Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tricked into installing malware and it invited its best friends...


  • Please log in to reply
14 replies to this topic

#1 WTW

WTW

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:29 PM

Posted 23 December 2014 - 07:20 PM

System: Windows 8.1 Pro, Windows Defender (MSE), Malwarebytes Anti-Malware, Mozilla Firefox...

 

Issue: While using Mozilla Firefox I received a pop-up encouraging me to, "Install Software Updater to update Mozilla Firefox."  I was doing sixteen other things a didn't scrutinize the message very carefully; like an idiot I clicked on "Accept & Install."  Before I realized it the following had been installed:

 

Software Updater
Search Protect
Storm Watch
Desktop Temperature Monitor
...and maybe some other stuff too...

 

I realized something was wrong when I saw a pop-up inviting me to "Click here to backup and protect [my] files" using MyPCBackup.

 

Here's what I did when I realized my system had been compromised:

1 - Unplugged my USB-attached file storage.

2 - Launched Control Panel > Uninstall a Program.  Saw and uninstalled the following:

 

Software Updater (v.1.9.9)
Search Protect from Client Connect LTD (v.2.19.10.160)
StormWatch from StormWatch (v.1.0.1.36)
Desktop Temperature Monitor from System Alerts LLC (v.1.26.2.0)

 

3 - Rebooted.  (I was told that I needed to reboot to complete the uninstalls as some of the files were in use.)

 

4 - Updated the virus definitions for Microsoft Defender (MSE) and ran a full scan.  It did not find any issues.

 

5 - Searched for all files on my system that had been modified that day, then sorted this list by date & time.  Looked through this list and found many directories and files that were associated with the install of these programs.  Manually deleted these directories and files.

 

6 - Searched the registry for references to the above-listed programs as well as references to some of the files that were found when I searched the system (previous step).  Deleted a few references that I found.

 

7 - Downloaded and installed Malwarebytes Anti-Malware.  Ran a full scan.  It did not find any issues.

 

8 - Found that the malware had redirected my home page in both Firefox and Internet Explorer to www.trovi.com, and search to search.conduit.com.

 

9 - Uninstalled Firefox as I was not sure what else might have been changed and I can easily re-install it.

 

10 - Considered uninstalling IE but decided against it as it is tied up with Windows so closely and I didn't want to break anything.  Instead, I redirected IE's home page and default search.

 

11 - Ran CCleaner.

 

12 - Downloaded and installed SlimCleaner.  Ran a cleanup.

 

13 - Downloaded and installed Norton Power Eraser.  Ran program; it did not find any issues.

 

I'm hoping that I've eliminated all of the bad stuff, but want to make absolutely sure my system is clean before I plug back in my USB-attached file storage and log back in to various web services.

 

Any suggestions for how I can make sure that my system does not have any malware (viruses, spyware, key loggers, crypto ransomeware, root kits, adware, etc...) lingering about?



BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 24 December 2014 - 04:08 AM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.

:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points

:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

:step4: Please download Malwarebytes Anti-Rootkit to your desktop

  • Double click it and click ok (Make sure to extract it to your desktop)
  • When it opens, click next and then update.
  • After it's updated, click next and then scan.
  • If malware is detected, select clean, then restart your computer.
  • Open 'MBAR' on your desktop and paste the contens in your reply of the following logs:
  • mbar-log-xx.xx.xx.txt and system-log.txt.

:step5: Non-malware removal steps

Run System File Checker - http://support.microsoft.com/KB/929833
Run Disk Check - http://support.microsoft.com/kb/2641432
Run Disk Cleanup - http://windows.microsoft.com/en-gb/windows/delete-files-using-disk-cleanup

Thanks and good luck!



#3 WTW

WTW
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 25 December 2014 - 09:40 AM

Thanks for helping...!  Here goes...

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MiniToolBox - Result.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by William (administrator) on 24-12-2014 at 18:56:19
Running from "C:\Software\Security_Software\Anti-Malware\BleepingComputer\MiniToolBox"
Microsoft Windows 8.1 Pro  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Content Manager (HKLM-x32\...\{B64BC516-2406-43AE-A21A-1E387A2343B1}) (Version: 2.70 - Magellan)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - Acro Software Inc.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
F2400 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel® Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version:  - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{9913305E-D4AC-4D26-B30F-799D529FB282}) (Version:  - Microsoft)
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7B9D2746-D03B-442B-A691-90B748E316B4}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
========================= Restore Points ==================================

06-12-2014 00:24:43 Scheduled Checkpoint
10-12-2014 22:38:53 Windows Update
18-12-2014 05:14:03 Windows Modules Installer

**** End of log ****

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-2014-12-24 (18-58-21).xml

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/12/24 18:58:27 -0500</date>
<logfile>mbam-log-2014-12-24 (18-58-21).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.4.1028</version>
<malware-database>v2014.12.24.13</malware-database>
<rootkit-database>v2014.12.23.02</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>enabled</self-protection>
</engine>
<system>
<osversion>Windows 8.1</osversion>
<arch>x64</arch>
<username>William</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>490162</objects>
<time>546</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>enabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
</items>
</mbam-log>
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\protection-log-2014-12-24.xml

