01-18 16:31:13, Info CSI 000001ab [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:38{19}]"NlsLexicons0001.dll"; source file in store is also corrupted

2013-01-18 16:31:13, Info CSI 000001ae [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:38{19}]"NlsLexicons0011.dll"; source file in store is also corrupted

2013-01-18 16:31:14, Info CSI 000001b0 [sR] Verify complete

2013-01-18 16:31:14, Info CSI 000001b1 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:31:14, Info CSI 000001b2 [sR] Beginning Verify and Repair transaction

2013-01-18 16:31:15, Info CSI 000001b4 [sR] Cannot repair member file [l:22{11}]"netprof.dll" of Microsoft-Windows-NETPROFUI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:19, Info CSI 000001b6 [sR] Cannot repair member file [l:22{11}]"netprof.dll" of Microsoft-Windows-NETPROFUI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:31:19, Info CSI 000001b7 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:31:19, Info CSI 000001ba [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"netprof.dll"; source file in store is also corrupted

2013-01-18 16:31:21, Info CSI 000001bd [sR] Verify complete

2013-01-18 16:31:21, Info CSI 000001be [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:31:21, Info CSI 000001bf [sR] Beginning Verify and Repair transaction

2013-01-18 16:31:27, Info CSI 000001c1 [sR] Verify complete

2013-01-18 16:31:27, Info CSI 000001c2 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:31:27, Info CSI 000001c3 [sR] Beginning Verify and Repair transaction

2013-01-18 16:31:32, Info CSI 000001c5 [sR] Verify complete

2013-01-18 16:31:32, Info CSI 000001c6 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:31:32, Info CSI 000001c7 [sR] Beginning Verify and Repair transaction

2013-01-18 16:31:35, Info CSI 000001c9 [sR] Verify complete

2013-01-18 16:31:36, Info CSI 000001ca [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:31:36, Info CSI 000001cb [sR] Beginning Verify and Repair transaction

2013-01-18 16:31:39, Info CSI 000001cd [sR] Verify complete

2013-01-18 16:31:39, Info CSI 000001ce [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:31:39, Info CSI 000001cf [sR] Beginning Verify and Repair transaction

2013-01-18 16:31:44, Info CSI 000001d3 [sR] Verify complete

2013-01-18 16:31:44, Info CSI 000001d4 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:31:44, Info CSI 000001d5 [sR] Beginning Verify and Repair transaction

2013-01-18 16:31:51, Info CSI 000001d7 [sR] Verify complete

2013-01-18 16:31:52, Info CSI 000001d8 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:31:52, Info CSI 000001d9 [sR] Beginning Verify and Repair transaction

2013-01-18 16:31:57, Info CSI 000001dc [sR] Verify complete

2013-01-18 16:31:57, Info CSI 000001dd [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:31:57, Info CSI 000001de [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:02, Info CSI 000001e0 [sR] Verify complete

2013-01-18 16:32:02, Info CSI 000001e1 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:02, Info CSI 000001e2 [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:06, Info CSI 000001e5 [sR] Verify complete

2013-01-18 16:32:06, Info CSI 000001e6 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:06, Info CSI 000001e7 [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:11, Info CSI 000001e9 [sR] Verify complete

2013-01-18 16:32:12, Info CSI 000001ea [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:12, Info CSI 000001eb [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:19, Info CSI 000001ee [sR] Verify complete

2013-01-18 16:32:19, Info CSI 000001ef [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:19, Info CSI 000001f0 [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:20, Info CSI 000001f1 [sR] Cannot repair member file [l:26{13}]"srdelayed.exe" of Microsoft-Windows-SrDelayed, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:32:22, Info CSI 000001f2 [sR] Cannot repair member file [l:26{13}]"srdelayed.exe" of Microsoft-Windows-SrDelayed, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:32:22, Info CSI 000001f3 [sR] This component was referenced by [l:184{92}]"Microsoft-Windows-SystemRestore-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.SystemRestore"

2013-01-18 16:32:22, Info CSI 000001f4 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:26{13}]"srdelayed.exe"; source file in store is also corrupted

2013-01-18 16:32:22, Info CSI 000001f6 [sR] Verify complete

2013-01-18 16:32:22, Info CSI 000001f7 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:22, Info CSI 000001f8 [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:23, Info CSI 000001f9 [sR] Cannot repair member file [l:24{12}]"srhelper.dll" of Microsoft-Windows-SystemRestore-SrHelper, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:32:26, Info CSI 000001fa [sR] Cannot repair member file [l:24{12}]"srhelper.dll" of Microsoft-Windows-SystemRestore-SrHelper, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:32:26, Info CSI 000001fb [sR] This component was referenced by [l:184{92}]"Microsoft-Windows-SystemRestore-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.SystemRestore"

2013-01-18 16:32:26, Info CSI 000001fc [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"srhelper.dll"; source file in store is also corrupted

2013-01-18 16:32:27, Info CSI 000001fe [sR] Verify complete

2013-01-18 16:32:27, Info CSI 000001ff [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:27, Info CSI 00000200 [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:30, Info CSI 00000202 [sR] Verify complete

2013-01-18 16:32:31, Info CSI 00000203 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:31, Info CSI 00000204 [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:36, Info CSI 00000207 [sR] Verify complete

2013-01-18 16:32:36, Info CSI 00000208 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:36, Info CSI 00000209 [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:39, Info CSI 0000020b [sR] Verify complete

