Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer is freezing and pictures are coming up looking cartoonish


  • This topic is locked This topic is locked
17 replies to this topic

#1 bedtimefrog

bedtimefrog

  • Members
  • 231 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:02:47 PM

Posted 27 November 2013 - 05:27 PM

I have been getting help on this site but my computer is still freezing the screen blinks and then im able to click things again and now my pictures and screen are coming up looking cartoonish



BC AdBot (Login to Remove)

 


#2 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 231 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:02:47 PM

Posted 27 November 2013 - 05:28 PM

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16520  BrowserJavaVersion: 10.45.2

Run by becky at 16:19:48 on 2013-11-27

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\AERTSrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\ehome\ehRecvr.exe

C:\Windows\ehome\ehsched.exe

C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\iWin Games\iWinTrusted.exe

C:\Program Files\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe

C:\PROGRA~1\RETROG~2\bar\1.bin\4wbarsvc.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

C:\Windows\system32\UTSCSI.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\RtHDVCpl.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Retrogamer_4w\bar\1.bin\4wSrchMn.exe

C:\Program Files\Retrogamer_4w\bar\1.bin\4wbrmon.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_152_ActiveX.exe

C:\Program Files\iWin Games\iWinGames.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.mywinnipeg.com/

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

mStart Page = hxxp://www.google.com

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

mSearchAssistant = hxxp://www.google.com/ie

uURLSearchHooks: {3bbd3c14-4c16-4989-8366-95bc9179779d} - <orphaned>

uURLSearchHooks: {ce0c2586-da36-452b-acdb-320d9bcb19bf} - <orphaned>

uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>

uURLSearchHooks: <No Name>: {4cff1016-c2e2-4fdd-9c67-e32200c25ff9} - c:\program files\retrogamer_4w\bar\1.bin\4wSrcAs.dll

BHO: Toolbar BHO: {03123bb6-a811-407e-b323-66cf0be510b1} - c:\program files\retrogamer_4w\bar\1.bin\4wbar.dll

BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll

BHO: Search Assistant BHO: {d757dbfc-1494-4647-a8b3-abd654988dd8} - c:\program files\retrogamer_4w\bar\1.bin\4wSrcAs.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} -

TB: Retrogamer: {3392cfec-56f8-41ee-bdb4-4e301efd2c93} - c:\program files\retrogamer_4w\bar\1.bin\4wbar.dll

EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll

uRun: [Facebook Update] "c:\users\becky\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Retrogamer Search Scope Monitor] "c:\progra~1\retrog~2\bar\1.bin\4wsrchmn.exe" /m=2 /w /h

mRun: [Retrogamer_4w Browser Plugin Loader] c:\progra~1\retrog~2\bar\1.bin\4wbrmon.exe

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Beach%20Party%20Craze/Images/armhelper.ocx

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/popcaploader_v10.cab

TCP: NameServer = 192.168.100.254

TCP: Interfaces\{3C3F3A08-81F9-4F0A-B38C-5BA54EFC5450} : DHCPNameServer = 192.168.42.129

TCP: Interfaces\{5AF87FE4-4C43-4247-94BD-C8B20EFD5BF6} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{8557C323-C39C-40C8-A2B2-511C49D88880} : DHCPNameServer = 192.168.100.254

TCP: Interfaces\{C6B67A9A-260D-4704-AABC-2E312ACBAE1B} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{C6EA01FB-C822-4D3E-A5C7-28382B6D3D6D} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{E293DC91-DDF9-4FDC-8747-97BC79A65185} : DHCPNameServer = 192.168.0.1

Handler: intu-qt2009 - {03947252-2355-4e9b-B446-8CCC75C43370} -

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

Notify: igfxcui - igfxdev.dll

SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg

.

============= SERVICES / DRIVERS ===============

.

R? AM10;Cisco AM10 Driver

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? cpuz134;cpuz134

R? dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)

R? fssfltr;fssfltr

R? fsssvc;Windows Live Family Safety Service

R? mr97310c;CIF Dual-Mode Camera

R? Revoflt;Revoflt

R? SkypeUpdate;Skype Updater

R? ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)

R? V0230Vfx;V0230Vfx

R? V0230VID;Live! Cam Video IM Pro

R? wlcrasvc;Windows Live Mesh remote connections service

R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0

S? !SASCORE;SAS Core Service

S? AERTFilters;Andrea RT Filters Service

S? FontCache;Windows Font Cache Service

S? iWinTrusted;iWinTrusted

S? MpFilter;Microsoft Malware Protection Driver

S? MpKsl31e21ca1;MpKsl31e21ca1

S? NisDrv;Microsoft Network Inspection System

S? NisSrv;Microsoft Network Inspection

S? RaAutoInstSrv_AM10;Cisco Valet Connector Service

S? Retrogamer_4wService;RetrogamerService

S? SASDIFSV;SASDIFSV

S? SASKUTIL;SASKUTIL

S? Skype C2C Service;Skype C2C Service

S? TeamViewer5;TeamViewer 5

.

=============== Created Last 30 ================

.

2013-11-27 07:57:44 62576 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3d3a01d8-f042-4954-a1c8-9ab59889978a}\offreg.dll

2013-11-27 07:57:44 40392 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3d3a01d8-f042-4954-a1c8-9ab59889978a}\MpKsl31e21ca1.sys

2013-11-27 07:52:41 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3d3a01d8-f042-4954-a1c8-9ab59889978a}\mpengine.dll

2013-11-27 01:34:55 7772552 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-11-24 09:51:23 -------- d-----w- c:\users\becky\appdata\local\{97DB9270-F2A5-469C-9AEA-A9182CDA24A6}

2013-11-24 07:02:52 -------- d-----w- c:\users\becky\appdata\roaming\SecretIslandEng

2013-11-24 06:44:05 -------- d-----w- c:\users\becky\appdata\roaming\GigantGames

2013-11-24 05:39:35 -------- d-----w- c:\users\becky\appdata\roaming\BC Soft Games

2013-11-24 05:39:35 -------- d-----w- c:\programdata\BC Soft Games

2013-11-22 03:03:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-11-22 03:03:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-11-14 21:20:28 -------- d-----w- c:\users\becky\appdata\local\{AABB2046-B579-4128-8043-1B93BF40040B}

2013-11-13 12:09:08 297984 ----a-w- c:\windows\system32\gdi32.dll

2013-11-13 12:09:01 993792 ----a-w- c:\windows\system32\crypt32.dll

2013-11-13 12:08:56 444928 ----a-w- c:\windows\system32\IKEEXT.DLL

2013-11-13 12:08:54 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL

2013-11-11 20:03:34 -------- d-----w- c:\program files\Retrogamer_4w

2013-11-07 06:27:40 -------- d-----w- c:\users\becky\appdata\roaming\Silverback Productions

2013-11-07 05:20:53 -------- d-----w- c:\users\becky\appdata\roaming\8floor

2013-11-06 07:35:46 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{edc649fc-6c8e-45dd-9c41-9942f219ae61}\gapaengine.dll

.

==================== Find3M  ====================

.