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

<?xml version="1.0" encoding="UTF-8" ?>
<logs>
   <record severity="debug" LoggingEventType="1" datetime="2014-12-24T04:30:15.247272-05:00" source="Scheduler" type="Update" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="1f76058d-9325-4bff-9dbb-7867f8d86854" code="Unable to access update server" message="Failed"></record>
   <record severity="debug" LoggingEventType="1" datetime="2014-12-24T12:38:45.058398-05:00" source="Scheduler" type="Update" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="86b5ac68-dca2-4aa2-9e9b-63da971e79a9" code="Unable to access update server" message="Failed"></record>
   <record severity="debug" nonmalwaredetections="0" LoggingEventType="6" scanresult="completed" datetime="2014-12-24T12:43:22.778877-05:00" scantype="threat" source="Manual" starttime="2014-12-24T04:30:16-05:00" type="Scan" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="a20b7999-022e-41ab-943d-6ba30787418f" duration="29586" malwaredetections="0"></record>
   <record severity="debug" LoggingEventType="1" datetime="2014-12-24T13:26:31.311399-05:00" source="Scheduler" type="Update" username="SYSTEM" systemname="3GHZCLONE-PC" fromVersion="2014.12.23.9" last_modified_tag="6888bd3b-9264-4b79-bc32-33d6d31c4163" name="Malware Database" toVersion="2014.12.24.11"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T13:26:31.358275-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="a4526a8a-d4ff-4140-9209-2da6e65ca0c1" result="Starting" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T13:26:31.373899-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="9c43baf0-fc76-494c-aa4b-19bbced3c030" result="Stopping" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T13:26:31.678411-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="d0df8127-25f6-4e2d-8bab-8e1744163fdf" result="Stopped" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T13:28:41.754590-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="8a6b44bb-459d-4985-82df-d7537ccaedc2" result="Success" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T13:28:41.785839-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="68a3dcee-b7fb-4a31-8517-52b60ad19820" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T13:28:42.113966-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="a04a651e-058a-40ba-877e-31a4a4ac0e21" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="1" datetime="2014-12-24T15:09:21.152020-05:00" source="Manual" type="Update" username="SYSTEM" systemname="3GHZCLONE-PC" fromVersion="2014.12.24.11" last_modified_tag="43e08781-bbb5-438a-b8f3-568c14d21a02" name="Malware Database" toVersion="2014.12.24.12"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T15:09:21.448896-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="82e90916-f3a4-4549-9d6a-a75d31fc7b11" result="Starting" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T15:09:21.542645-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="a16adcac-62e4-4042-bde6-599751d01439" result="Stopping" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T15:09:21.730146-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="ce89081f-ddd8-4507-bf4b-6bd865753b9a" result="Stopped" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T15:12:34.249895-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="24133912-a02c-4f75-969e-ea7ad6429eb6" result="Success" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T15:12:34.296769-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="21b4168f-62b9-4a95-ba4c-6bdef7b507df" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T15:12:34.671769-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="1b42d778-c9e8-46b5-adf1-9f642fddd874" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="1" datetime="2014-12-24T16:22:46.211407-05:00" source="Scheduler" type="Update" username="SYSTEM" systemname="3GHZCLONE-PC" fromVersion="2014.12.24.12" last_modified_tag="04915dbb-3e64-48f6-be12-147ffda5038e" name="Malware Database" toVersion="2014.12.24.13"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T16:22:46.242658-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="1313cdbb-a9cb-43d1-bd30-4b4c2a94e71a" result="Starting" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T16:22:46.258282-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="2fa20af4-affb-49f1-9131-35e40de95a8e" result="Stopping" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T16:22:46.570783-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="5b64f94a-de0f-4bd6-9c39-bb65f3700ae8" result="Stopped" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T16:25:50.993077-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="b11bd7fd-bd22-4746-a79c-1fc43b3bf66f" result="Success" subtype="Refresh"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T16:25:51.039951-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="d3889d48-55a5-4e13-8189-5050f8b8080d" result="Starting" subtype="Malicious Website Protection"></record>
   <record severity="debug" LoggingEventType="2" datetime="2014-12-24T16:25:51.368077-05:00" source="Protection" type="Protection" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="c18f2ca7-a679-4640-8b67-465673668fdb" result="Started" subtype="Malicious Website Protection"></record>
   <record severity="debug" nonmalwaredetections="0" LoggingEventType="6" scanresult="completed" datetime="2014-12-24T19:07:34.059982-05:00" scantype="threat" source="Manual" starttime="2014-12-24T18:58:27-05:00" type="Scan" username="SYSTEM" systemname="3GHZCLONE-PC" last_modified_tag="fc111dd8-d881-4436-8ab3-671255b1e7e4" duration="546" malwaredetections="0"></record>
</logs>
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Security Check - Checkup.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 Results of screen317's Security Check version 0.99.93 
   x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Windows Defender  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 SlimCleaner    
 Adobe Flash Player  16.0.0.235 
 Adobe Reader XI 
````````Process Check: objlist.exe by Laurent```````` 
 Windows Defender MSMpEng.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe  
 Security_Software Anti-Malware BleepingComputer SecurityCheck\SecurityCheck.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

C:\Users\William\Desktop\mbar\mbar-log-2014-12-25 (02-03-38).txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.25.03

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17498
William :: 3GHZCLONE-PC [administrator]

12/25/2014 2:03:38 AM
mbar-log-2014-12-25 (02-03-38).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 488949
Time elapsed: 7 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

C:\Users\William\Desktop\mbar\system-log.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17498

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 4155092992, free: 2694934528

Downloaded database version: v2014.12.25.03
Downloaded database version: v2014.12.23.02
Downloaded database version: v2014.12.06.01
=======================================
------------ Kernel report ------------
     12/25/2014 02:03:23
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\system32\DRIVERS\e1e6032e.sys
\SystemRoot\System32\drivers\usbuhci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\mslldp.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\System32\drivers\rdpdr.sys
\SystemRoot\system32\Drivers\WdNisDrv.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\SMR430.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\mouhid.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffe00047eef670
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000001d\
Lower Device Object: 0xffffe000471e8060
Lower Device Driver Name: \Driver\storahci\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe00047eef670, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe00047eee040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe00047eef670, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe000471e8060, DeviceName: \Device\0000001d\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
The directory C:\WINDOWS\SYSTEM32\drivers seems inaccessible or encrypted.
Drivers scan is aborted.
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 6D786E7E

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 976564224

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Microsoft's System File Checker (SFC) - SFCdetails.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

2014-12-24 16:00:14, Info                  CSI    0000000a [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:14, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2014-12-24 16:00:18, Info                  CSI    0000000c [SR] Verify complete
2014-12-24 16:00:18, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:18, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2014-12-24 16:00:22, Info                  CSI    0000000f [SR] Verify complete
2014-12-24 16:00:22, Info                  CSI    00000010 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:22, Info                  CSI    00000011 [SR] Beginning Verify and Repair transaction
2014-12-24 16:00:26, Info                  CSI    00000012 [SR] Verify complete
2014-12-24 16:00:26, Info                  CSI    00000013 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:26, Info                  CSI    00000014 [SR] Beginning Verify and Repair transaction
2014-12-24 16:00:30, Info                  CSI    00000015 [SR] Verify complete
2014-12-24 16:00:30, Info                  CSI    00000016 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:30, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2014-12-24 16:00:34, Info                  CSI    00000018 [SR] Verify complete
2014-12-24 16:00:34, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:34, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2014-12-24 16:00:38, Info                  CSI    0000001b [SR] Verify complete
2014-12-24 16:00:38, Info                  CSI    0000001c [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:38, Info                  CSI    0000001d [SR] Beginning Verify and Repair transaction
2014-12-24 16:00:41, Info                  CSI    0000001e [SR] Verify complete
2014-12-24 16:00:41, Info                  CSI    0000001f [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:41, Info                  CSI    00000020 [SR] Beginning Verify and Repair transaction
2014-12-24 16:00:45, Info                  CSI    00000021 [SR] Verify complete
2014-12-24 16:00:45, Info                  CSI    00000022 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:45, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2014-12-24 16:00:49, Info                  CSI    00000024 [SR] Verify complete
2014-12-24 16:00:49, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:49, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2014-12-24 16:00:53, Info                  CSI    00000027 [SR] Verify complete
2014-12-24 16:00:53, Info                  CSI    00000028 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:53, Info                  CSI    00000029 [SR] Beginning Verify and Repair transaction
2014-12-24 16:00:56, Info                  CSI    0000002a [SR] Verify complete
2014-12-24 16:00:56, Info                  CSI    0000002b [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:00:56, Info                  CSI    0000002c [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:00, Info                  CSI    0000002d [SR] Verify complete
2014-12-24 16:01:00, Info                  CSI    0000002e [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:00, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:04, Info                  CSI    00000030 [SR] Verify complete