2013-01-18 16:32:40, Info CSI 0000020c [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:40, Info CSI 0000020d [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:44, Info CSI 0000020f [sR] Verify complete

2013-01-18 16:32:45, Info CSI 00000210 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:45, Info CSI 00000211 [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:47, Info CSI 00000213 [sR] Verify complete

2013-01-18 16:32:48, Info CSI 00000214 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:48, Info CSI 00000215 [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:48, Info CSI 00000218 [sR] Cannot verify component files for Microsoft-Windows-VirtualPC-Deployment-LanguagePack, Version = 7.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"sv-SE", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (TRUE)

2013-01-18 16:32:50, Info CSI 0000021a [sR] Verify complete

2013-01-18 16:32:51, Info CSI 0000021f [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:51, Info CSI 00000220 [sR] Beginning Verify and Repair transaction

2013-01-18 16:32:56, Info CSI 00000223 [sR] Verify complete

2013-01-18 16:32:56, Info CSI 00000224 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:32:56, Info CSI 00000225 [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:01, Info CSI 00000228 [sR] Verify complete

2013-01-18 16:33:02, Info CSI 00000229 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:02, Info CSI 0000022a [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:06, Info CSI 0000022d [sR] Verify complete

2013-01-18 16:33:06, Info CSI 0000022e [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:06, Info CSI 0000022f [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:10, Info CSI 00000231 [sR] Verify complete

2013-01-18 16:33:11, Info CSI 00000232 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:11, Info CSI 00000233 [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:13, Info CSI 00000235 [sR] Cannot repair member file [l:20{10}]"mswmdm.dll" of Microsoft-Windows-WPD-LegacyWmdmAPI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:33:15, Info CSI 00000238 [sR] Cannot repair member file [l:20{10}]"mswmdm.dll" of Microsoft-Windows-WPD-LegacyWmdmAPI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:33:15, Info CSI 00000239 [sR] This component was referenced by [l:206{103}]"Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsMediaFormatRuntime"

2013-01-18 16:33:15, Info CSI 0000023c [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"mswmdm.dll"; source file in store is also corrupted

2013-01-18 16:33:15, Info CSI 0000023e [sR] Verify complete

2013-01-18 16:33:16, Info CSI 0000023f [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:16, Info CSI 00000240 [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:19, Info CSI 00000242 [sR] Verify complete

2013-01-18 16:33:20, Info CSI 00000243 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:20, Info CSI 00000244 [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:21, Info CSI 00000246 [sR] Verify complete

2013-01-18 16:33:21, Info CSI 00000247 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:21, Info CSI 00000248 [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:24, Info CSI 0000024a [sR] Verify complete

2013-01-18 16:33:24, Info CSI 0000024b [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:24, Info CSI 0000024c [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:27, Info CSI 0000024e [sR] Verify complete

2013-01-18 16:33:28, Info CSI 0000024f [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:28, Info CSI 00000250 [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:31, Info CSI 00000252 [sR] Verify complete

2013-01-18 16:33:32, Info CSI 00000253 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:32, Info CSI 00000254 [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:34, Info CSI 00000256 [sR] Verify complete

2013-01-18 16:33:35, Info CSI 00000257 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:35, Info CSI 00000258 [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:38, Info CSI 0000025a [sR] Verify complete

2013-01-18 16:33:38, Info CSI 0000025b [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:38, Info CSI 0000025c [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:41, Info CSI 0000025d [sR] Cannot repair member file [l:24{12}]"prnca00d.cat" of prnca00d.inf, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:33:43, Info CSI 0000025e [sR] Cannot repair member file [l:24{12}]"prnca00d.cat" of prnca00d.inf, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:33:43, Info CSI 0000025f [sR] This component was referenced by [l:186{93}]"Microsoft-Windows-Printer-Drivers-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.INF_prnca00d"

2013-01-18 16:33:43, Info CSI 00000261 [sR] Verify complete

2013-01-18 16:33:43, Info CSI 00000262 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:43, Info CSI 00000263 [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:50, Info CSI 00000265 [sR] Verify complete

2013-01-18 16:33:50, Info CSI 00000266 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:50, Info CSI 00000267 [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:52, Info CSI 00000269 [sR] Verify complete

2013-01-18 16:33:52, Info CSI 0000026a [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:52, Info CSI 0000026b [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:54, Info CSI 0000026d [sR] Cannot repair member file [l:22{11}]"MpEvMsg.dll" of Security-Malware-Windows-Defender-Events, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:33:55, Info CSI 0000026f [sR] Cannot repair member file [l:22{11}]"MpEvMsg.dll" of Security-Malware-Windows-Defender-Events, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:33:55, Info CSI 00000270 [sR] This component was referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"

2013-01-18 16:33:55, Info CSI 00000273 [sR] Could not reproject corrupted file [ml:520{260},l:74{37}]"\??\C:\Program Files\Windows Defender"\[l:22{11}]"MpEvMsg.dll"; source file in store is also corrupted

2013-01-18 16:33:55, Info CSI 00000275 [sR] Verify complete

2013-01-18 16:33:55, Info CSI 00000276 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:55, Info CSI 00000277 [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:56, Info CSI 00000279 [sR] Verify complete

2013-01-18 16:33:56, Info CSI 0000027a [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:56, Info CSI 0000027b [sR] Beginning Verify and Repair transaction