2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe

2013-10-17 07:04:46 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-10-13 09:48:06 1806848 ----a-w- c:\windows\system32\jscript9.dll

2013-10-13 09:35:52 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-10-13 09:35:38 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-10-13 09:30:14 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2013-10-13 09:29:02 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-10-13 09:25:39 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-09-27 15:53:06 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2013-09-27 15:53:06 104768 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys

.

============= FINISH: 16:21:39.41 ===============


.

==== Installed Programs ======================

.

10 Talismans (remove only)

7-Zip 9.20

7 Wonders

Abra Academy (remove only)

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.8)

Age of Oracles: Tara's Journey (remove only)

Alexander the Great: Secrets of Power

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Arcadesafari

Avenue Flo - Special Delivery Just For Fun Games

Avenue Flo: Special Delivery

Aveyond (remove only)

Beach Party Craze

Bejeweled 2 Deluxe

Big Fish Games: Game Manager

Bingo Cafe

Blood Oath 1.00

Bonjour

Book of Legends (remove only)

Born Into Darkness 1.00

Brainiversity (remove only)

Build-a-lot -- The Elizabethan Era (remove only)

Build-A-Lot 2 (remove only)

Cake Mania

Cake Mania 2

Cake Mania Deluxe

Call of Atlantis

Canon Easy-PhotoPrint EX

Canon Easy-WebPrint EX

Canon Inkjet Printer/Scanner/Fax Extended Survey Program

Canon MP Navigator EX 4.0

Canon MP495 series MP Drivers

Canon My Printer

Canon Solution Menu EX

Cathy`s Caribbean Club (remove only)

CCleaner

Cisco Valet Connector

Clayside (remove only)

Compatibility Pack for the 2007 Office system

Cooking Academy (remove only)

Cooking Dash (remove only)

Creative Live! Cam Video IM Pro Driver (1.03.02.00)

Cute Knight (remove only)

D3DX10

DAMN NFO Viewer 2.10.0031 RC3

Dell System Customization Wizard

DellSupport

Detective Quest: The Crystal Slipper

Diner Dash

Diner Dash - Flo on the Go

Diner Dash 2

Doggie Dash

Dream Chronicles

Dream Day Honeymoon

EA Download Manager

eGames Toolbar

Facebook Video Calling 1.2.0.159

Facebook Video Calling 1.2.0.287

Farm Frenzy 3 (remove only)

Farm Frenzy 3: American Pie (remove only)

Farm Frenzy 3: Ice Age

Farm Frenzy: Ancient Rome

Farm Frenzy: Gone Fishing! (remove only)

Farm Frenzy: Pizza Party (remove only)

Farm Frenzy: Viking Heroes

Farm Mania: Hot Vacation

Fashion Dash (remove only)

Fashion Fits (remove only)

Frogger v3.0e

Gem Ball Ancient Legends (remove only)

Gem Shop

Granny in Paradise (remove only)

Hidden Magic (remove only)

Hidden Mysteries: Royal Family Secrets

Hide & Secret (remove only)

Home Sweet Home 2: Kitchens and Baths

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

House of 1000 Doors

iCloud

Icy Tower v1.4

ImagXpress

IncrediMail

IncrediMail 2.0

Indeo® Software

Insider Tales: The Stolen Venus (remove only)

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections 12.1.11.0

Itibiti RTC

iTunes

iWin Games

Jane's Hotel. Family Hero

Jane's Realty

Java 7 Update 45

Java Auto Updater

Jet Bingo

Jewel Quest Solitaire (remove only)

Jojo's Fashion Show 2: Las Cruces (remove only)

Jojo's Fashion Show: World Tour (remove only)

Jojos Fashion Show (remove only)

Junk Mail filter update

Knctr

Kudos (remove only)

Law & Order Criminal Intent 2 - Dark Obsession (remove only)

Lost Realms:  Legacy of the Sun Princess (remove only)

Lost Secrets Bermuda Triangle

M&Ms The Lost Formulas

Mahjongg Platinum 2

Mall Tycoon 3

Malwarebytes Anti-Malware version 1.75.0.1300

Marooned (remove only)

Marooned II - Secrets of the Akoni (remove only)

Masquerade Mysteries: The Case of the Copycat Curator (remove only)

Masters of Mystery: Blood of Betrayal (remove only)

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Works

Midnight Mysteries 2 Salem Witch Trials 1.00

Monopoly

Moto Racer 3

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

My Dell

My Farm Life 2

MySpaceIM

Mysteries & Treasures: The Adventures of the Mary Celeste

Mystery Legends: Sleepy Hollow (remove only)

Mystery Legends: The Phantom of the Opera

Mystery of Mortlake Mansion (remove only)

Mystery P.I. - Lost in Los Angeles

Mystery Stories: Berlin Nights (remove only)

Mystic Inn (remove only)

Namariel Legends: Iron Lord

neroxml

Oddly Enough: Pied Piper

OpenAL

Origin

Our Worst Fears: Stained Skin

Pando Media Booster

Pantheon (remove only)

Parking Dash (remove only)

Photo Viewer s2.5

PhotoMail Maker

Pirate Poppers

QuickTime

Real Detectives: Murder in Miami (remove only)

Realtek High Definition Audio Driver

Retrogamer Internet Explorer Toolbar

Revo Uninstaller Pro 2.5.9

RollerCoaster Tycoon 3

Rootkit Unhooker LE 3.8 SR 2

Roxio Creator Audio

Roxio Creator BDAV Plugin

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Express Labeler

Roxio MyDVD DE

Roxio Update Manager

Sacra Terra: Angelic Night

Saints and Sinners Bingo (remove only)

Sandlot Games Client Services

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)

Segoe UI

Skype Click to Call

Skype™ 6.9

Slingo-Supreme (remove only)

Slingo Mystery (remove only)

Slingo Quest Hawaii

Slingo Quest Hawaii (remove only)

Slingo Supreme (remove only)

Sonic Activation Module

SpeedItup Free 7.85

SpongeBob SquarePants - Lights, Camera, Pants!

SUPERAntiSpyware

System Requirements Lab CYRI

Tahiti Hidden Pearls (remove only)

TeamViewer 5

The Clockwork Man 2 (remove only)

The Hidden Prophecies of Nostradamus (remove only)

The Price Is Right 1.1.4

The Sims™ 2 Double Deluxe

The Sims™ 2 Fun with Pets Collection

The Sims™ 2 Seasons

The Sims™ 2 University Life Collection

The Three Stooges

The Tudors (remove only)

Travelogue 360 Paris (remove only)

Treasures of Mystery Island Bundle (remove only)

Turbo Subs

Tweaking.com - Windows Repair (All in One)

Twisted Lands: Shadow Town

Unity Web Player

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

User's Guides

Wedding Dash 4-Ever

White Haven Mysteries Collector's Edition (remove only)

Wild West Quest II (remove only)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR archiver

Yahoo! Messenger

Yahoo! Software Update

Youda Sushi Chef (remove only)

Zoodles

.