2014-12-24 16:01:04, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:04, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:07, Info                  CSI    00000033 [SR] Verify complete
2014-12-24 16:01:08, Info                  CSI    00000034 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:08, Info                  CSI    00000035 [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:11, Info                  CSI    00000036 [SR] Verify complete
2014-12-24 16:01:11, Info                  CSI    00000037 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:11, Info                  CSI    00000038 [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:15, Info                  CSI    00000039 [SR] Verify complete
2014-12-24 16:01:15, Info                  CSI    0000003a [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:15, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:19, Info                  CSI    0000003c [SR] Verify complete
2014-12-24 16:01:19, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:19, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:23, Info                  CSI    0000003f [SR] Verify complete
2014-12-24 16:01:23, Info                  CSI    00000040 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:23, Info                  CSI    00000041 [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:26, Info                  CSI    00000042 [SR] Verify complete
2014-12-24 16:01:26, Info                  CSI    00000043 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:26, Info                  CSI    00000044 [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:30, Info                  CSI    00000045 [SR] Verify complete
2014-12-24 16:01:30, Info                  CSI    00000046 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:30, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:33, Info                  CSI    00000048 [SR] Verify complete
2014-12-24 16:01:34, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:34, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:37, Info                  CSI    0000004b [SR] Verify complete
2014-12-24 16:01:37, Info                  CSI    0000004c [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:37, Info                  CSI    0000004d [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:41, Info                  CSI    0000004e [SR] Verify complete
2014-12-24 16:01:41, Info                  CSI    0000004f [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:41, Info                  CSI    00000050 [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:45, Info                  CSI    00000051 [SR] Verify complete
2014-12-24 16:01:45, Info                  CSI    00000052 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:45, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:48, Info                  CSI    00000054 [SR] Verify complete
2014-12-24 16:01:48, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:48, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:52, Info                  CSI    00000057 [SR] Verify complete
2014-12-24 16:01:52, Info                  CSI    00000058 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:52, Info                  CSI    00000059 [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:56, Info                  CSI    0000005a [SR] Verify complete
2014-12-24 16:01:56, Info                  CSI    0000005b [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:56, Info                  CSI    0000005c [SR] Beginning Verify and Repair transaction
2014-12-24 16:01:59, Info                  CSI    0000005d [SR] Verify complete
2014-12-24 16:01:59, Info                  CSI    0000005e [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:01:59, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:03, Info                  CSI    00000060 [SR] Verify complete
2014-12-24 16:02:03, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:03, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:06, Info                  CSI    00000063 [SR] Verify complete
2014-12-24 16:02:07, Info                  CSI    00000064 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:07, Info                  CSI    00000065 [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:10, Info                  CSI    00000066 [SR] Verify complete
2014-12-24 16:02:10, Info                  CSI    00000067 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:10, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:14, Info                  CSI    00000069 [SR] Verify complete
2014-12-24 16:02:14, Info                  CSI    0000006a [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:14, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:17, Info                  CSI    0000006c [SR] Verify complete
2014-12-24 16:02:17, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:17, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:21, Info                  CSI    0000006f [SR] Verify complete
2014-12-24 16:02:21, Info                  CSI    00000070 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:21, Info                  CSI    00000071 [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:25, Info                  CSI    00000072 [SR] Verify complete
2014-12-24 16:02:25, Info                  CSI    00000073 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:25, Info                  CSI    00000074 [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:28, Info                  CSI    00000075 [SR] Verify complete
2014-12-24 16:02:28, Info                  CSI    00000076 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:28, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:32, Info                  CSI    00000078 [SR] Verify complete
2014-12-24 16:02:32, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:32, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:35, Info                  CSI    0000007b [SR] Verify complete
2014-12-24 16:02:35, Info                  CSI    0000007c [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:35, Info                  CSI    0000007d [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:39, Info                  CSI    0000007e [SR] Verify complete
2014-12-24 16:02:39, Info                  CSI    0000007f [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:39, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:42, Info                  CSI    00000081 [SR] Verify complete
2014-12-24 16:02:43, Info                  CSI    00000082 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:43, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:46, Info                  CSI    00000084 [SR] Verify complete
2014-12-24 16:02:46, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:46, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:49, Info                  CSI    00000087 [SR] Verify complete
2014-12-24 16:02:50, Info                  CSI    00000088 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:50, Info                  CSI    00000089 [SR] Beginning Verify and Repair transaction
2014-12-24 16:02:53, Info                  CSI    0000008a [SR] Verify complete
2014-12-24 16:02:53, Info                  CSI    0000008b [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:02:53, Info                  CSI    0000008c [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:01, Info                  CSI    0000008d [SR] Verify complete
2014-12-24 16:03:02, Info                  CSI    0000008e [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:02, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:05, Info                  CSI    00000090 [SR] Verify complete
2014-12-24 16:03:05, Info                  CSI    00000091 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:05, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:09, Info                  CSI    00000093 [SR] Verify complete
2014-12-24 16:03:09, Info                  CSI    00000094 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:09, Info                  CSI    00000095 [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:12, Info                  CSI    00000096 [SR] Verify complete
2014-12-24 16:03:12, Info                  CSI    00000097 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:12, Info                  CSI    00000098 [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:16, Info                  CSI    00000099 [SR] Verify complete
2014-12-24 16:03:16, Info                  CSI    0000009a [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:16, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:20, Info                  CSI    0000009c [SR] Verify complete
2014-12-24 16:03:21, Info                  CSI    0000009d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:21, Info                  CSI    0000009e [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:24, Info                  CSI    0000009f [SR] Verify complete
2014-12-24 16:03:24, Info                  CSI    000000a0 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:24, Info                  CSI    000000a1 [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:27, Info                  CSI    000000a2 [SR] Verify complete
2014-12-24 16:03:28, Info                  CSI    000000a3 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:28, Info                  CSI    000000a4 [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:31, Info                  CSI    000000a5 [SR] Verify complete
2014-12-24 16:03:31, Info                  CSI    000000a6 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:31, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:34, Info                  CSI    000000a8 [SR] Verify complete
2014-12-24 16:03:34, Info                  CSI    000000a9 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:34, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:38, Info                  CSI    000000ab [SR] Verify complete
2014-12-24 16:03:38, Info                  CSI    000000ac [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:38, Info                  CSI    000000ad [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:41, Info                  CSI    000000ae [SR] Verify complete
2014-12-24 16:03:41, Info                  CSI    000000af [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:41, Info                  CSI    000000b0 [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:45, Info                  CSI    000000b1 [SR] Verify complete
2014-12-24 16:03:45, Info                  CSI    000000b2 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:45, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:48, Info                  CSI    000000b4 [SR] Verify complete
2014-12-24 16:03:49, Info                  CSI    000000b5 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:49, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:52, Info                  CSI    000000b7 [SR] Verify complete
2014-12-24 16:03:52, Info                  CSI    000000b8 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:52, Info                  CSI    000000b9 [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:56, Info                  CSI    000000ba [SR] Verify complete
2014-12-24 16:03:56, Info                  CSI    000000bb [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:56, Info                  CSI    000000bc [SR] Beginning Verify and Repair transaction
2014-12-24 16:03:59, Info                  CSI    000000bd [SR] Verify complete