2013-01-18 16:33:58, Info CSI 0000027d [sR] Verify complete

2013-01-18 16:33:59, Info CSI 0000027e [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:33:59, Info CSI 0000027f [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:01, Info CSI 00000281 [sR] Verify complete

2013-01-18 16:34:01, Info CSI 00000282 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:01, Info CSI 00000283 [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:04, Info CSI 00000285 [sR] Verify complete

2013-01-18 16:34:04, Info CSI 00000286 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:04, Info CSI 00000287 [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:09, Info CSI 0000028f [sR] Verify complete

2013-01-18 16:34:09, Info CSI 00000290 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:09, Info CSI 00000291 [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:13, Info CSI 00000293 [sR] Verify complete

2013-01-18 16:34:14, Info CSI 00000294 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:14, Info CSI 00000295 [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:16, Info CSI 00000297 [sR] Verify complete

2013-01-18 16:34:16, Info CSI 00000298 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:16, Info CSI 00000299 [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:19, Info CSI 0000029b [sR] Verify complete

2013-01-18 16:34:19, Info CSI 0000029c [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:19, Info CSI 0000029d [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:22, Info CSI 0000029f [sR] Verify complete

2013-01-18 16:34:22, Info CSI 000002a0 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:22, Info CSI 000002a1 [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:26, Info CSI 000002a3 [sR] Cannot repair member file [l:14{7}]"cmd.exe" of Microsoft-Windows-CommandPrompt, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:34:27, Info CSI 000002a5 [sR] Cannot repair member file [l:14{7}]"cmd.exe" of Microsoft-Windows-CommandPrompt, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:34:27, Info CSI 000002a6 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:34:27, Info CSI 000002a9 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:14{7}]"cmd.exe"; source file in store is also corrupted

2013-01-18 16:34:28, Info CSI 000002ab [sR] Verify complete

2013-01-18 16:34:28, Info CSI 000002ac [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:28, Info CSI 000002ad [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:33, Info CSI 000002b0 [sR] Verify complete

2013-01-18 16:34:33, Info CSI 000002b1 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:33, Info CSI 000002b2 [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:34, Info CSI 000002b4 [sR] Verify complete

2013-01-18 16:34:34, Info CSI 000002b5 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:34, Info CSI 000002b6 [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:36, Info CSI 000002b8 [sR] Verify complete

2013-01-18 16:34:36, Info CSI 000002b9 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:36, Info CSI 000002ba [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:47, Info CSI 000002bf [sR] Verify complete

2013-01-18 16:34:47, Info CSI 000002c0 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:47, Info CSI 000002c1 [sR] Beginning Verify and Repair transaction

2013-01-18 16:34:51, Info CSI 000002c3 [sR] Cannot repair member file [l:28{14}]"PeerDistSh.dll" of Microsoft-Windows-PeerDist-Common, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:34:53, Info CSI 000002c8 [sR] Cannot repair member file [l:28{14}]"PeerDistSh.dll" of Microsoft-Windows-PeerDist-Common, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:34:53, Info CSI 000002c9 [sR] This component was referenced by [l:178{89}]"Microsoft-Windows-PeerDist-Client-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.PeerDist"

2013-01-18 16:34:53, Info CSI 000002cc [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:28{14}]"PeerDistSh.dll"; source file in store is also corrupted

2013-01-18 16:34:53, Info CSI 000002ce [sR] Verify complete

2013-01-18 16:34:53, Info CSI 000002cf [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:34:53, Info CSI 000002d0 [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:00, Info CSI 000002d2 [sR] Verify complete

2013-01-18 16:35:00, Info CSI 000002d3 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:00, Info CSI 000002d4 [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:04, Info CSI 000002df [sR] Verify complete

2013-01-18 16:35:05, Info CSI 000002e0 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:05, Info CSI 000002e1 [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:11, Info CSI 000002e8 [sR] Verify complete

2013-01-18 16:35:11, Info CSI 000002e9 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:11, Info CSI 000002ea [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:14, Info CSI 000002ec [sR] Verify complete

2013-01-18 16:35:14, Info CSI 000002ed [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:14, Info CSI 000002ee [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:17, Info CSI 000002f2 [sR] Verify complete

2013-01-18 16:35:17, Info CSI 000002f3 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:17, Info CSI 000002f4 [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:20, Info CSI 000002f6 [sR] Verify complete

2013-01-18 16:35:20, Info CSI 000002f7 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:20, Info CSI 000002f8 [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:24, Info CSI 0000031d [sR] Verify complete

2013-01-18 16:35:24, Info CSI 0000031e [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:24, Info CSI 0000031f [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:27, Info CSI 00000321 [sR] Verify complete

2013-01-18 16:35:27, Info CSI 00000322 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:27, Info CSI 00000323 [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:29, Info CSI 00000325 [sR] Cannot repair member file [l:16{8}]"desk.cpl" of Microsoft-Windows-desk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:35:30, Info CSI 00000327 [sR] Cannot repair member file [l:16{8}]"desk.cpl" of Microsoft-Windows-desk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:35:30, Info CSI 00000328 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:35:30, Info CSI 0000032b [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:16{8}]"desk.cpl"; source file in store is also corrupted

2013-01-18 16:35:30, Info CSI 0000032d [sR] Verify complete

2013-01-18 16:35:31, Info CSI 0000032e [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:31, Info CSI 0000032f [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:34, Info CSI 00000331 [sR] Verify complete