==== End Of File ===========================



#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:47 PM

Posted 02 December 2013 - 10:01 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
==============

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: Turorial
Link 1
Link 2

IMPORTANT !!! Save ComboFix.exe to your Desktop

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe and follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#4 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 231 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:02:47 PM

Posted 03 December 2013 - 05:38 PM

RogueKiller V8.7.9 [Nov 25 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.adlice.com/forum/

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://tigzyrk.blogspot.com/

 

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User : becky [Admin rights]

Mode : Remove -- Date : 12/03/2013 16:35:21

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 6 ¤¤¤

[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED

[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED

[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

 

¤¤¤ Scheduled tasks : 2 ¤¤¤

[V1][SUSP PATH] Arcadesafari.job : C:\Users\becky\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe [-] -> DELETED

[V2][SUSP PATH] Arcadesafari : C:\Users\becky\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe [-] -> DELETED

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [LOADED] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

-> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

127.0.0.1       localhost

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3320620AS ATA Device +++++

--- User ---

[MBR] 96a74a80eee26a7179e36940bf063806

[BSP] 67d6a64b04885546efc8a525e5a0cb5d : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 98304 | Size: 10240 Mo

2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21069824 | Size: 294956 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_D_12032013_163521.txt >>

RKreport[0]_S_12032013_163458.txt



#5 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 231 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:02:47 PM

Posted 03 December 2013 - 10:59 PM

# AdwCleaner v3.014 - Report created 03/12/2013 at 17:28:20

# Updated 01/12/2013 by Xplode

# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)

# Username : becky - BECKY-PC

# Running from : C:\Users\becky\Desktop\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

Service Deleted : RetroGamer_4wService

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Retrogamer_4w

Folder Deleted : C:\Users\becky\AppData\LocalLow\Retrogamer_4w

 

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@Retrogamer_4w.com/Plugin

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Retrogamer Search Scope Monitor]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Retrogamer_4w Browser Plugin Loader]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03123BB6-A811-407E-B323-66CF0BE510B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{130A3F48-89CB-4EE1-88CC-76D25A5A3BAE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32272B5A-0B32-4C54-9E7B-3BF25AF566A3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3392CFEC-56F8-41EE-BDB4-4E301EFD2C93}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{543E73AC-0743-4592-A91F-D943FB0C1125}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{566A8145-9476-4615-95AE-5966651670CC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{58C93435-04CC-4CC3-8519-6A8FD403EA68}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5FDF0490-AF67-495B-921D-2257A38ED9FE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70809736-9F62-444C-9F72-A198B4E61B86}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{795B1212-0909-4C2F-A6A2-A26CCAF6D82C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D43CEC4-4610-4847-94F2-A9F0B6C049C4}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7DF0ADF8-A019-48E9-A1A9-5FC523A3B4D8}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F8AD3E1-DE57-4FBC-B928-47D6395A0EA9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A13CC898-9CA9-4578-9629-B328422FF014}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF5A2478-AE74-4A39-AC55-D10B999CAE44}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B4F0C972-0E1A-4083-9A7E-054DEE447DA0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D757DBFC-1494-4647-A8B3-ABD654988DD8}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E4351982-882F-46A6-B843-C789689473F5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F523D9A7-E4FD-4BF7-A63A-7E8C93DFA073}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBC56FEF-B890-414E-9ED6-0909E5075291}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD44FF38-75AB-4AF8-85B6-37E64A6D42DB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28725C03-CBA1-4CF7-ACBE-586DC13286A0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2FCFC6FD-409C-43AD-88C4-1F7610125B87}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B59440-5A17-4522-AA27-8F84B9A64AEB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AE3EE8-05D3-4DAF-8A0B-2530394FD8CB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A7C43421-AB2B-4373-AADD-F4B7AE15FDBE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9581658-20F7-405B-B487-5CC26902E218}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F81A9A20-F851-46A7-AD69-C2780DBC377C}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03123BB6-A811-407E-B323-66CF0BE510B1}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D757DBFC-1494-4647-A8B3-ABD654988DD8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03123BB6-A811-407E-B323-66CF0BE510B1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3392CFEC-56F8-41EE-BDB4-4E301EFD2C93}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A13CC898-9CA9-4578-9629-B328422FF014}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D757DBFC-1494-4647-A8B3-ABD654988DD8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03123BB6-A811-407E-B323-66CF0BE510B1}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3392CFEC-56F8-41EE-BDB4-4E301EFD2C93}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D757DBFC-1494-4647-A8B3-ABD654988DD8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{130A3F48-89CB-4EE1-88CC-76D25A5A3BAE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{543E73AC-0743-4592-A91F-D943FB0C1125}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{566A8145-9476-4615-95AE-5966651670CC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{70809736-9F62-444C-9F72-A198B4E61B86}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A13CC898-9CA9-4578-9629-B328422FF014}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FBC56FEF-B890-414E-9ED6-0909E5075291}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FCFC6FD-409C-43AD-88C4-1F7610125B87}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32B59440-5A17-4522-AA27-8F84B9A64AEB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C1C2024-BE02-4011-92CA-B6E1E333C010}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DF0ADF8-A019-48E9-A1A9-5FC523A3B4D8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE17D239-0B9D-425C-AA3A-E402C42C015A}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3392CFEC-56F8-41EE-BDB4-4E301EFD2C93}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{4CFF1016-C2E2-4FDD-9C67-E32200C25FF9}]

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Trymedia Systems

Key Deleted : HKLM\Software\Uniblue

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16520

 

-\\ Google Chrome v

 

[ File : C:\Users\becky\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

*************************

AdwCleaner[R0].txt - [9627 octets] - [10/10/2013 01:24:59]

AdwCleaner[R1].txt - [9191 octets] - [13/10/2013 13:44:50]

AdwCleaner[R2].txt - [6960 octets] - [03/12/2013 16:39:38]

AdwCleaner[S0].txt - [878 octets] - [10/10/2013 01:29:20]

AdwCleaner[S1].txt - [9350 octets] - [13/10/2013 13:46:02]

AdwCleaner[S2].txt - [7017 octets] - [03/12/2013 17:28:21]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [7077 octets] ##########



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:47 PM

Posted 04 December 2013 - 09:31 AM

Can you please run the ComboFix program and post the log.

Include this one also. Let me know what problem persists.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

#7 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 231 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:02:47 PM

Posted 09 December 2013 - 03:53 PM

ComboFix 13-12-08.01 - becky 09/12/2013  14:30:59.13.2 - x86

Running from: c:\users\becky\Desktop\ComboFix.exe

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\programdata\PCDr\6361\AddOnDownloaded\02d6010d-b288-4157-bbcc-a3d510d3fba5.dll

c:\programdata\PCDr\6361\AddOnDownloaded\143c46ba-b979-4e38-9815-2373de9333aa.dll

c:\programdata\PCDr\6361\AddOnDownloaded\409161a3-28c9-4482-9613-e7ca2e306fef.dll

c:\programdata\PCDr\6361\AddOnDownloaded\4c09e0ec-d531-4d04-a038-3dd30a795474.dll

c:\programdata\PCDr\6361\AddOnDownloaded\61c13bfc-28f4-44bc-beec-efa429fa40f0.dll

c:\programdata\PCDr\6361\AddOnDownloaded\6edf11af-92e6-490d-af58-febeeb0cdb04.dll

c:\programdata\PCDr\6361\AddOnDownloaded\9ed1246c-39a1-403b-9134-f313ebd75cb8.dll

c:\programdata\PCDr\6361\AddOnDownloaded\b347630c-35c1-4199-a3e2-2eea8f11e228.dll

c:\programdata\PCDr\6361\AddOnDownloaded\c6ca3141-c4ef-404d-b1c2-840d38395e80.dll

c:\programdata\PCDr\6361\AddOnDownloaded\f63e05a5-1f40-4c42-b80a-d0995b6e38a7.dll

.