2014-12-24 16:03:59, Info                  CSI    000000be [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:03:59, Info                  CSI    000000bf [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:03, Info                  CSI    000000c0 [SR] Verify complete
2014-12-24 16:04:03, Info                  CSI    000000c1 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:03, Info                  CSI    000000c2 [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:06, Info                  CSI    000000c3 [SR] Verify complete
2014-12-24 16:04:06, Info                  CSI    000000c4 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:06, Info                  CSI    000000c5 [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:10, Info                  CSI    000000c6 [SR] Verify complete
2014-12-24 16:04:10, Info                  CSI    000000c7 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:10, Info                  CSI    000000c8 [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:14, Info                  CSI    000000c9 [SR] Verify complete
2014-12-24 16:04:14, Info                  CSI    000000ca [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:14, Info                  CSI    000000cb [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:17, Info                  CSI    000000cc [SR] Verify complete
2014-12-24 16:04:17, Info                  CSI    000000cd [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:17, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:21, Info                  CSI    000000cf [SR] Verify complete
2014-12-24 16:04:21, Info                  CSI    000000d0 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:21, Info                  CSI    000000d1 [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:25, Info                  CSI    000000d2 [SR] Verify complete
2014-12-24 16:04:25, Info                  CSI    000000d3 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:25, Info                  CSI    000000d4 [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:28, Info                  CSI    000000d5 [SR] Verify complete
2014-12-24 16:04:28, Info                  CSI    000000d6 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:28, Info                  CSI    000000d7 [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:32, Info                  CSI    000000d8 [SR] Verify complete
2014-12-24 16:04:33, Info                  CSI    000000d9 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:33, Info                  CSI    000000da [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:38, Info                  CSI    000000db [SR] Verify complete
2014-12-24 16:04:38, Info                  CSI    000000dc [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:38, Info                  CSI    000000dd [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:42, Info                  CSI    000000de [SR] Verify complete
2014-12-24 16:04:42, Info                  CSI    000000df [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:42, Info                  CSI    000000e0 [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:47, Info                  CSI    000000e1 [SR] Verify complete
2014-12-24 16:04:47, Info                  CSI    000000e2 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:47, Info                  CSI    000000e3 [SR] Beginning Verify and Repair transaction
2014-12-24 16:04:52, Info                  CSI    000000fd [SR] Verify complete
2014-12-24 16:04:52, Info                  CSI    000000fe [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:04:52, Info                  CSI    000000ff [SR] Beginning Verify and Repair transaction
2014-12-24 16:05:00, Info                  CSI    00000106 [SR] Verify complete
2014-12-24 16:05:00, Info                  CSI    00000107 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:05:00, Info                  CSI    00000108 [SR] Beginning Verify and Repair transaction
2014-12-24 16:05:06, Info                  CSI    0000010e [SR] Verify complete
2014-12-24 16:05:06, Info                  CSI    0000010f [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:05:06, Info                  CSI    00000110 [SR] Beginning Verify and Repair transaction
2014-12-24 16:05:12, Info                  CSI    00000119 [SR] Verify complete
2014-12-24 16:05:12, Info                  CSI    0000011a [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:05:12, Info                  CSI    0000011b [SR] Beginning Verify and Repair transaction
2014-12-24 16:05:18, Info                  CSI    0000011e [SR] Verify complete
2014-12-24 16:05:18, Info                  CSI    0000011f [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:05:18, Info                  CSI    00000120 [SR] Beginning Verify and Repair transaction
2014-12-24 16:05:22, Info                  CSI    00000121 [SR] Verify complete
2014-12-24 16:05:23, Info                  CSI    00000122 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:05:23, Info                  CSI    00000123 [SR] Beginning Verify and Repair transaction
2014-12-24 16:05:29, Info                  CSI    00000125 [SR] Verify complete
2014-12-24 16:05:29, Info                  CSI    00000126 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:05:29, Info                  CSI    00000127 [SR] Beginning Verify and Repair transaction
2014-12-24 16:05:37, Info                  CSI    00000147 [SR] Verify complete
2014-12-24 16:05:38, Info                  CSI    00000148 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:05:38, Info                  CSI    00000149 [SR] Beginning Verify and Repair transaction
2014-12-24 16:05:46, Info                  CSI    0000016e [SR] Verify complete
2014-12-24 16:05:46, Info                  CSI    0000016f [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:05:46, Info                  CSI    00000170 [SR] Beginning Verify and Repair transaction
2014-12-24 16:05:52, Info                  CSI    00000178 [SR] Verify complete
2014-12-24 16:05:53, Info                  CSI    00000179 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:05:53, Info                  CSI    0000017a [SR] Beginning Verify and Repair transaction
2014-12-24 16:06:00, Info                  CSI    00000183 [SR] Verify complete
2014-12-24 16:06:00, Info                  CSI    00000184 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:06:00, Info                  CSI    00000185 [SR] Beginning Verify and Repair transaction
2014-12-24 16:06:07, Info                  CSI    0000019c [SR] Verify complete
2014-12-24 16:06:07, Info                  CSI    0000019d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:06:07, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2014-12-24 16:06:14, Info                  CSI    000001a7 [SR] Verify complete
2014-12-24 16:06:14, Info                  CSI    000001a8 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:06:14, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2014-12-24 16:06:19, Info                  CSI    000001aa [SR] Verify complete
2014-12-24 16:06:19, Info                  CSI    000001ab [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:06:19, Info                  CSI    000001ac [SR] Beginning Verify and Repair transaction
2014-12-24 16:06:25, Info                  CSI    000001ae [SR] Verify complete
2014-12-24 16:06:26, Info                  CSI    000001af [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:06:26, Info                  CSI    000001b0 [SR] Beginning Verify and Repair transaction
2014-12-24 16:06:32, Info                  CSI    000001b8 [SR] Verify complete
2014-12-24 16:06:32, Info                  CSI    000001b9 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:06:32, Info                  CSI    000001ba [SR] Beginning Verify and Repair transaction
2014-12-24 16:06:41, Info                  CSI    000001d4 [SR] Verify complete
2014-12-24 16:06:41, Info                  CSI    000001d5 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:06:41, Info                  CSI    000001d6 [SR] Beginning Verify and Repair transaction
2014-12-24 16:06:50, Info                  CSI    00000209 [SR] Verify complete
2014-12-24 16:06:50, Info                  CSI    0000020a [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:06:50, Info                  CSI    0000020b [SR] Beginning Verify and Repair transaction
2014-12-24 16:07:03, Info                  CSI    0000022b [SR] Verify complete
2014-12-24 16:07:03, Info                  CSI    0000022c [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:07:03, Info                  CSI    0000022d [SR] Beginning Verify and Repair transaction
2014-12-24 16:07:15, Info                  CSI    0000022e [SR] Verify complete
2014-12-24 16:07:15, Info                  CSI    0000022f [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:07:15, Info                  CSI    00000230 [SR] Beginning Verify and Repair transaction
2014-12-24 16:07:21, Info                  CSI    00000237 [SR] Verify complete
2014-12-24 16:07:21, Info                  CSI    00000238 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:07:21, Info                  CSI    00000239 [SR] Beginning Verify and Repair transaction
2014-12-24 16:07:26, Info                  CSI    00000243 [SR] Verify complete
2014-12-24 16:07:26, Info                  CSI    00000244 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:07:26, Info                  CSI    00000245 [SR] Beginning Verify and Repair transaction
2014-12-24 16:07:35, Info                  CSI    00000261 [SR] Verify complete
2014-12-24 16:07:35, Info                  CSI    00000262 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:07:35, Info                  CSI    00000263 [SR] Beginning Verify and Repair transaction
2014-12-24 16:07:39, Info                  CSI    00000265 [SR] Verify complete
2014-12-24 16:07:39, Info                  CSI    00000266 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:07:39, Info                  CSI    00000267 [SR] Beginning Verify and Repair transaction
2014-12-24 16:07:43, Info                  CSI    00000268 [SR] Verify complete
2014-12-24 16:07:43, Info                  CSI    00000269 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:07:43, Info                  CSI    0000026a [SR] Beginning Verify and Repair transaction
2014-12-24 16:07:49, Info                  CSI    00000276 [SR] Verify complete
2014-12-24 16:07:50, Info                  CSI    00000277 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:07:50, Info                  CSI    00000278 [SR] Beginning Verify and Repair transaction
2014-12-24 16:07:55, Info                  CSI    00000282 [SR] Verify complete
2014-12-24 16:07:55, Info                  CSI    00000283 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:07:55, Info                  CSI    00000284 [SR] Beginning Verify and Repair transaction
2014-12-24 16:08:01, Info                  CSI    000002f2 [SR] Verify complete
2014-12-24 16:08:01, Info                  CSI    000002f3 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:08:01, Info                  CSI    000002f4 [SR] Beginning Verify and Repair transaction
2014-12-24 16:08:11, Info                  CSI    00000305 [SR] Verify complete
2014-12-24 16:08:11, Info                  CSI    00000306 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:08:11, Info                  CSI    00000307 [SR] Beginning Verify and Repair transaction
2014-12-24 16:08:17, Info                  CSI    0000030c [SR] Verify complete
2014-12-24 16:08:17, Info                  CSI    0000030d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:08:17, Info                  CSI    0000030e [SR] Beginning Verify and Repair transaction