2013-01-18 16:35:34, Info CSI 00000332 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:34, Info CSI 00000333 [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:37, Info CSI 00000341 [sR] Verify complete

2013-01-18 16:35:37, Info CSI 00000342 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:37, Info CSI 00000343 [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:43, Info CSI 00000345 [sR] Verify complete

2013-01-18 16:35:43, Info CSI 00000346 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:43, Info CSI 00000347 [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:47, Info CSI 00000355 [sR] Verify complete

2013-01-18 16:35:47, Info CSI 00000356 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:47, Info CSI 00000357 [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:49, Info CSI 00000359 [sR] Verify complete

2013-01-18 16:35:49, Info CSI 0000035a [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:49, Info CSI 0000035b [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:53, Info CSI 0000035d [sR] Verify complete

2013-01-18 16:35:53, Info CSI 0000035e [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:53, Info CSI 0000035f [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:56, Info CSI 00000362 [sR] Verify complete

2013-01-18 16:35:56, Info CSI 00000363 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:56, Info CSI 00000364 [sR] Beginning Verify and Repair transaction

2013-01-18 16:35:58, Info CSI 00000366 [sR] Verify complete

2013-01-18 16:35:58, Info CSI 00000367 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:35:58, Info CSI 00000368 [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:02, Info CSI 0000036a [sR] Verify complete

2013-01-18 16:36:02, Info CSI 0000036b [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:02, Info CSI 0000036c [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:05, Info CSI 0000036e [sR] Verify complete

2013-01-18 16:36:06, Info CSI 0000036f [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:06, Info CSI 00000370 [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:11, Info CSI 0000037f [sR] Verify complete

2013-01-18 16:36:11, Info CSI 00000380 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:11, Info CSI 00000381 [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:14, Info CSI 0000038e [sR] Verify complete

2013-01-18 16:36:15, Info CSI 0000038f [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:15, Info CSI 00000390 [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:24, Info CSI 00000392 [sR] Verify complete

2013-01-18 16:36:24, Info CSI 00000393 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:24, Info CSI 00000394 [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:28, Info CSI 00000396 [sR] Verify complete

2013-01-18 16:36:28, Info CSI 00000397 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:28, Info CSI 00000398 [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:30, Info CSI 0000039b [sR] Verify complete

2013-01-18 16:36:30, Info CSI 0000039c [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:30, Info CSI 0000039d [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:33, Info CSI 000003a0 [sR] Verify complete

2013-01-18 16:36:33, Info CSI 000003a1 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:33, Info CSI 000003a2 [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:36, Info CSI 000003a4 [sR] Verify complete

2013-01-18 16:36:37, Info CSI 000003a5 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:37, Info CSI 000003a6 [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:40, Info CSI 000003a8 [sR] Verify complete

2013-01-18 16:36:40, Info CSI 000003a9 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:40, Info CSI 000003aa [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:43, Info CSI 000003ad [sR] Verify complete

2013-01-18 16:36:44, Info CSI 000003ae [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:44, Info CSI 000003af [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:46, Info CSI 000003b1 [sR] Verify complete

2013-01-18 16:36:46, Info CSI 000003b2 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:46, Info CSI 000003b3 [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:49, Info CSI 000003b5 [sR] Verify complete

2013-01-18 16:36:50, Info CSI 000003b6 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:50, Info CSI 000003b7 [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:53, Info CSI 000003b9 [sR] Verify complete

2013-01-18 16:36:54, Info CSI 000003ba [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:54, Info CSI 000003bb [sR] Beginning Verify and Repair transaction

2013-01-18 16:36:57, Info CSI 000003be [sR] Verify complete

2013-01-18 16:36:58, Info CSI 000003bf [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:36:58, Info CSI 000003c0 [sR] Beginning Verify and Repair transaction

2013-01-18 16:37:03, Info CSI 000003c2 [sR] Verify complete

2013-01-18 16:37:03, Info CSI 000003c3 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:37:03, Info CSI 000003c4 [sR] Beginning Verify and Repair transaction

2013-01-18 16:37:07, Info CSI 000003c6 [sR] Verify complete

2013-01-18 16:37:07, Info CSI 000003c7 [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:37:07, Info CSI 000003c8 [sR] Beginning Verify and Repair transaction

2013-01-18 16:37:10, Info CSI 000003ca [sR] Verify complete

2013-01-18 16:37:11, Info CSI 000003cb [sR] Verifying 100 (0x0000000000000064) components

2013-01-18 16:37:11, Info CSI 000003cc [sR] Beginning Verify and Repair transaction

2013-01-18 16:37:15, Info CSI 000003ce [sR] Verify complete

2013-01-18 16:37:15, Info CSI 000003cf [sR] Verifying 70 (0x0000000000000046) components

2013-01-18 16:37:15, Info CSI 000003d0 [sR] Beginning Verify and Repair transaction

2013-01-18 16:37:17, Info CSI 000003d2 [sR] Verify complete

2013-01-18 16:37:17, Info CSI 000003d3 [sR] Repairing 18 (0x0000000000000012) components

2013-01-18 16:37:17, Info CSI 000003d4 [sR] Beginning Verify and Repair transaction