.

(((((((((((((((((((((((((   Files Created from 2013-11-09 to 2013-12-09  )))))))))))))))))))))))))))))))

.

.

2013-12-09 20:44 . 2013-12-09 20:45 -------- d-----w- c:\users\becky\AppData\Local\temp

2013-12-09 20:44 . 2013-12-09 20:44 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp

2013-12-09 20:44 . 2013-12-09 20:44 -------- d-----w- c:\users\Public\AppData\Local\temp

2013-12-09 20:44 . 2013-12-09 20:44 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-12-09 20:27 . 2013-12-09 20:27 40392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70D5B574-B920-49EC-8968-106D2281123A}\MpKsl1f4c69a1.sys

2013-12-09 16:47 . 2013-12-09 16:47 -------- d-----w- c:\program files\iPod

2013-12-09 16:47 . 2013-12-09 16:48 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-12-09 16:47 . 2013-12-09 16:48 -------- d-----w- c:\program files\iTunes

2013-12-09 01:14 . 2013-11-08 01:15 7772552 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70D5B574-B920-49EC-8968-106D2281123A}\mpengine.dll

2013-12-08 01:11 . 2013-11-08 01:15 7772552 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-12-06 01:13 . 2013-10-18 06:32 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4EE9D9E3-A6CE-4DB0-8E92-9ADCAC5FAA92}\gapaengine.dll

2013-12-03 06:58 . 2013-12-03 06:59 -------- d-----w- c:\program files\Settlers of the West

2013-12-03 06:47 . 2013-12-03 06:48 -------- d-----w- c:\program files\iwingamestoolbar

2013-11-29 14:07 . 2013-11-29 14:07 650936 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll

2013-11-28 00:54 . 2013-12-01 17:34 -------- d-----w- c:\users\becky\AppData\Roaming\Anarchy Enterprises

2013-11-28 00:50 . 2013-11-28 00:50 -------- d-----w- c:\users\becky\AppData\Roaming\AlexanderTheGreat

2013-11-24 06:44 . 2013-11-24 07:02 -------- d-----w- c:\users\becky\AppData\Roaming\GigantGames

2013-11-24 05:39 . 2013-12-03 06:59 -------- d-----w- c:\users\becky\AppData\Roaming\BC Soft Games

2013-11-24 05:39 . 2013-11-24 05:39 -------- d-----w- c:\programdata\BC Soft Games

2013-11-22 03:03 . 2013-11-22 03:03 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-11-22 03:03 . 2013-11-22 03:03 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-11-13 12:09 . 2013-10-03 12:45 297984 ----a-w- c:\windows\system32\gdi32.dll

2013-11-13 12:09 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll

2013-11-13 12:08 . 2013-10-11 02:08 444928 ----a-w- c:\windows\system32\IKEEXT.DLL

2013-11-13 12:08 . 2013-10-11 02:07 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-11-19 10:21 . 2010-02-02 05:57 230048 ------w- c:\windows\system32\MpSigStub.exe

2013-10-18 06:32 . 2013-11-06 07:35 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EDC649FC-6C8E-45DD-9C41-9942F219AE61}\gapaengine.dll

2013-10-18 06:32 . 2012-10-03 13:35 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2013-10-17 07:04 . 2013-10-17 07:05 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-09-27 15:53 . 2013-09-27 15:53 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2013-09-27 15:53 . 2012-03-21 01:44 104768 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="c:\users\becky\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]

"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]

"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-02 152392]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^Users^becky^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ZooskMessenger.lnk]

path=c:\users\becky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk

backup=c:\windows\pss\ZooskMessenger.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Itibiti.exe]

2012-12-09 22:22 7334400 ----a-w- c:\program files\Itibiti Soft Phone\Itibiti.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2012-03-08 23:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]

2009-12-01 19:11 6373376 ----a-w- c:\program files\MySpace\IM\MySpaceIM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0230Mon.exe]

2006-09-07 06:01 32768 ----a-w- c:\windows\V0230Mon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4053380413-3599652072-2352306657-1000]

"EnableNotificationsRef"=dword:00000001

.

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]

S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MPKSL1F4C69A1

*NewlyCreated* - MPKSL46E5E2D8

*NewlyCreated* - MPKSL6F3A5E4D

*NewlyCreated* - MPKSLD5C1838B

*NewlyCreated* - NISDRV

*Deregistered* - MpKsl46e5e2d8

*Deregistered* - MpKsl6f3a5e4d

*Deregistered* - MpKsld5c1838b

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ    FontCache

.

Contents of the 'Scheduled Tasks' folder

.

2013-12-09 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-22 03:03]

.

2013-12-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4053380413-3599652072-2352306657-1000Core.job

- c:\users\becky\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-08 21:38]

.

2013-12-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4053380413-3599652072-2352306657-1000UA.job

- c:\users\becky\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-08 21:38]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.mywinnipeg.com/

mStart Page = hxxp://www.google.com

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

TCP: DhcpNameServer = 192.168.100.254

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{3bbd3c14-4c16-4989-8366-95bc9179779d} - (no file)

Toolbar-{8660E5B3-6C41-44DE-8503-98D99BBECD41} - c:\program files\Coupons.com CouponBar\tbcore3.dll

WebBrowser-{3BBD3C14-4C16-4989-8366-95BC9179779D} - (no file)

MSConfigStartUp-SpeetItUpFree - c:\program files\SpeedItup Free\speeditupfree.exe

AddRemove-SpeedItup Free_is1 - c:\program files\SpeedItup Free\unins000.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-12-09 14:45

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ... 

.

scanning hidden autostart entries ...

.

scanning hidden files ... 

.

.

c:\users\becky\AppData\Local\Temp\catchme.dll 53248 bytes executable

.

scan completed successfully

hidden files: 1

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-4053380413-3599652072-2352306657-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

@Allowed: (Read) (RestrictedCode)

"??"=hex:d3,26,aa,29,6b,3d,1f,81,27,31,73,e3,20,aa,66,d1,fe,d8,ab,34,bf,cd,75,

   05,ea,fc,4f,e0,82,5e,71,4e,7a,0d,b6,6e,c6,1f,35,b4,ed,12,59,64,6c,f8,c0,48,\

"??"=hex:21,5d,8e,ff,8e,69,b5,e7,fc,ed,fc,d6,26,cb,91,d0

.