2014-12-24 16:08:30, Info                  CSI    0000030f [SR] Verify complete
2014-12-24 16:08:30, Info                  CSI    00000310 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:08:30, Info                  CSI    00000311 [SR] Beginning Verify and Repair transaction
2014-12-24 16:08:38, Info                  CSI    00000329 [SR] Verify complete
2014-12-24 16:08:39, Info                  CSI    0000032a [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:08:39, Info                  CSI    0000032b [SR] Beginning Verify and Repair transaction
2014-12-24 16:08:46, Info                  CSI    00000331 [SR] Verify complete
2014-12-24 16:08:46, Info                  CSI    00000332 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:08:46, Info                  CSI    00000333 [SR] Beginning Verify and Repair transaction
2014-12-24 16:08:58, Info                  CSI    0000033e [SR] Verify complete
2014-12-24 16:08:58, Info                  CSI    0000033f [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:08:58, Info                  CSI    00000340 [SR] Beginning Verify and Repair transaction
2014-12-24 16:09:03, Info                  CSI    00000341 [SR] Verify complete
2014-12-24 16:09:03, Info                  CSI    00000342 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:09:03, Info                  CSI    00000343 [SR] Beginning Verify and Repair transaction
2014-12-24 16:09:18, Info                  CSI    00000353 [SR] Verify complete
2014-12-24 16:09:18, Info                  CSI    00000354 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:09:18, Info                  CSI    00000355 [SR] Beginning Verify and Repair transaction
2014-12-24 16:09:27, Info                  CSI    0000036d [SR] Verify complete
2014-12-24 16:09:27, Info                  CSI    0000036e [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:09:27, Info                  CSI    0000036f [SR] Beginning Verify and Repair transaction
2014-12-24 16:09:34, Info                  CSI    00000374 [SR] Verify complete
2014-12-24 16:09:34, Info                  CSI    00000375 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:09:34, Info                  CSI    00000376 [SR] Beginning Verify and Repair transaction
2014-12-24 16:09:42, Info                  CSI    0000037c [SR] Verify complete
2014-12-24 16:09:42, Info                  CSI    0000037d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:09:42, Info                  CSI    0000037e [SR] Beginning Verify and Repair transaction
2014-12-24 16:09:56, Info                  CSI    00000382 [SR] Verify complete
2014-12-24 16:09:56, Info                  CSI    00000383 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:09:56, Info                  CSI    00000384 [SR] Beginning Verify and Repair transaction
2014-12-24 16:10:02, Info                  CSI    00000387 [SR] Verify complete
2014-12-24 16:10:02, Info                  CSI    00000388 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:10:02, Info                  CSI    00000389 [SR] Beginning Verify and Repair transaction
2014-12-24 16:10:09, Info                  CSI    00000394 [SR] Verify complete
2014-12-24 16:10:09, Info                  CSI    00000395 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:10:09, Info                  CSI    00000396 [SR] Beginning Verify and Repair transaction
2014-12-24 16:10:16, Info                  CSI    000003a8 [SR] Verify complete
2014-12-24 16:10:16, Info                  CSI    000003a9 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:10:16, Info                  CSI    000003aa [SR] Beginning Verify and Repair transaction
2014-12-24 16:10:23, Info                  CSI    000003ae [SR] Verify complete
2014-12-24 16:10:23, Info                  CSI    000003af [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:10:23, Info                  CSI    000003b0 [SR] Beginning Verify and Repair transaction
2014-12-24 16:10:30, Info                  CSI    000003be [SR] Verify complete
2014-12-24 16:10:30, Info                  CSI    000003bf [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:10:30, Info                  CSI    000003c0 [SR] Beginning Verify and Repair transaction
2014-12-24 16:10:36, Info                  CSI    000003c9 [SR] Verify complete
2014-12-24 16:10:36, Info                  CSI    000003ca [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:10:36, Info                  CSI    000003cb [SR] Beginning Verify and Repair transaction
2014-12-24 16:10:43, Info                  CSI    000003d0 [SR] Verify complete
2014-12-24 16:10:43, Info                  CSI    000003d1 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:10:43, Info                  CSI    000003d2 [SR] Beginning Verify and Repair transaction
2014-12-24 16:10:49, Info                  CSI    000003d4 [SR] Verify complete
2014-12-24 16:10:49, Info                  CSI    000003d5 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:10:49, Info                  CSI    000003d6 [SR] Beginning Verify and Repair transaction
2014-12-24 16:10:58, Info                  CSI    000003dd [SR] Verify complete
2014-12-24 16:10:58, Info                  CSI    000003de [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:10:58, Info                  CSI    000003df [SR] Beginning Verify and Repair transaction
2014-12-24 16:11:04, Info                  CSI    000003ec [SR] Verify complete
2014-12-24 16:11:04, Info                  CSI    000003ed [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:11:04, Info                  CSI    000003ee [SR] Beginning Verify and Repair transaction
2014-12-24 16:11:09, Info                  CSI    000003f1 [SR] Verify complete
2014-12-24 16:11:09, Info                  CSI    000003f2 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:11:09, Info                  CSI    000003f3 [SR] Beginning Verify and Repair transaction
2014-12-24 16:11:16, Info                  CSI    000003f4 [SR] Verify complete
2014-12-24 16:11:16, Info                  CSI    000003f5 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:11:16, Info                  CSI    000003f6 [SR] Beginning Verify and Repair transaction
2014-12-24 16:11:24, Info                  CSI    00000405 [SR] Verify complete
2014-12-24 16:11:24, Info                  CSI    00000406 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:11:24, Info                  CSI    00000407 [SR] Beginning Verify and Repair transaction
2014-12-24 16:11:31, Info                  CSI    0000040a [SR] Verify complete
2014-12-24 16:11:31, Info                  CSI    0000040b [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:11:31, Info                  CSI    0000040c [SR] Beginning Verify and Repair transaction
2014-12-24 16:11:39, Info                  CSI    00000419 [SR] Verify complete
2014-12-24 16:11:39, Info                  CSI    0000041a [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:11:39, Info                  CSI    0000041b [SR] Beginning Verify and Repair transaction
2014-12-24 16:11:48, Info                  CSI    00000448 [SR] Verify complete
2014-12-24 16:11:48, Info                  CSI    00000449 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:11:48, Info                  CSI    0000044a [SR] Beginning Verify and Repair transaction
2014-12-24 16:11:56, Info                  CSI    00000451 [SR] Verify complete
2014-12-24 16:11:56, Info                  CSI    00000452 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:11:56, Info                  CSI    00000453 [SR] Beginning Verify and Repair transaction
2014-12-24 16:12:03, Info                  CSI    00000459 [SR] Verify complete
2014-12-24 16:12:04, Info                  CSI    0000045a [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:12:04, Info                  CSI    0000045b [SR] Beginning Verify and Repair transaction
2014-12-24 16:12:11, Info                  CSI    0000045d [SR] Verify complete
2014-12-24 16:12:11, Info                  CSI    0000045e [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:12:11, Info                  CSI    0000045f [SR] Beginning Verify and Repair transaction
2014-12-24 16:12:18, Info                  CSI    00000460 [SR] Verify complete
2014-12-24 16:12:18, Info                  CSI    00000461 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:12:18, Info                  CSI    00000462 [SR] Beginning Verify and Repair transaction
2014-12-24 16:12:26, Info                  CSI    00000468 [SR] Verify complete
2014-12-24 16:12:26, Info                  CSI    00000469 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:12:26, Info                  CSI    0000046a [SR] Beginning Verify and Repair transaction
2014-12-24 16:12:35, Info                  CSI    00000473 [SR] Verify complete
2014-12-24 16:12:35, Info                  CSI    00000474 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:12:35, Info                  CSI    00000475 [SR] Beginning Verify and Repair transaction
2014-12-24 16:12:42, Info                  CSI    00000483 [SR] Verify complete
2014-12-24 16:12:42, Info                  CSI    00000484 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:12:42, Info                  CSI    00000485 [SR] Beginning Verify and Repair transaction
2014-12-24 16:12:50, Info                  CSI    0000048f [SR] Verify complete
2014-12-24 16:12:50, Info                  CSI    00000490 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:12:50, Info                  CSI    00000491 [SR] Beginning Verify and Repair transaction
2014-12-24 16:12:56, Info                  CSI    0000049c [SR] Verify complete
2014-12-24 16:12:56, Info                  CSI    0000049d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:12:56, Info                  CSI    0000049e [SR] Beginning Verify and Repair transaction
2014-12-24 16:13:01, Info                  CSI    000004a2 [SR] Verify complete
2014-12-24 16:13:02, Info                  CSI    000004a3 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:13:02, Info                  CSI    000004a4 [SR] Beginning Verify and Repair transaction
2014-12-24 16:13:08, Info                  CSI    000004a6 [SR] Verify complete
2014-12-24 16:13:08, Info                  CSI    000004a7 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:13:08, Info                  CSI    000004a8 [SR] Beginning Verify and Repair transaction
2014-12-24 16:13:17, Info                  CSI    000004a9 [SR] Verify complete
2014-12-24 16:13:17, Info                  CSI    000004aa [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:13:17, Info                  CSI    000004ab [SR] Beginning Verify and Repair transaction
2014-12-24 16:13:27, Info                  CSI    000004af [SR] Verify complete
2014-12-24 16:13:27, Info                  CSI    000004b0 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:13:27, Info                  CSI    000004b1 [SR] Beginning Verify and Repair transaction
2014-12-24 16:13:35, Info                  CSI    000004de [SR] Verify complete
2014-12-24 16:13:35, Info                  CSI    000004df [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:13:35, Info                  CSI    000004e0 [SR] Beginning Verify and Repair transaction
2014-12-24 16:13:41, Info                  CSI    000004f1 [SR] Verify complete
2014-12-24 16:13:41, Info                  CSI    000004f2 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:13:41, Info                  CSI    000004f3 [SR] Beginning Verify and Repair transaction
2014-12-24 16:13:47, Info                  CSI    000004f4 [SR] Verify complete