2013-01-18 16:37:17, Info CSI 000003d6 [sR] Cannot repair member file [l:48{24}]"calendar_ring_docked.png" of Microsoft-Windows-Gadgets-Calendar, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:17, Info CSI 000003d8 [sR] Cannot repair member file [l:16{8}]"apds.dll" of Microsoft-Windows-Help-DataLayer, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:17, Info CSI 000003da [sR] Cannot repair member file [l:14{7}]"wmp.dll" of Microsoft-Windows-MediaPlayer-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:18, Info CSI 000003dc [sR] Cannot repair member file [l:22{11}]"msvcp60.dll" of Microsoft-Windows-MSVCP60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:18, Info CSI 000003de [sR] Cannot repair member file [l:30{15}]"msmpeg2vdec.dll" of Microsoft-Windows-MSMPEG2VDEC, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:18, Info CSI 000003e0 [sR] Cannot repair member file [l:22{11}]"NAPSTAT.EXE" of Microsoft-Windows-NetworkAccessProtection-StatusUI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:18, Info CSI 000003e2 [sR] Cannot repair member file [l:26{13}]"msshavmsg.dll" of Microsoft-Windows-NAP-oobsha, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:18, Info CSI 000003e4 [sR] Cannot repair member file [l:30{15}]"NlsData0816.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:18, Info CSI 000003e6 [sR] Cannot repair member file [l:30{15}]"NlsData0414.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:19, Info CSI 000003e8 [sR] Cannot repair member file [l:30{15}]"NlsData004e.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:19, Info CSI 000003ea [sR] Cannot repair member file [l:30{15}]"NlsData004c.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:19, Info CSI 000003ec [sR] Cannot repair member file [l:30{15}]"NlsData004b.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:19, Info CSI 000003ee [sR] Cannot repair member file [l:30{15}]"NlsData004a.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:20, Info CSI 000003f0 [sR] Cannot repair member file [l:38{19}]"NlsLexicons000d.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:21, Info CSI 000003f2 [sR] Cannot repair member file [l:38{19}]"NlsLexicons0002.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:21, Info CSI 000003f4 [sR] Cannot repair member file [l:38{19}]"NlsLexicons0001.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:22, Info CSI 000003f6 [sR] Cannot repair member file [l:38{19}]"NlsLexicons0011.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 000003f8 [sR] Cannot repair member file [l:22{11}]"netprof.dll" of Microsoft-Windows-NETPROFUI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 000003f9 [sR] Cannot repair member file [l:26{13}]"srdelayed.exe" of Microsoft-Windows-SrDelayed, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:37:23, Info CSI 000003fa [sR] Cannot repair member file [l:24{12}]"srhelper.dll" of Microsoft-Windows-SystemRestore-SrHelper, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:37:23, Info CSI 000003fd [sR] Cannot verify component files for Microsoft-Windows-VirtualPC-Deployment-LanguagePack, Version = 7.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"sv-SE", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral, manifest is damaged (TRUE)

2013-01-18 16:37:23, Info CSI 000003ff [sR] Cannot repair member file [l:20{10}]"mswmdm.dll" of Microsoft-Windows-WPD-LegacyWmdmAPI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000400 [sR] Cannot repair member file [l:24{12}]"prnca00d.cat" of prnca00d.inf, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:37:23, Info CSI 00000402 [sR] Cannot repair member file [l:22{11}]"MpEvMsg.dll" of Security-Malware-Windows-Defender-Events, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000404 [sR] Cannot repair member file [l:14{7}]"cmd.exe" of Microsoft-Windows-CommandPrompt, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000406 [sR] Cannot repair member file [l:28{14}]"PeerDistSh.dll" of Microsoft-Windows-PeerDist-Common, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000408 [sR] Cannot repair member file [l:16{8}]"desk.cpl" of Microsoft-Windows-desk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000409 [sR] Cannot repair member file [l:26{13}]"srdelayed.exe" of Microsoft-Windows-SrDelayed, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:37:23, Info CSI 0000040a [sR] This component was referenced by [l:184{92}]"Microsoft-Windows-SystemRestore-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.SystemRestore"

2013-01-18 16:37:23, Info CSI 0000040b [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:26{13}]"srdelayed.exe"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 0000040c [sR] Cannot repair member file [l:24{12}]"prnca00d.cat" of prnca00d.inf, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:37:23, Info CSI 0000040d [sR] This component was referenced by [l:186{93}]"Microsoft-Windows-Printer-Drivers-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.INF_prnca00d"

2013-01-18 16:37:23, Info CSI 0000040f [sR] Cannot repair member file [l:48{24}]"calendar_ring_docked.png" of Microsoft-Windows-Gadgets-Calendar, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000410 [sR] This component was referenced by [l:204{102}]"Microsoft-Windows-Gadget-Platform-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsGadgetPlatform"

2013-01-18 16:37:23, Info CSI 00000413 [sR] Could not reproject corrupted file [ml:520{260},l:134{67}]"\??\C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images"\[l:48{24}]"calendar_ring_docked.png"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 00000415 [sR] Cannot repair member file [l:30{15}]"msmpeg2vdec.dll" of Microsoft-Windows-MSMPEG2VDEC, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000416 [sR] This component was referenced by [l:204{102}]"Microsoft-Windows-CodecPack-Basic-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsMediaCodecPack"

2013-01-18 16:37:23, Info CSI 00000419 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"msmpeg2vdec.dll"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 0000041b [sR] Cannot repair member file [l:22{11}]"MpEvMsg.dll" of Security-Malware-Windows-Defender-Events, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 0000041c [sR] This component was referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"