[HKEY_USERS\S-1-5-21-4053380413-3599652072-2352306657-1000\Software\SecuROM\License information*]

@Allowed: (Read) (RestrictedCode)

"datasecu"=hex:d9,3c,a2,23,a9,25,e2,24,c1,38,8a,60,77,48,f0,50,e7,ae,36,ce,ca,

   c9,9c,09,58,7f,5f,6d,b2,13,11,fc,1f,a7,7b,ad,72,46,d3,89,c4,ac,b4,14,de,8d,\

"rkeysecu"=hex:0d,ab,30,34,61,5f,41,b5,fe,65,d7,3e,c5,2c,73,d8

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2013-12-09  14:48:44

ComboFix-quarantined-files.txt  2013-12-09 20:48

.

Pre-Run: 147,691,888,640 bytes free

Post-Run: 147,813,748,736 bytes free

.

- - End Of File - - EE1B2B4BF5CB41FF54335B6A75292567

5C616939100B85E558DA92B899A0FC36



#8 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 231 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:02:47 PM

Posted 09 December 2013 - 03:56 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.8 (11.05.2013:1)

OS: Windows Vista ™ Home Premium x86

Ran by becky on 03/12/2013 at 22:01:09.69

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

~~~ Services

 

 

~~~ Registry Values

 

 

~~~ Registry Keys

 

 

~~~ Files

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\big fish"

Successfully deleted: [Folder] "C:\Users\becky\appdata\local\big fish"

Successfully deleted: [Folder] "C:\bigfishcache"

Successfully deleted: [Empty Folder] C:\Users\becky\appdata\local\{97DB9270-F2A5-469C-9AEA-A9182CDA24A6}

Successfully deleted: [Empty Folder] C:\Users\becky\appdata\local\{AABB2046-B579-4128-8043-1B93BF40040B}

 

 

~~~ Event Viewer Logs were cleared

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 03/12/2013 at 22:05:00.75

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#9 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 231 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:02:47 PM

Posted 09 December 2013 - 04:02 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.8 (11.05.2013:1)

OS: Windows Vista ™ Home Premium x86

Ran by becky on 03/12/2013 at 22:01:09.69

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

~~~ Services

 

 

~~~ Registry Values

 

 

~~~ Registry Keys

 

 

~~~ Files

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\big fish"

Successfully deleted: [Folder] "C:\Users\becky\appdata\local\big fish"

Successfully deleted: [Folder] "C:\bigfishcache"

Successfully deleted: [Empty Folder] C:\Users\becky\appdata\local\{97DB9270-F2A5-469C-9AEA-A9182CDA24A6}

Successfully deleted: [Empty Folder] C:\Users\becky\appdata\local\{AABB2046-B579-4128-8043-1B93BF40040B}

 

 

~~~ Event Viewer Logs were cleared

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 03/12/2013 at 22:05:00.75

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#10 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 231 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:02:47 PM

Posted 09 December 2013 - 05:12 PM

my computer is still freezing, taking between 5-10 min to load pages, open pages etc.



#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:47 PM

Posted 10 December 2013 - 08:35 AM

Check the integrity of your Operating System files.

How to use the System File Checker tool to troubleshoot missing or corrupted system files on Windows Vista or on Windows 7
http://support.microsoft.com/kb/929833
===

If the issue persists continue.

Following steps involve registry editing. Please create new restore point before proceeding!!!
How to:
XP - http://support.microsoft.com/kb/948247
Vista and Seven - http://windows.microsoft.com/en-gb/windows7/create-a-restore-point
Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

Download this program to your desktop.
Tweaking.com - Windows Repair 1.9.16
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/


Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Repair Windows Firewall
Repair Internet Explorer
Repair MDAC & MS Jet
Repair Hosts File
Remove Policies Set By Infections
Repair Icons
Repair Winsock & DNS Cache
Remove Temp Files
Repair Proxy Settings
Unhide Non System Files
Repair Windows Updates
Repair CD/DVD Missing/Not Working
  • Checkmark Restart System When Finished option
  • click the Start button
  • System should restart after repair
Keep me posted.

#12 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 231 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:02:47 PM

Posted 10 December 2013 - 02:38 PM

2013-12-10 12:58:11, Info                  CSI    00000006 [SR] Verifying 100 (0x00000064) components

2013-12-10 12:58:11, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction

2013-12-10 12:58:19, Info                  CSI    00000009 [SR] Verify complete

2013-12-10 12:58:20, Info                  CSI    0000000a [SR] Verifying 100 (0x00000064) components

2013-12-10 12:58:20, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction

2013-12-10 12:58:29, Info                  CSI    0000000d [SR] Verify complete

2013-12-10 12:58:30, Info                  CSI    0000000e [SR] Verifying 100 (0x00000064) components

2013-12-10 12:58:30, Info                  CSI    0000000f [SR] Beginning Verify and Repair transaction

2013-12-10 12:58:34, Info                  CSI    00000011 [SR] Verify complete

2013-12-10 12:58:35, Info                  CSI    00000012 [SR] Verifying 100 (0x00000064) components

2013-12-10 12:58:35, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction

2013-12-10 12:58:37, Info                  CSI    00000015 [SR] Verify complete

2013-12-10 12:58:39, Info                  CSI    00000016 [SR] Verifying 100 (0x00000064) components

2013-12-10 12:58:39, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction

2013-12-10 12:58:41, Info                  CSI    00000019 [SR] Verify complete

2013-12-10 12:58:42, Info                  CSI    0000001a [SR] Verifying 100 (0x00000064) components

2013-12-10 12:58:42, Info                  CSI    0000001b [SR] Beginning Verify and Repair transaction

2013-12-10 12:58:44, Info                  CSI    0000001d [SR] Verify complete

2013-12-10 12:58:45, Info                  CSI    0000001e [SR] Verifying 100 (0x00000064) components

2013-12-10 12:58:45, Info                  CSI    0000001f [SR] Beginning Verify and Repair transaction

2013-12-10 12:58:47, Info                  CSI    00000021 [SR] Verify complete

2013-12-10 12:58:49, Info                  CSI    00000022 [SR] Verifying 100 (0x00000064) components

2013-12-10 12:58:49, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction

2013-12-10 12:58:51, Info                  CSI    00000025 [SR] Verify complete

2013-12-10 12:58:52, Info                  CSI    00000026 [SR] Verifying 100 (0x00000064) components

2013-12-10 12:58:52, Info                  CSI    00000027 [SR] Beginning Verify and Repair transaction

2013-12-10 12:58:54, Info                  CSI    00000029 [SR] Verify complete

2013-12-10 12:58:55, Info                  CSI    0000002a [SR] Verifying 100 (0x00000064) components

2013-12-10 12:58:55, Info                  CSI    0000002b [SR] Beginning Verify and Repair transaction

2013-12-10 12:58:57, Info                  CSI    0000002d [SR] Verify complete

2013-12-10 12:58:58, Info                  CSI    0000002e [SR] Verifying 100 (0x00000064) components

2013-12-10 12:58:58, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction

2013-12-10 12:59:00, Info                  CSI    00000031 [SR] Verify complete

2013-12-10 12:59:01, Info                  CSI    00000032 [SR] Verifying 100 (0x00000064) components

2013-12-10 12:59:01, Info                  CSI    00000033 [SR] Beginning Verify and Repair transaction

2013-12-10 12:59:04, Info                  CSI    00000035 [SR] Verify complete

2013-12-10 12:59:05, Info                  CSI    00000036 [SR] Verifying 100 (0x00000064) components