2014-12-24 16:13:47, Info                  CSI    000004f5 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:13:47, Info                  CSI    000004f6 [SR] Beginning Verify and Repair transaction
2014-12-24 16:13:52, Info                  CSI    000004f7 [SR] Verify complete
2014-12-24 16:13:52, Info                  CSI    000004f8 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:13:52, Info                  CSI    000004f9 [SR] Beginning Verify and Repair transaction
2014-12-24 16:13:59, Info                  CSI    000004fa [SR] Verify complete
2014-12-24 16:13:59, Info                  CSI    000004fb [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:13:59, Info                  CSI    000004fc [SR] Beginning Verify and Repair transaction
2014-12-24 16:14:05, Info                  CSI    000004fd [SR] Verify complete
2014-12-24 16:14:05, Info                  CSI    000004fe [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:14:05, Info                  CSI    000004ff [SR] Beginning Verify and Repair transaction
2014-12-24 16:14:09, Info                  CSI    00000500 [SR] Verify complete
2014-12-24 16:14:09, Info                  CSI    00000501 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:14:09, Info                  CSI    00000502 [SR] Beginning Verify and Repair transaction
2014-12-24 16:14:13, Info                  CSI    00000503 [SR] Verify complete
2014-12-24 16:14:13, Info                  CSI    00000504 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:14:13, Info                  CSI    00000505 [SR] Beginning Verify and Repair transaction
2014-12-24 16:14:18, Info                  CSI    00000506 [SR] Verify complete
2014-12-24 16:14:18, Info                  CSI    00000507 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:14:18, Info                  CSI    00000508 [SR] Beginning Verify and Repair transaction
2014-12-24 16:14:24, Info                  CSI    00000525 [SR] Verify complete
2014-12-24 16:14:24, Info                  CSI    00000526 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:14:24, Info                  CSI    00000527 [SR] Beginning Verify and Repair transaction
2014-12-24 16:14:28, Info                  CSI    00000528 [SR] Verify complete
2014-12-24 16:14:28, Info                  CSI    00000529 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:14:28, Info                  CSI    0000052a [SR] Beginning Verify and Repair transaction
2014-12-24 16:14:37, Info                  CSI    0000052d [SR] Verify complete
2014-12-24 16:14:37, Info                  CSI    0000052e [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:14:37, Info                  CSI    0000052f [SR] Beginning Verify and Repair transaction
2014-12-24 16:14:40, Info                  CSI    00000531 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-12-24 16:14:45, Info                  CSI    00000533 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-12-24 16:14:45, Info                  CSI    00000534 [SR] This component was referenced by [l:166{83}]"Package_2709_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-6825_neutral_GDR"
2014-12-24 16:14:48, Info                  CSI    00000535 [SR] Verify complete
2014-12-24 16:14:49, Info                  CSI    00000536 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:14:49, Info                  CSI    00000537 [SR] Beginning Verify and Repair transaction
2014-12-24 16:14:56, Info                  CSI    00000538 [SR] Verify complete
2014-12-24 16:14:56, Info                  CSI    00000539 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:14:56, Info                  CSI    0000053a [SR] Beginning Verify and Repair transaction
2014-12-24 16:15:02, Info                  CSI    0000053b [SR] Verify complete
2014-12-24 16:15:02, Info                  CSI    0000053c [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:15:02, Info                  CSI    0000053d [SR] Beginning Verify and Repair transaction
2014-12-24 16:15:10, Info                  CSI    0000053e [SR] Verify complete
2014-12-24 16:15:10, Info                  CSI    0000053f [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:15:10, Info                  CSI    00000540 [SR] Beginning Verify and Repair transaction
2014-12-24 16:15:20, Info                  CSI    0000054b [SR] Verify complete
2014-12-24 16:15:20, Info                  CSI    0000054c [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:15:20, Info                  CSI    0000054d [SR] Beginning Verify and Repair transaction
2014-12-24 16:15:26, Info                  CSI    0000054e [SR] Verify complete
2014-12-24 16:15:26, Info                  CSI    0000054f [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:15:26, Info                  CSI    00000550 [SR] Beginning Verify and Repair transaction
2014-12-24 16:15:31, Info                  CSI    000005be [SR] Verify complete
2014-12-24 16:15:31, Info                  CSI    000005bf [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:15:31, Info                  CSI    000005c0 [SR] Beginning Verify and Repair transaction
2014-12-24 16:15:36, Info                  CSI    000005c3 [SR] Verify complete
2014-12-24 16:15:36, Info                  CSI    000005c4 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:15:36, Info                  CSI    000005c5 [SR] Beginning Verify and Repair transaction
2014-12-24 16:15:41, Info                  CSI    000005c6 [SR] Verify complete
2014-12-24 16:15:41, Info                  CSI    000005c7 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:15:41, Info                  CSI    000005c8 [SR] Beginning Verify and Repair transaction
2014-12-24 16:15:45, Info                  CSI    000005c9 [SR] Verify complete
2014-12-24 16:15:45, Info                  CSI    000005ca [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:15:45, Info                  CSI    000005cb [SR] Beginning Verify and Repair transaction
2014-12-24 16:15:53, Info                  CSI    000005ce [SR] Verify complete
2014-12-24 16:15:53, Info                  CSI    000005cf [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:15:53, Info                  CSI    000005d0 [SR] Beginning Verify and Repair transaction
2014-12-24 16:16:00, Info                  CSI    000005e7 [SR] Verify complete
2014-12-24 16:16:00, Info                  CSI    000005e8 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:16:00, Info                  CSI    000005e9 [SR] Beginning Verify and Repair transaction
2014-12-24 16:16:07, Info                  CSI    000005f5 [SR] Verify complete
2014-12-24 16:16:07, Info                  CSI    000005f6 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:16:07, Info                  CSI    000005f7 [SR] Beginning Verify and Repair transaction
2014-12-24 16:16:15, Info                  CSI    00000608 [SR] Verify complete
2014-12-24 16:16:15, Info                  CSI    00000609 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:16:15, Info                  CSI    0000060a [SR] Beginning Verify and Repair transaction
2014-12-24 16:16:19, Info                  CSI    0000060c [SR] Verify complete
2014-12-24 16:16:19, Info                  CSI    0000060d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:16:19, Info                  CSI    0000060e [SR] Beginning Verify and Repair transaction
2014-12-24 16:16:23, Info                  CSI    0000060f [SR] Verify complete
2014-12-24 16:16:23, Info                  CSI    00000610 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:16:23, Info                  CSI    00000611 [SR] Beginning Verify and Repair transaction
2014-12-24 16:16:32, Info                  CSI    0000061f [SR] Verify complete
2014-12-24 16:16:32, Info                  CSI    00000620 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:16:32, Info                  CSI    00000621 [SR] Beginning Verify and Repair transaction
2014-12-24 16:16:41, Info                  CSI    00000626 [SR] Verify complete
2014-12-24 16:16:41, Info                  CSI    00000627 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:16:41, Info                  CSI    00000628 [SR] Beginning Verify and Repair transaction
2014-12-24 16:16:48, Info                  CSI    00000635 [SR] Verify complete
2014-12-24 16:16:48, Info                  CSI    00000636 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:16:48, Info                  CSI    00000637 [SR] Beginning Verify and Repair transaction
2014-12-24 16:16:56, Info                  CSI    00000643 [SR] Verify complete
2014-12-24 16:16:56, Info                  CSI    00000644 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:16:56, Info                  CSI    00000645 [SR] Beginning Verify and Repair transaction
2014-12-24 16:17:05, Info                  CSI    00000657 [SR] Verify complete
2014-12-24 16:17:05, Info                  CSI    00000658 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:17:05, Info                  CSI    00000659 [SR] Beginning Verify and Repair transaction
2014-12-24 16:17:14, Info                  CSI    00000671 [SR] Verify complete
2014-12-24 16:17:14, Info                  CSI    00000672 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:17:14, Info                  CSI    00000673 [SR] Beginning Verify and Repair transaction
2014-12-24 16:17:24, Info                  CSI    000006b9 [SR] Verify complete
2014-12-24 16:17:24, Info                  CSI    000006ba [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:17:24, Info                  CSI    000006bb [SR] Beginning Verify and Repair transaction
2014-12-24 16:17:30, Info                  CSI    000006bc [SR] Verify complete
2014-12-24 16:17:30, Info                  CSI    000006bd [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:17:30, Info                  CSI    000006be [SR] Beginning Verify and Repair transaction
2014-12-24 16:17:36, Info                  CSI    000006c1 [SR] Verify complete
2014-12-24 16:17:36, Info                  CSI    000006c2 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:17:36, Info                  CSI    000006c3 [SR] Beginning Verify and Repair transaction
2014-12-24 16:17:43, Info                  CSI    000006da [SR] Verify complete
2014-12-24 16:17:43, Info                  CSI    000006db [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:17:43, Info                  CSI    000006dc [SR] Beginning Verify and Repair transaction
2014-12-24 16:17:49, Info                  CSI    000006eb [SR] Verify complete
2014-12-24 16:17:49, Info                  CSI    000006ec [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:17:49, Info                  CSI    000006ed [SR] Beginning Verify and Repair transaction
2014-12-24 16:17:56, Info                  CSI    0000070a [SR] Verify complete
2014-12-24 16:17:56, Info                  CSI    0000070b [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:17:56, Info                  CSI    0000070c [SR] Beginning Verify and Repair transaction
2014-12-24 16:18:02, Info                  CSI    00000712 [SR] Verify complete
2014-12-24 16:18:02, Info                  CSI    00000713 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:18:02, Info                  CSI    00000714 [SR] Beginning Verify and Repair transaction
2014-12-24 16:18:08, Info                  CSI    00000717 [SR] Verify complete
2014-12-24 16:18:08, Info                  CSI    00000718 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:18:08, Info                  CSI    00000719 [SR] Beginning Verify and Repair transaction
2014-12-24 16:18:15, Info                  CSI    0000071c [SR] Verify complete