2013-01-18 16:37:23, Info CSI 0000041f [sR] Could not reproject corrupted file [ml:520{260},l:74{37}]"\??\C:\Program Files\Windows Defender"\[l:22{11}]"MpEvMsg.dll"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 00000421 [sR] Cannot repair member file [l:16{8}]"desk.cpl" of Microsoft-Windows-desk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000422 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:23, Info CSI 00000425 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:16{8}]"desk.cpl"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 00000427 [sR] Cannot repair member file [l:16{8}]"apds.dll" of Microsoft-Windows-Help-DataLayer, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000428 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:23, Info CSI 0000042b [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:16{8}]"apds.dll"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 0000042d [sR] Cannot repair member file [l:22{11}]"msvcp60.dll" of Microsoft-Windows-MSVCP60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 0000042e [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:23, Info CSI 00000431 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"msvcp60.dll"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 00000433 [sR] Cannot repair member file [l:22{11}]"netprof.dll" of Microsoft-Windows-NETPROFUI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000434 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:23, Info CSI 00000437 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"netprof.dll"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 00000439 [sR] Cannot repair member file [l:26{13}]"msshavmsg.dll" of Microsoft-Windows-NAP-oobsha, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 0000043a [sR] This component was referenced by [l:242{121}]"Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.Microsoft-Windows-Client-Features-Update"

2013-01-18 16:37:23, Info CSI 0000043d [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:26{13}]"msshavmsg.dll"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 0000043e [sR] Cannot repair member file [l:24{12}]"srhelper.dll" of Microsoft-Windows-SystemRestore-SrHelper, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing

2013-01-18 16:37:23, Info CSI 0000043f [sR] This component was referenced by [l:184{92}]"Microsoft-Windows-SystemRestore-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.SystemRestore"

2013-01-18 16:37:23, Info CSI 00000440 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"srhelper.dll"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 00000442 [sR] Cannot repair member file [l:20{10}]"mswmdm.dll" of Microsoft-Windows-WPD-LegacyWmdmAPI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000443 [sR] This component was referenced by [l:206{103}]"Microsoft-Windows-Media-Format-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsMediaFormatRuntime"

2013-01-18 16:37:23, Info CSI 00000446 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"mswmdm.dll"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 00000448 [sR] Cannot repair member file [l:28{14}]"PeerDistSh.dll" of Microsoft-Windows-PeerDist-Common, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 00000449 [sR] This component was referenced by [l:178{89}]"Microsoft-Windows-PeerDist-Client-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.PeerDist"

2013-01-18 16:37:23, Info CSI 0000044c [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:28{14}]"PeerDistSh.dll"; source file in store is also corrupted

2013-01-18 16:37:23, Info CSI 0000044e [sR] Cannot repair member file [l:14{7}]"cmd.exe" of Microsoft-Windows-CommandPrompt, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:23, Info CSI 0000044f [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:23, Info CSI 00000452 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:14{7}]"cmd.exe"; source file in store is also corrupted

2013-01-18 16:37:24, Info CSI 00000454 [sR] Cannot repair member file [l:14{7}]"wmp.dll" of Microsoft-Windows-MediaPlayer-Core, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:24, Info CSI 00000455 [sR] This component was referenced by [l:190{95}]"Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsMediaPlayer"

2013-01-18 16:37:24, Info CSI 00000458 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:14{7}]"wmp.dll"; source file in store is also corrupted

2013-01-18 16:37:24, Info CSI 0000045a [sR] Cannot repair member file [l:22{11}]"NAPSTAT.EXE" of Microsoft-Windows-NetworkAccessProtection-StatusUI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:24, Info CSI 0000045b [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:24, Info CSI 0000045e [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"NAPSTAT.EXE"; source file in store is also corrupted

2013-01-18 16:37:24, Info CSI 00000460 [sR] Cannot repair member file [l:30{15}]"NlsData0816.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:24, Info CSI 00000461 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:24, Info CSI 00000463 [sR] Cannot repair member file [l:30{15}]"NlsData0414.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:24, Info CSI 00000464 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:24, Info CSI 00000466 [sR] Cannot repair member file [l:30{15}]"NlsData004e.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:24, Info CSI 00000467 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:24, Info CSI 00000469 [sR] Cannot repair member file [l:30{15}]"NlsData004c.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:24, Info CSI 0000046a [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:24, Info CSI 0000046c [sR] Cannot repair member file [l:30{15}]"NlsData004b.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:24, Info CSI 0000046d [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:24, Info CSI 0000046f [sR] Cannot repair member file [l:30{15}]"NlsData004a.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:24, Info CSI 00000470 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:25, Info CSI 00000472 [sR] Cannot repair member file [l:38{19}]"NlsLexicons000d.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:25, Info CSI 00000473 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:26, Info CSI 00000475 [sR] Cannot repair member file [l:38{19}]"NlsLexicons0002.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:26, Info CSI 00000476 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:26, Info CSI 00000478 [sR] Cannot repair member file [l:38{19}]"NlsLexicons0001.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:26, Info CSI 00000479 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:26, Info CSI 0000047b [sR] Cannot repair member file [l:38{19}]"NlsLexicons0011.dll" of Microsoft-Windows-NaturalLanguage6, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-18 16:37:26, Info CSI 0000047c [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-18 16:37:26, Info CSI 0000047f [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData0816.dll"; source file in store is also corrupted

2013-01-18 16:37:26, Info CSI 00000482 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData0414.dll"; source file in store is also corrupted