2013-12-10 12:59:05, Info                  CSI    00000037 [SR] Beginning Verify and Repair transaction

2013-12-10 12:59:07, Info                  CSI    00000039 [SR] Verify complete

2013-12-10 12:59:08, Info                  CSI    0000003a [SR] Verifying 100 (0x00000064) components

2013-12-10 12:59:08, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction

2013-12-10 12:59:10, Info                  CSI    0000003d [SR] Verify complete

2013-12-10 12:59:11, Info                  CSI    0000003e [SR] Verifying 100 (0x00000064) components

2013-12-10 12:59:11, Info                  CSI    0000003f [SR] Beginning Verify and Repair transaction

2013-12-10 12:59:14, Info                  CSI    00000041 [SR] Verify complete

2013-12-10 12:59:16, Info                  CSI    00000042 [SR] Verifying 100 (0x00000064) components

2013-12-10 12:59:16, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction

2013-12-10 12:59:18, Info                  CSI    00000045 [SR] Verify complete

2013-12-10 12:59:19, Info                  CSI    00000046 [SR] Verifying 100 (0x00000064) components

2013-12-10 12:59:19, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction

2013-12-10 12:59:22, Info                  CSI    00000049 [SR] Verify complete

2013-12-10 12:59:23, Info                  CSI    0000004a [SR] Verifying 100 (0x00000064) components

2013-12-10 12:59:23, Info                  CSI    0000004b [SR] Beginning Verify and Repair transaction

2013-12-10 12:59:29, Info                  CSI    0000004d [SR] Verify complete

2013-12-10 12:59:30, Info                  CSI    0000004e [SR] Verifying 100 (0x00000064) components

2013-12-10 12:59:30, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction

2013-12-10 12:59:32, Info                  CSI    00000051 [SR] Verify complete

2013-12-10 12:59:34, Info                  CSI    00000052 [SR] Verifying 100 (0x00000064) components

2013-12-10 12:59:34, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction

2013-12-10 12:59:40, Info                  CSI    00000055 [SR] Verify complete

2013-12-10 12:59:42, Info                  CSI    00000056 [SR] Verifying 100 (0x00000064) components

2013-12-10 12:59:42, Info                  CSI    00000057 [SR] Beginning Verify and Repair transaction

2013-12-10 12:59:52, Info                  CSI    00000059 [SR] Verify complete

2013-12-10 12:59:55, Info                  CSI    0000005a [SR] Verifying 100 (0x00000064) components

2013-12-10 12:59:55, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:02, Info                  CSI    0000005d [SR] Verify complete

2013-12-10 13:00:04, Info                  CSI    0000005e [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:04, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:09, Info                  CSI    00000061 [SR] Verify complete

2013-12-10 13:00:10, Info                  CSI    00000062 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:10, Info                  CSI    00000063 [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:14, Info                  CSI    00000065 [SR] Verify complete

2013-12-10 13:00:15, Info                  CSI    00000066 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:15, Info                  CSI    00000067 [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:17, Info                  CSI    00000069 [SR] Verify complete

2013-12-10 13:00:18, Info                  CSI    0000006a [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:18, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:21, Info                  CSI    0000006d [SR] Verify complete

2013-12-10 13:00:22, Info                  CSI    0000006e [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:22, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:25, Info                  CSI    00000071 [SR] Verify complete

2013-12-10 13:00:26, Info                  CSI    00000072 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:26, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:28, Info                  CSI    00000075 [SR] Verify complete

2013-12-10 13:00:29, Info                  CSI    00000076 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:29, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:32, Info                  CSI    00000079 [SR] Verify complete

2013-12-10 13:00:32, Info                  CSI    0000007a [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:32, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:35, Info                  CSI    0000007d [SR] Verify complete

2013-12-10 13:00:36, Info                  CSI    0000007e [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:36, Info                  CSI    0000007f [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:40, Info                  CSI    00000081 [SR] Verify complete

2013-12-10 13:00:41, Info                  CSI    00000082 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:41, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:43, Info                  CSI    00000085 [SR] Verify complete

2013-12-10 13:00:44, Info                  CSI    00000086 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:44, Info                  CSI    00000087 [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:47, Info                  CSI    00000089 [SR] Verify complete

2013-12-10 13:00:47, Info                  CSI    0000008a [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:47, Info                  CSI    0000008b [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:50, Info                  CSI    0000008d [SR] Verify complete

2013-12-10 13:00:50, Info                  CSI    0000008e [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:50, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction

2013-12-10 13:00:56, Info                  CSI    00000091 [SR] Verify complete

2013-12-10 13:00:57, Info                  CSI    00000092 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:00:57, Info                  CSI    00000093 [SR] Beginning Verify and Repair transaction

2013-12-10 13:01:06, Info                  CSI    00000095 [SR] Verify complete

2013-12-10 13:01:07, Info                  CSI    00000096 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:01:07, Info                  CSI    00000097 [SR] Beginning Verify and Repair transaction

2013-12-10 13:01:13, Info                  CSI    00000099 [SR] Verify complete

2013-12-10 13:01:14, Info                  CSI    0000009a [SR] Verifying 100 (0x00000064) components

2013-12-10 13:01:14, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction

2013-12-10 13:01:24, Info                  CSI    0000009e [SR] Verify complete

2013-12-10 13:01:25, Info                  CSI    0000009f [SR] Verifying 100 (0x00000064) components

2013-12-10 13:01:25, Info                  CSI    000000a0 [SR] Beginning Verify and Repair transaction

2013-12-10 13:01:32, Info                  CSI    000000a3 [SR] Verify complete

2013-12-10 13:01:33, Info                  CSI    000000a4 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:01:33, Info                  CSI    000000a5 [SR] Beginning Verify and Repair transaction

2013-12-10 13:01:42, Info                  CSI    000000a7 [SR] Verify complete

2013-12-10 13:01:43, Info                  CSI    000000a8 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:01:43, Info                  CSI    000000a9 [SR] Beginning Verify and Repair transaction

2013-12-10 13:01:59, Info                  CSI    000000b3 [SR] Verify complete

2013-12-10 13:02:00, Info                  CSI    000000b4 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:02:00, Info                  CSI    000000b5 [SR] Beginning Verify and Repair transaction

2013-12-10 13:02:10, Info                  CSI    000000b7 [SR] Verify complete

2013-12-10 13:02:11, Info                  CSI    000000b8 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:02:11, Info                  CSI    000000b9 [SR] Beginning Verify and Repair transaction

2013-12-10 13:02:19, Info                  CSI    000000bb [SR] Verify complete

2013-12-10 13:02:20, Info                  CSI    000000bc [SR] Verifying 100 (0x00000064) components

2013-12-10 13:02:20, Info                  CSI    000000bd [SR] Beginning Verify and Repair transaction

2013-12-10 13:02:28, Info                  CSI    000000bf [SR] Verify complete

2013-12-10 13:02:29, Info                  CSI    000000c0 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:02:29, Info                  CSI    000000c1 [SR] Beginning Verify and Repair transaction