2014-12-24 16:18:15, Info                  CSI    0000071d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:18:15, Info                  CSI    0000071e [SR] Beginning Verify and Repair transaction
2014-12-24 16:18:23, Info                  CSI    0000073f [SR] Verify complete
2014-12-24 16:18:23, Info                  CSI    00000740 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:18:23, Info                  CSI    00000741 [SR] Beginning Verify and Repair transaction
2014-12-24 16:18:29, Info                  CSI    0000074a [SR] Verify complete
2014-12-24 16:18:29, Info                  CSI    0000074b [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:18:29, Info                  CSI    0000074c [SR] Beginning Verify and Repair transaction
2014-12-24 16:18:36, Info                  CSI    00000763 [SR] Verify complete
2014-12-24 16:18:37, Info                  CSI    00000764 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:18:37, Info                  CSI    00000765 [SR] Beginning Verify and Repair transaction
2014-12-24 16:18:40, Info                  CSI    00000766 [SR] Verify complete
2014-12-24 16:18:41, Info                  CSI    00000767 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:18:41, Info                  CSI    00000768 [SR] Beginning Verify and Repair transaction
2014-12-24 16:18:48, Info                  CSI    0000076a [SR] Verify complete
2014-12-24 16:18:48, Info                  CSI    0000076b [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:18:48, Info                  CSI    0000076c [SR] Beginning Verify and Repair transaction
2014-12-24 16:18:57, Info                  CSI    00000776 [SR] Verify complete
2014-12-24 16:18:57, Info                  CSI    00000777 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:18:57, Info                  CSI    00000778 [SR] Beginning Verify and Repair transaction
2014-12-24 16:19:07, Info                  CSI    00000785 [SR] Verify complete
2014-12-24 16:19:07, Info                  CSI    00000786 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:19:07, Info                  CSI    00000787 [SR] Beginning Verify and Repair transaction
2014-12-24 16:19:13, Info                  CSI    00000794 [SR] Verify complete
2014-12-24 16:19:13, Info                  CSI    00000795 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:19:13, Info                  CSI    00000796 [SR] Beginning Verify and Repair transaction
2014-12-24 16:19:20, Info                  CSI    0000079a [SR] Verify complete
2014-12-24 16:19:20, Info                  CSI    0000079b [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:19:20, Info                  CSI    0000079c [SR] Beginning Verify and Repair transaction
2014-12-24 16:19:31, Info                  CSI    000007bd [SR] Verify complete
2014-12-24 16:19:31, Info                  CSI    000007be [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:19:31, Info                  CSI    000007bf [SR] Beginning Verify and Repair transaction
2014-12-24 16:19:37, Info                  CSI    000007c5 [SR] Verify complete
2014-12-24 16:19:37, Info                  CSI    000007c6 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:19:37, Info                  CSI    000007c7 [SR] Beginning Verify and Repair transaction
2014-12-24 16:19:50, Info                  CSI    000007c8 [SR] Verify complete
2014-12-24 16:19:50, Info                  CSI    000007c9 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:19:50, Info                  CSI    000007ca [SR] Beginning Verify and Repair transaction
2014-12-24 16:19:56, Info                  CSI    000007cb [SR] Verify complete
2014-12-24 16:19:56, Info                  CSI    000007cc [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:19:56, Info                  CSI    000007cd [SR] Beginning Verify and Repair transaction
2014-12-24 16:20:03, Info                  CSI    000007de [SR] Verify complete
2014-12-24 16:20:03, Info                  CSI    000007df [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:20:03, Info                  CSI    000007e0 [SR] Beginning Verify and Repair transaction
2014-12-24 16:20:08, Info                  CSI    000007e2 [SR] Verify complete
2014-12-24 16:20:08, Info                  CSI    000007e3 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:20:08, Info                  CSI    000007e4 [SR] Beginning Verify and Repair transaction
2014-12-24 16:20:13, Info                  CSI    000007e9 [SR] Verify complete
2014-12-24 16:20:13, Info                  CSI    000007ea [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:20:13, Info                  CSI    000007eb [SR] Beginning Verify and Repair transaction
2014-12-24 16:20:19, Info                  CSI    000007ee [SR] Verify complete
2014-12-24 16:20:19, Info                  CSI    000007ef [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:20:19, Info                  CSI    000007f0 [SR] Beginning Verify and Repair transaction
2014-12-24 16:20:25, Info                  CSI    000007f4 [SR] Verify complete
2014-12-24 16:20:25, Info                  CSI    000007f5 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:20:25, Info                  CSI    000007f6 [SR] Beginning Verify and Repair transaction
2014-12-24 16:20:31, Info                  CSI    000007fc [SR] Verify complete
2014-12-24 16:20:31, Info                  CSI    000007fd [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:20:31, Info                  CSI    000007fe [SR] Beginning Verify and Repair transaction
2014-12-24 16:20:36, Info                  CSI    00000801 [SR] Verify complete
2014-12-24 16:20:36, Info                  CSI    00000802 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:20:36, Info                  CSI    00000803 [SR] Beginning Verify and Repair transaction
2014-12-24 16:20:42, Info                  CSI    00000808 [SR] Verify complete
2014-12-24 16:20:42, Info                  CSI    00000809 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:20:42, Info                  CSI    0000080a [SR] Beginning Verify and Repair transaction
2014-12-24 16:20:47, Info                  CSI    0000080c [SR] Verify complete
2014-12-24 16:20:47, Info                  CSI    0000080d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:20:47, Info                  CSI    0000080e [SR] Beginning Verify and Repair transaction
2014-12-24 16:20:53, Info                  CSI    00000810 [SR] Verify complete
2014-12-24 16:20:53, Info                  CSI    00000811 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:20:53, Info                  CSI    00000812 [SR] Beginning Verify and Repair transaction
2014-12-24 16:20:59, Info                  CSI    00000816 [SR] Verify complete
2014-12-24 16:20:59, Info                  CSI    00000817 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:20:59, Info                  CSI    00000818 [SR] Beginning Verify and Repair transaction
2014-12-24 16:21:06, Info                  CSI    00000819 [SR] Verify complete
2014-12-24 16:21:06, Info                  CSI    0000081a [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:21:06, Info                  CSI    0000081b [SR] Beginning Verify and Repair transaction
2014-12-24 16:21:13, Info                  CSI    0000081c [SR] Verify complete
2014-12-24 16:21:13, Info                  CSI    0000081d [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:21:13, Info                  CSI    0000081e [SR] Beginning Verify and Repair transaction
2014-12-24 16:21:17, Info                  CSI    0000081f [SR] Verify complete
2014-12-24 16:21:17, Info                  CSI    00000820 [SR] Verifying 100 (0x0000000000000064) components
2014-12-24 16:21:17, Info                  CSI    00000821 [SR] Beginning Verify and Repair transaction
2014-12-24 16:21:24, Info                  CSI    00000822 [SR] Verify complete
2014-12-24 16:21:24, Info                  CSI    00000823 [SR] Verifying 41 (0x0000000000000029) components
2014-12-24 16:21:24, Info                  CSI    00000824 [SR] Beginning Verify and Repair transaction
2014-12-24 16:21:27, Info                  CSI    00000827 [SR] Verify complete
2014-12-24 16:21:27, Info                  CSI    00000828 [SR] Repairing 1 components
2014-12-24 16:21:27, Info                  CSI    00000829 [SR] Beginning Verify and Repair transaction
2014-12-24 16:21:27, Info                  CSI    0000082b [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-12-24 16:21:27, Info                  CSI    0000082d [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-12-24 16:21:27, Info                  CSI    0000082e [SR] This component was referenced by [l:166{83}]"Package_2709_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-6825_neutral_GDR"
2014-12-24 16:21:27, Info                  CSI    0000082f [SR] Repair complete
2014-12-24 16:21:27, Info                  CSI    00000830 [SR] Committing transaction
2014-12-24 16:21:27, Info                  CSI    00000835 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

When SFC finished ("verification 100% complete") it reported:

 

"Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. Note that logging is currently not supported in offline servicing scenarios."

 

However, when I looked at the file "SFCdetails.txt" (above) it said:

 

"Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired"

 

These two statements would appear to be in conflict...

 

When I looked through the "SFCdetails.txt" file the only problems I could see are the following lines:

 

2014-12-24 16:14:40, Info                  CSI    00000531 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-12-24 16:14:45, Info                  CSI    00000533 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-12-24 16:14:45, Info                  CSI    00000534 [SR] This component was referenced by [l:166{83}]"Package_2709_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-6825_neutral_GDR"

 

...and the following lines:

 

2014-12-24 16:21:27, Info                  CSI    0000082b [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-12-24 16:21:27, Info                  CSI    0000082d [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2014-12-24 16:21:27, Info                  CSI    0000082e [SR] This component was referenced by [l:166{83}]"Package_2709_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-6825_neutral_GDR"

 

These lines are complaining that SFC was unable to repair files related to the use of an AMD64 CPU.  Can I just ignore these errors given that the machine we're looking at has an Intel Core2 CPU?



#4 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 25 December 2014 - 11:47 AM

Hello there,

 

Please open an elevated command prompt (right-click and select run as admin) and type the following: Dism /Online /Cleanup-Image /RestoreHealth

:step1: Please uninstall some programs
 
There's currently some programs on your PC that we need to remove, for the time-being at least. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • SlimCleaner

If any programs listed above aren't in Programs and Features, you can just skip them. Please download JavaRa from here and once opened it, select 'remove JRE' (If that's not there, select remove Java Runtime). Make sure you skip the re-install Java option!

:step2: Please download rKill to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)
  • The tool will run and then a log file should open.
  • Please post the contents of it in your next reply.

Please don't restart your computer before running the next step.