2013-01-18 16:37:27, Info CSI 00000485 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData004e.dll"; source file in store is also corrupted

2013-01-18 16:37:27, Info CSI 00000488 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData004c.dll"; source file in store is also corrupted

2013-01-18 16:37:27, Info CSI 0000048b [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData004b.dll"; source file in store is also corrupted

2013-01-18 16:37:27, Info CSI 0000048e [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"NlsData004a.dll"; source file in store is also corrupted

2013-01-18 16:37:28, Info CSI 00000491 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:38{19}]"NlsLexicons000d.dll"; source file in store is also corrupted

2013-01-18 16:37:28, Info CSI 00000494 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:38{19}]"NlsLexicons0002.dll"; source file in store is also corrupted

2013-01-18 16:37:28, Info CSI 00000497 [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:38{19}]"NlsLexicons0001.dll"; source file in store is also corrupted

2013-01-18 16:37:29, Info CSI 0000049a [sR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:38{19}]"NlsLexicons0011.dll"; source file in store is also corrupted

2013-01-18 16:37:29, Info CSI 0000049c [sR] Repair complete

2013-01-18 16:37:29, Info CSI 000004a1 [sR] Committing transaction

2013-01-18 16:37:30, Info CSI 000004a5 [sR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired

Link to post
Share on other sites

Yes i`d certainly give that a try. Before that it maybe worthwhile using System Restore from the Recovery Environment, go back to a restore point before this issue started.

If System Restore is no good then go for the Repair,

If that fails you can try an In-Place Upgrade, instructions here: http://support.microsoft.com/kb/2255099

If all of the above fails a Clean Install is the only option left....

Link to post
Share on other sites

This has been a bit of a strange issues for sure, i`ve just been reading another thread at a different site, same issue as yours, The fix was also done with system restore.....

Yes please run Combofix from Normal mode. see what shows up.

I`ll have to pick this thread up again later, I`m on UK time, currently 2:40 am. Sleepy time me thinks....zzzzzzzzzzzzz

Link to post
Share on other sites

Ran Combofix again. Here's the log:

ComboFix 13-01-17.04 - Tyler 01/19/2013 11:49:38.1.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4095.2862 [GMT -8:00]

Running from: c:\users\Tyler\Downloads\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-12-19 to 2013-01-19 )))))))))))))))))))))))))))))))

.

.

2013-01-19 19:57 . 2013-01-19 19:57 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-01-18 01:47 . 2013-01-18 01:47 -------- d-----w- C:\FRST

2013-01-16 01:09 . 2013-01-17 09:06 -------- d-----w- c:\users\Tyler\AppData\Roaming\NeopleLauncherDFO

2013-01-15 21:36 . 2013-01-19 02:07 -------- d-----w- c:\users\Tyler\AppData\Roaming\.doomseeker

2013-01-15 21:36 . 2013-01-19 02:07 -------- d-----w- c:\program files (x86)\Zandronum

2013-01-13 00:05 . 2013-01-13 00:05 -------- d-----w- c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP

2013-01-12 11:00 . 2013-01-12 11:00 -------- d-----w- c:\windows\CheckSur

2013-01-09 20:48 . 2013-01-09 20:48 15739912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2013-01-09 00:27 . 2013-01-09 00:27 -------- d-----w- c:\program files (x86)\Common Files\Adobe Systems Shared

2013-01-09 00:24 . 2013-01-09 00:24 -------- d-----w- C:\PhSp_CS2_UE_Ret

2013-01-04 18:12 . 2013-01-04 18:12 -------- d-----w- C:\found.003

2013-01-01 20:01 . 2013-01-01 20:01 -------- d-----w- c:\programdata\ATI

2013-01-01 20:00 . 2013-01-01 20:00 -------- d-----w- c:\program files (x86)\AMD AVT

2013-01-01 20:00 . 2013-01-01 20:00 -------- d-----w- c:\program files (x86)\AMD APP

2012-12-28 09:35 . 2012-12-29 18:34 -------- dc-h--w- c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}

2012-12-27 03:15 . 2013-01-10 04:46 -------- d-----w- c:\users\Tyler\AppData\Roaming\ftblauncher

2012-12-23 06:22 . 2012-12-23 06:22 -------- d-----w- c:\users\Tyler\AppData\Roaming\Nifflas

2012-12-23 06:10 . 2012-12-23 06:10 -------- d-----w- c:\users\Tyler\AppData\Local\Programs

2012-12-22 09:31 . 2012-12-22 20:48 -------- d-----w- c:\users\Tyler\AppData\Roaming\Sony Online Entertainment

2012-12-22 09:31 . 2012-12-22 09:31 -------- d-----w- C:\Crash

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-09 20:48 . 2012-05-18 18:04 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-01-09 20:48 . 2011-05-31 20:13 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-09 10:34 . 2011-01-23 06:47 67599240 ----a-w- c:\windows\system32\MRT.exe

2013-01-09 02:05 . 2011-01-31 04:53 107832 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2013-01-09 02:05 . 2012-05-20 02:28 2250024 ----a-w- c:\windows\SysWow64\pbsvc.exe

2013-01-09 02:05 . 2011-01-31 04:53 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2012-12-15 00:49 . 2011-01-23 07:02 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-14 07:06 . 2012-12-19 11:02 17811968 ----a-w- c:\windows\system32\mshtml.dll