2013-12-10 13:02:38, Info                  CSI    000000c3 [SR] Verify complete

2013-12-10 13:02:39, Info                  CSI    000000c4 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:02:39, Info                  CSI    000000c5 [SR] Beginning Verify and Repair transaction

2013-12-10 13:02:54, Info                  CSI    000000c7 [SR] Verify complete

2013-12-10 13:02:55, Info                  CSI    000000c8 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:02:55, Info                  CSI    000000c9 [SR] Beginning Verify and Repair transaction

2013-12-10 13:03:13, Info                  CSI    000000cd [SR] Verify complete

2013-12-10 13:03:14, Info                  CSI    000000ce [SR] Verifying 100 (0x00000064) components

2013-12-10 13:03:14, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction

2013-12-10 13:03:36, Info                  CSI    000000d1 [SR] Verify complete

2013-12-10 13:03:37, Info                  CSI    000000d2 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:03:37, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction

2013-12-10 13:04:09, Info                  CSI    000000d5 [SR] Verify complete

2013-12-10 13:04:10, Info                  CSI    000000d6 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:04:10, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction

2013-12-10 13:04:17, Info                  CSI    000000d9 [SR] Verify complete

2013-12-10 13:04:17, Info                  CSI    000000da [SR] Verifying 100 (0x00000064) components

2013-12-10 13:04:17, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction

2013-12-10 13:04:22, Info                  CSI    000000dd [SR] Verify complete

2013-12-10 13:04:22, Info                  CSI    000000de [SR] Verifying 100 (0x00000064) components

2013-12-10 13:04:22, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction

2013-12-10 13:04:27, Info                  CSI    000000e1 [SR] Verify complete

2013-12-10 13:04:27, Info                  CSI    000000e2 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:04:27, Info                  CSI    000000e3 [SR] Beginning Verify and Repair transaction

2013-12-10 13:04:48, Info                  CSI    00000101 [SR] Verify complete

2013-12-10 13:04:49, Info                  CSI    00000102 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:04:49, Info                  CSI    00000103 [SR] Beginning Verify and Repair transaction

2013-12-10 13:04:57, Info                  CSI    00000105 [SR] Verify complete

2013-12-10 13:04:57, Info                  CSI    00000106 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:04:57, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction

2013-12-10 13:05:04, Info                  CSI    00000109 [SR] Verify complete

2013-12-10 13:05:04, Info                  CSI    0000010a [SR] Verifying 100 (0x00000064) components

2013-12-10 13:05:04, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction

2013-12-10 13:05:10, Info                  CSI    0000010d [SR] Verify complete

2013-12-10 13:05:12, Info                  CSI    0000010e [SR] Verifying 100 (0x00000064) components

2013-12-10 13:05:12, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction

2013-12-10 13:05:22, Info                  CSI    00000111 [SR] Verify complete

2013-12-10 13:05:23, Info                  CSI    00000112 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:05:23, Info                  CSI    00000113 [SR] Beginning Verify and Repair transaction

2013-12-10 13:05:39, Info                  CSI    00000116 [SR] Verify complete

2013-12-10 13:05:40, Info                  CSI    00000117 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:05:40, Info                  CSI    00000118 [SR] Beginning Verify and Repair transaction

2013-12-10 13:05:45, Info                  CSI    0000011a [SR] Verify complete

2013-12-10 13:05:46, Info                  CSI    0000011b [SR] Verifying 100 (0x00000064) components

2013-12-10 13:05:46, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction

2013-12-10 13:05:52, Info                  CSI    0000011e [SR] Verify complete

2013-12-10 13:05:52, Info                  CSI    0000011f [SR] Verifying 100 (0x00000064) components

2013-12-10 13:05:52, Info                  CSI    00000120 [SR] Beginning Verify and Repair transaction

2013-12-10 13:06:05, Info                  CSI    00000122 [SR] Verify complete

2013-12-10 13:06:06, Info                  CSI    00000123 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:06:06, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction

2013-12-10 13:06:15, Info                  CSI    00000126 [SR] Verify complete

2013-12-10 13:06:16, Info                  CSI    00000127 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:06:16, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction

2013-12-10 13:06:28, Info                  CSI    0000012a [SR] Verify complete

2013-12-10 13:06:29, Info                  CSI    0000012b [SR] Verifying 100 (0x00000064) components

2013-12-10 13:06:29, Info                  CSI    0000012c [SR] Beginning Verify and Repair transaction

2013-12-10 13:06:48, Info                  CSI    00000151 [SR] Verify complete

2013-12-10 13:06:49, Info                  CSI    00000152 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:06:49, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction

2013-12-10 13:07:02, Info                  CSI    00000155 [SR] Verify complete

2013-12-10 13:07:03, Info                  CSI    00000156 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:07:03, Info                  CSI    00000157 [SR] Beginning Verify and Repair transaction

2013-12-10 13:07:32, Info                  CSI    00000159 [SR] Verify complete

2013-12-10 13:07:33, Info                  CSI    0000015a [SR] Verifying 100 (0x00000064) components

2013-12-10 13:07:33, Info                  CSI    0000015b [SR] Beginning Verify and Repair transaction

2013-12-10 13:07:51, Info                  CSI    0000015d [SR] Verify complete

2013-12-10 13:07:52, Info                  CSI    0000015e [SR] Verifying 100 (0x00000064) components

2013-12-10 13:07:52, Info                  CSI    0000015f [SR] Beginning Verify and Repair transaction

2013-12-10 13:08:06, Info                  CSI    00000161 [SR] Verify complete

2013-12-10 13:08:06, Info                  CSI    00000162 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:08:06, Info                  CSI    00000163 [SR] Beginning Verify and Repair transaction

2013-12-10 13:08:16, Info                  CSI    00000165 [SR] Verify complete

2013-12-10 13:08:17, Info                  CSI    00000166 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:08:17, Info                  CSI    00000167 [SR] Beginning Verify and Repair transaction

2013-12-10 13:08:26, Info                  CSI    00000169 [SR] Verify complete

2013-12-10 13:08:27, Info                  CSI    0000016a [SR] Verifying 100 (0x00000064) components

2013-12-10 13:08:27, Info                  CSI    0000016b [SR] Beginning Verify and Repair transaction

2013-12-10 13:08:37, Info                  CSI    0000016e [SR] Verify complete

2013-12-10 13:08:38, Info                  CSI    0000016f [SR] Verifying 100 (0x00000064) components

2013-12-10 13:08:38, Info                  CSI    00000170 [SR] Beginning Verify and Repair transaction

2013-12-10 13:08:57, Info                  CSI    00000172 [SR] Verify complete

2013-12-10 13:08:57, Info                  CSI    00000173 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:08:57, Info                  CSI    00000174 [SR] Beginning Verify and Repair transaction

2013-12-10 13:09:10, Info                  CSI    00000176 [SR] Verify complete

2013-12-10 13:09:10, Info                  CSI    00000177 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:09:10, Info                  CSI    00000178 [SR] Beginning Verify and Repair transaction

2013-12-10 13:09:23, Info                  CSI    0000017a [SR] Verify complete

2013-12-10 13:09:24, Info                  CSI    0000017b [SR] Verifying 100 (0x00000064) components