:step3: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step4: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

:step5: Please visit the ESET Online Scanner webpage
:exclame: Internet Explorer MUST be used for this step.  :exclame:

  • Click the checkbox next to 'Yes, I accept the Terms of Use' and click start.
  • Select the checkboxes which are displayed in the picture below.

jqnp8z.png

  • Press start and the scan will now begin - this scan will take a long time.
  • When the scand finished, select list threats and then export.
  • Choose a name for the log (e.g ESET) and click save (to your desktop)
  • Press the back button and then click finish. Please include the contents of the log in your reply.

 



#5 WTW

WTW
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:29 PM

Posted 26 December 2014 - 02:02 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

DISM Execution

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

C:\>dism /online /cleanup-Image /RestoreHealth

Deployment Image Servicing and Management tool
Version: 6.3.9600.17031

Image Version: 6.3.9600.17031

[==========================100.0%==========================]
The restore operation completed successfully. The component store corruption was repaired.
The operation completed successfully.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uninstalls...

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Uninstalled SlimCleaner

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

JavaRa - Filename:  JavaRa-12-25-2014.log

Note: I ran this several times as it didn't appear to have done anything.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

User initialised redundant data purge.
......................

Exception encountered in module [JavaRa]
Message: Cannot delete a subkey tree because the subkey does not exist.
   at Microsoft.Win32.RegistryKey.DeleteSubKeyTreeInternal(String subkey)
   at Microsoft.Win32.RegistryKey.DeleteSubKeyTree(String subkey)
   at JavaRa.routines_registry.delete_key(String key)

Removal routine completed successfully. 0 items have been deleted.
User initialised redundant data purge.
......................

Exception encountered in module [JavaRa]
Message: Cannot delete a subkey tree because the subkey does not exist.
   at Microsoft.Win32.RegistryKey.DeleteSubKeyTreeInternal(String subkey)
   at Microsoft.Win32.RegistryKey.DeleteSubKeyTree(String subkey)
   at JavaRa.routines_registry.delete_key(String key)

Removal routine completed successfully. 0 items have been deleted.
User initialised redundant data purge.
......................

Exception encountered in module [JavaRa]
Message: Cannot delete a subkey tree because the subkey does not exist.
   at Microsoft.Win32.RegistryKey.DeleteSubKeyTreeInternal(String subkey)
   at Microsoft.Win32.RegistryKey.DeleteSubKeyTree(String subkey)
   at JavaRa.routines_registry.delete_key(String key)

Removal routine completed successfully. 0 items have been deleted.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

rKill.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Rkill 2.6.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/25/2014 11:49:20 PM in x64 mode.
Windows Version: Windows 8.1 Pro

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 12/25/2014 11:49:36 PM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner[S0].txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

# AdwCleaner v4.106 - Report created 25/12/2014 at 23:58:22
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : William - 3GHZCLONE-PC
# Running from : C:\Software\Security_Software\Anti-Malware\Xplode\AdwCleaner\v.4.106\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Software

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

*************************

AdwCleaner[R0].txt - [1607 octets] - [25/12/2014 23:53:29]
AdwCleaner[S0].txt - [1546 octets] - [25/12/2014 23:58:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1606 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

JRT.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 Pro x64
Ran by William on Fri 12/26/2014 at  0:19:41.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 12/26/2014 at  0:22:19.11
End of JRT log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2014.12.26 - ESET Online Scanner Log.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

C:\AdwCleaner\Quarantine\C\Software\CutePDF\CuteWriter\v3.0\CuteWriter.exe.vir a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Software\Piriform\CCleaner\v4.19.4867_(2014.10.24)\ccsetup419.exe.vir Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Software\Piriform\CCleaner\v5.00.5050_(2014.11.25)\ccsetup500.exe.vir Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Software\Piriform\CCleaner\v5.01.5075_(2014.12.18)\ccsetup501.exe.vir Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Software\Winzip\wzsus18.exe.vir a variant of Win32/Systweak.N potentially unwanted application deleted - quarantined
C:\Malware\Air_Software\SoftwareUpdater\Software_Update.exe.Do.Not.Run a variant of Win32/AirAdInstaller.E potentially unwanted application deleted - quarantined

 



#6 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 26 December 2014 - 04:55 AM

Can you let me know how the PC is running now?



#7 WTW

WTW
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 26 December 2014 - 10:24 AM

The PC seems to be behaving normally, but since the malware was installed (on 2014.12.18) I've been avoiding using it for anything other than running scans, etc...

 

A couple questions:

 

1 - Did you see any evidence of any malware (viruses, spyware, key loggers, crypto ransomeware, root kits, adware, etc...) lingering about?

 

2 - When I initially realized that malware was installed I immediately unplugged my USB-attached file storage in order to avoid anything happening to my files.  When my PC is deemed malware-free I will want to plug that back in.  With what tools do you recommend that I scan my USB-attached file system to be sure that nothing there was infected?

 

Thanks again for all the help...!



#8 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 26 December 2014 - 10:34 AM

Glad your issue is now resolved. From the scans you provided me with, there seemed to be some adware, but that was all removed.
 

If you would like to check your removable devices for malware, I'd recommend installing MCShield. After that, plug in the removable devices, then open MCShield and visit the 'scanner' tab. Leave all the boxes the same and click bulletproof - the scan will now begin on the removable devices.

 

For one last final step, please download Delfix from here and save it to your desktop. Right-click it and select run as administrator. Select the following and press run:

  • Remove disinfection tools
  • Purge system restore

To prevent infections in the future, I recommend you install the programs below:

Happy surfing!


Edited by LighthouseParty, 26 December 2014 - 10:35 AM.


#9 WTW

WTW
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:29 PM

Posted 26 December 2014 - 02:01 PM

Thanks.  McShield reported that my USB-attached file system is clean.

 

I had a "C:\Software" folder where I kept various install files.  It seems that AdwCleaner moved this folder, together with all of the subfolders and many hundreds of files to:

 

C:\AdwCleaner\Quarantine\C\Software

 

Fortunately, it appears that it at least kept everything all together so I won't need to figure out where everything went and put it back together.  However, it appended all the file names with a ".vir" extention.  Two questions:

 

1 - Why did AdwCleaner single out my "Software" directory for this treatment?

2 - Do you know if it is possible for me to have AdwCleaner undo this?

 

Thanks again...



#10 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 26 December 2014 - 02:43 PM

It's possible that there was malware installed in that folder.



#11 WTW

WTW
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 26 December 2014 - 09:26 PM

Thanks again for your help and advice...!

 

Most of what was in my C:\Software folder were programs I downloaded from bleepingcomputer.com in the last week; the few other things were from other reliable sources.  I'm thinking that anti-malware software itself probably looks like malware to other anti-malware programs and wonder if this might be a "false positive" result on the part of AdwCleaner.  But, I suppose there could be something in there that has malware embedded in it.

 

Unless I'm missing something the only program you had me run that was concerned with the whole of the C:\Software directory was AdwCleaner.  When I ran the ESET Online Scanner, it was concerned with CutePDF Writer and CCleaner, and found these where AdwCleaner had moved them and moved them to it's own quarantine (C:\Program Files (x86)\ESET\ESET Online Scanner\Quarantine).

 

In any case, I found a C:\AdwCleaner\Quarantine\Quarantine.txt file that logged the files that AdwCleaner quarantined.  Also, I poked around in AdwCleaner and discovered that if I go to the Tools menu I can bring up a "Quarantine Manager" that will permit me to "Restore" the quarantined files and folders.  Presumably, it will also remove the ".vir" that AdwCleaner appended to all the file names when it initially quarantined them.

 

Earlier, you asked for me to uninstall a couple programs "for the time-being" those being:

 

1 - SlimCleaner

2 - Java Runtime (JRE)

 

So that I can better understand the process, why did you ask for me to uninstall these two programs?  Would they have interfered with one of the corrective procedures you had me run?  Also, now that my machine has a clean bill of health, can you think of any reason why I should not reinstall these two programs?

 

Thanks again...



#12 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 27 December 2014 - 05:17 AM

I don't recommend SlimCleaner, due to the reason that they offer a "driver updated" which from my experiences, has made people have to re-install Windows due to the incorrect drivers being installed. In addition to that, they offer a registry cleaner which is not needed and can cause serious problems.

 

If you would like to 'clean out' your computer once in a while, I recommend CCleaner.

 

Java has now become an unnecessary security risk and has made a number of PCs vulnerable to attacks.



#13 WTW

WTW
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:29 PM

Posted 27 December 2014 - 11:10 AM

I've been using CCleaner for some time to remove junk from my PC, so I can live without SlimCleaner.  Java is another story as many of the sites I use require it.  Do you have any suggestions for how I might use Java safely?

 

Thanks again for your help and advice...!



#14 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 27 December 2014 - 11:29 AM

You may install Java again, but you MUST make sure it is updated as soon as a new version arrives.

 

If you use an out-dated version, you're PC will be vulnerable.



#15 WTW

WTW
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  

Posted 29 December 2014 - 07:14 AM

I'll definitely install updates for Java as they are made available.

You mentioned that one of the reasons you would stay away from SlimCleaner is that it includes a registry cleaner, which you feel to be unnecessary and could cause problems. CCleaner also includes a registry cleaner and I have used it on many occassions. Would you recommend not using the registry cleaner in CCleaner either, or have you found the registry cleaner included in CCleaner to be less problematic than the one included in SlimCleaner?

Thanks again...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users