2012-11-14 06:32 . 2012-12-19 11:02 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-11-14 06:11 . 2012-12-19 11:02 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 06:04 . 2012-12-19 11:02 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-11-14 06:04 . 2012-12-19 11:02 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 06:02 . 2012-12-19 11:02 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 06:02 . 2012-12-19 11:02 237056 ----a-w- c:\windows\system32\url.dll

2012-11-14 05:59 . 2012-12-19 11:02 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-11-14 05:58 . 2012-12-19 11:02 816640 ----a-w- c:\windows\system32\jscript.dll

2012-11-14 05:57 . 2012-12-19 11:02 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 05:57 . 2012-12-19 11:02 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 05:55 . 2012-12-19 11:02 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-11-14 05:55 . 2012-12-19 11:02 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-11-14 05:53 . 2012-12-19 11:02 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-11-14 05:52 . 2012-12-19 11:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-14 05:46 . 2012-12-19 11:02 248320 ----a-w- c:\windows\system32\ieui.dll

2012-11-14 02:09 . 2012-12-19 11:02 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-11-14 01:58 . 2012-12-19 11:02 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-11-14 01:57 . 2012-12-19 11:02 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-11-14 01:49 . 2012-12-19 11:02 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-11-14 01:48 . 2012-12-19 11:02 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-11-14 01:44 . 2012-12-19 11:02 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-11-02 05:59 . 2012-12-19 07:03 478208 ----a-w- c:\windows\system32\dpnet.dll

2012-11-02 05:11 . 2012-12-19 07:03 376832 ----a-w- c:\windows\SysWow64\dpnet.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-12-19 1354736]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-05 311296]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]

"QFan Help"="c:\program files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe" [2010-03-25 888960]

"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-29 642728]

.

c:\users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

Stickies.lnk - c:\program files (x86)\Stickies\stickies.exe [2012-8-22 1134592]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]

R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 ALSysIO;ALSysIO;c:\users\Tyler\AppData\Local\Temp\ALSysIO64.sys [x]

R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]

R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]

R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2012-05-14 10568]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-03 51712]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-23 1255736]

R3 X6va005;X6va005;c:\users\Tyler\AppData\Local\Temp\00579F6.tmp [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]

S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]

S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-02-18 228272]

S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-02-18 56688]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 361984]

S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]

S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]

S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]

S3 Linksys_adapter_H;Linksys Adapter Network Driver;c:\windows\system32\DRIVERS\AE2500w764.sys [2011-09-05 1254464]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-02-18 156080]

S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-02-18 175664]

.

.

Contents of the 'Scheduled Tasks' folder

.

2013-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-18 20:48]

.

2013-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-12 05:26]

.

2013-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-12 05:26]

.

2013-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2005769712-3935123570-2331020344-1000Core.job

- c:\users\Tyler\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-17 16:25]

.

2013-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2005769712-3935123570-2331020344-1000UA.job

- c:\users\Tyler\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-17 16:25]

.

.

--------- X64 Entries -----------

.

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 192.168.1.1

DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab

FF - ProfilePath - c:\users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\opez7x12.default\

FF - prefs.js: browser.search.selectedEngine - Search the Web

FF - ExtSQL: 2012-12-21 12:50; {6AC85730-7D0F-4de0-B3FA-21142DD85326}; c:\users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\opez7x12.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}

FF - ExtSQL: 2012-12-22 01:38; {000F1EA4-5E08-4564-A29B-29076F63A37A}; c:\users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\opez7x12.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}

FF - user.js: extentions.y2layers.installId - 97b380b6-67d8-42eb-bc6c-4bb19b4d8959

FF - user.js: extentions.y2layers.defaultEnableAppsList - PageRage,PageRageGlobal,Buzzdock,BuzzdockTease,PageRage,PageRageGlobal,

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~2\UNWISE.EXE

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\X6va005]

"ImagePath"="\??\c:\users\Tyler\AppData\Local\Temp\00579F6.tmp"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-2005769712-3935123570-2331020344-1000\Software\SecuROM\License information*]

"datasecu"=hex:e7,68,1b,7f,4f,fe,b9,60,49,9b,93,18,aa,58,da,c1,11,b2,01,42,18,

fe,30,04,f8,3b,3e,98,56,e6,ca,82,e3,4d,85,6b,d4,8c,9f,36,6d,a3,d4,f9,c9,a5,\

"rkeysecu"=hex:66,8d,22,75,bc,d2,bc,ad,3a,26,99,cc,fc,c2,5e,ef

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-01-19 12:00:40

ComboFix-quarantined-files.txt 2013-01-19 20:00

ComboFix2.txt 2013-01-18 22:08

.

Pre-Run: 756,452,974,592 bytes free

Post-Run: 756,553,076,736 bytes free

.

- - End Of File - - DE6B65D020052C8E8D595193E69AE24A

Link to post
Share on other sites

Thanks for log, ok continue:

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the Codebox below into it:


ClearJavaCache::
Folder::
C:\FRST
C:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
FireFox::
FF - ProfilePath - c:\users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\opez7x12.default\
FF - prefs.js: browser.search.selectedEngine - Search the Web

Save this as CFScript.txt, and as Type: All Files (*.*) in the same location as ComboFix.exe

CF3.jpg

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Next,

Run Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page http://www.eset.com/home/products/online-scanner/ to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

When the scan is complete

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

If threats were found

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

close program

copy and paste the report here

Next,

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop.

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Pos those logs, also let me know if any remaining issues or concerns...

Thanks,

Kevin

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.