2013-12-10 13:09:24, Info                  CSI    0000017c [SR] Beginning Verify and Repair transaction

2013-12-10 13:09:40, Info                  CSI    0000017e [SR] Verify complete

2013-12-10 13:09:41, Info                  CSI    0000017f [SR] Verifying 100 (0x00000064) components

2013-12-10 13:09:41, Info                  CSI    00000180 [SR] Beginning Verify and Repair transaction

2013-12-10 13:09:51, Info                  CSI    00000182 [SR] Verify complete

2013-12-10 13:09:52, Info                  CSI    00000183 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:09:52, Info                  CSI    00000184 [SR] Beginning Verify and Repair transaction

2013-12-10 13:10:07, Info                  CSI    00000186 [SR] Verify complete

2013-12-10 13:10:08, Info                  CSI    00000187 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:10:08, Info                  CSI    00000188 [SR] Beginning Verify and Repair transaction

2013-12-10 13:10:23, Info                  CSI    0000018b [SR] Verify complete

2013-12-10 13:10:24, Info                  CSI    0000018c [SR] Verifying 100 (0x00000064) components

2013-12-10 13:10:24, Info                  CSI    0000018d [SR] Beginning Verify and Repair transaction

2013-12-10 13:10:36, Info                  CSI    0000018f [SR] Verify complete

2013-12-10 13:10:37, Info                  CSI    00000190 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:10:37, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction

2013-12-10 13:10:44, Info                  CSI    00000193 [SR] Verify complete

2013-12-10 13:10:45, Info                  CSI    00000194 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:10:45, Info                  CSI    00000195 [SR] Beginning Verify and Repair transaction

2013-12-10 13:10:55, Info                  CSI    00000197 [SR] Verify complete

2013-12-10 13:10:55, Info                  CSI    00000198 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:10:55, Info                  CSI    00000199 [SR] Beginning Verify and Repair transaction

2013-12-10 13:11:05, Info                  CSI    0000019e [SR] Verify complete

2013-12-10 13:11:06, Info                  CSI    0000019f [SR] Verifying 100 (0x00000064) components

2013-12-10 13:11:06, Info                  CSI    000001a0 [SR] Beginning Verify and Repair transaction

2013-12-10 13:11:15, Info                  CSI    000001a1 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store

2013-12-10 13:11:15, Info                  CSI    000001a2 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store

2013-12-10 13:11:16, Info                  CSI    000001a4 [SR] Verify complete

2013-12-10 13:11:17, Info                  CSI    000001a5 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:11:17, Info                  CSI    000001a6 [SR] Beginning Verify and Repair transaction

2013-12-10 13:11:32, Info                  CSI    000001a8 [SR] Verify complete

2013-12-10 13:11:32, Info                  CSI    000001a9 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:11:32, Info                  CSI    000001aa [SR] Beginning Verify and Repair transaction

2013-12-10 13:11:39, Info                  CSI    000001ac [SR] Verify complete

2013-12-10 13:11:40, Info                  CSI    000001ad [SR] Verifying 100 (0x00000064) components

2013-12-10 13:11:40, Info                  CSI    000001ae [SR] Beginning Verify and Repair transaction

2013-12-10 13:11:49, Info                  CSI    000001b0 [SR] Verify complete

2013-12-10 13:11:49, Info                  CSI    000001b1 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:11:49, Info                  CSI    000001b2 [SR] Beginning Verify and Repair transaction

2013-12-10 13:12:00, Info                  CSI    000001b4 [SR] Verify complete

2013-12-10 13:12:01, Info                  CSI    000001b5 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:12:01, Info                  CSI    000001b6 [SR] Beginning Verify and Repair transaction

2013-12-10 13:12:14, Info                  CSI    000001b8 [SR] Verify complete

2013-12-10 13:12:14, Info                  CSI    000001b9 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:12:14, Info                  CSI    000001ba [SR] Beginning Verify and Repair transaction

2013-12-10 13:12:21, Info                  CSI    000001bb [SR] Repairing corrupted file [ml:520{260},l:82{41}]"\??\C:\Windows\System32\LogFiles\Firewall"\[l:20{10}]"mpssvc.dat" from store

2013-12-10 13:12:22, Info                  CSI    000001bd [SR] Verify complete

2013-12-10 13:12:23, Info                  CSI    000001be [SR] Verifying 100 (0x00000064) components

2013-12-10 13:12:23, Info                  CSI    000001bf [SR] Beginning Verify and Repair transaction

2013-12-10 13:12:45, Info                  CSI    000001c1 [SR] Verify complete

2013-12-10 13:12:46, Info                  CSI    000001c2 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:12:46, Info                  CSI    000001c3 [SR] Beginning Verify and Repair transaction

2013-12-10 13:12:52, Info                  CSI    000001c5 [SR] Verify complete

2013-12-10 13:12:53, Info                  CSI    000001c6 [SR] Verifying 100 (0x00000064) components

2013-12-10 13:12:53, Info                  CSI    000001c7 [SR] Beginning Verify and Repair transaction

2013-12-10 13:13:02, Info                  CSI    000001c9 [SR] Verify complete

2013-12-10 13:13:02, Info                  CSI    000001ca [SR] Verifying 88 (0x00000058) components

2013-12-10 13:13:02, Info                  CSI    000001cb [SR] Beginning Verify and Repair transaction

2013-12-10 13:13:11, Info                  CSI    000001d6 [SR] Verify complete

2013-12-10 13:13:11, Info                  CSI    000001d7 [SR] Repairing 2 components

2013-12-10 13:13:11, Info                  CSI    000001d8 [SR] Beginning Verify and Repair transaction

2013-12-10 13:13:11, Info                  CSI    000001d9 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store

2013-12-10 13:13:11, Info                  CSI    000001da [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store

2013-12-10 13:13:11, Info                  CSI    000001db [SR] Repairing corrupted file [ml:520{260},l:82{41}]"\??\C:\Windows\System32\LogFiles\Firewall"\[l:20{10}]"mpssvc.dat" from store

2013-12-10 13:13:11, Info                  CSI    000001dd [SR] Repair complete

2013-12-10 13:13:11, Info                  CSI    000001de [SR] Committing transaction

2013-12-10 13:13:12, Info                  CSI    000001e2 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired


also just a quick note. I have been having a problem with pasting. I can copy and cut things but when I right click to paste it is not highlighted like the others.



#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:47 PM

Posted 10 December 2013 - 02:46 PM

also just a quick note. I have been having a problem with pasting. I can copy and cut things but when I right click to paste it is not highlighted like the others


Have you tried it in Notepad?

Are you having this problem in Notepad or in other applications?

#14 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 231 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:02:47 PM

Posted 11 December 2013 - 04:20 PM

in all applications even here I have to click on the notepad icon and paste it that way


I just tried it in notepad but it works there



#15 bedtimefrog

bedtimefrog
  • Topic Starter

  • Members
  • 231 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wpg, Mb, Canada
  • Local time:02:47 PM

Posted 11 December 2013 - 04:22 PM

when I click on a page the screen freezes then blinks but takes only a few secs to go to what I was clicking on...other then that everything else seems to be working better.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users