# Blue Screen of Death



## skyla07 (Nov 3, 2012)

So I have been getting the blue screen of death for a little while now, and nothing has really been out of the ordinary until about 3 days ago. I opened up itunes to download some more music, and all of my itunes files were gone. I opened up my music and all of those files were completely gone too. I tried doing a system restore, but it said that it was unable to because there were corrupt files in my OS. Have tried doing checks when the computer restarts, but the check never happens. Not sure what else to do at this point. Any help is greatly appreciated, thanks so much in advance!

Here is the hijack log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:55:50 AM, on 11/3/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe
C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Users\coocabarra2\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120625154048.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: ooVoo toolbar, powered by Ask.com - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\SysWOW64\bgsvcgen.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcx_device - - C:\Windows\system32\dlcxcoms.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
O23 - Service: Movielink Core Service - Blockbuster - C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\WINDOWS\SysWOW64\rpcnet.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13924 bytes

*Here is the DDS.txt:

*DDS (Ver_2012-10-19.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33
Run by coocabarra2 at 9:56:58 on 2012-11-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3032.1870 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\SysWOW64\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dlcxcoms.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\WINDOWS\SysWOW64\rpcnet.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conhost.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Absolute Software\LoJack for Laptops notifier\LoJackNotifier.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\vds.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Users\coocabarra2\Desktop\HijackThis.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120625154048.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: ooVoo toolbar, powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: ooVoo toolbar, powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe
StartupFolder: C:\Users\COOCAB~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3BF81B56-9BAD-4D4F-938F-424534C24709} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3BF81B56-9BAD-4D4F-938F-424534C24709}\2375942554036393 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{3BF81B56-9BAD-4D4F-938F-424534C24709}\461667560393 : DHCPNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120625154048.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [MemoryCardManager] "C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe"
x64-Run: [DLCXCATS] rundll32 C:\Windows\System32\spool\DRIVERS\x64\3\DLCXtime.dll,RunDLLEntry
x64-Run: [dlcxmon.exe] "C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe"
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\coocabarra2\AppData\Roaming\Mozilla\Firefox\Profiles\7u3nc8oj.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\coocabarra2\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Users\coocabarra2\AppData\Roaming\Mozilla\Firefox\Profiles\7u3nc8oj.default\extensions\[email protected]\plugins\npwidevinemediatransformer.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-4-14 752672]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-6-30 335784]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-1-18 55856]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 dlcx_device;dlcx_device;C:\Windows\System32\dlcxcoms.exe -service --> C:\Windows\System32\dlcxcoms.exe -service [?]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-25 201304]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-25 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-25 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-25 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-6-30 237920]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-6-30 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-6-30 177144]
R2 MotoConnect Service;MotoConnect Service;C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-8-2 91456]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-1-18 656624]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-6-30 69672]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-6-30 300392]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-6-30 513456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-1-18 215552]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-12 135664]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-29 250808]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-23 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-12 135664]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-10-25 196440]
S3 Leapfrog-USBLAN;Leapfrog-USBLAN;C:\Windows\System32\drivers\btblan.sys [2011-11-12 40320]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-6-30 106112]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2009-6-19 20992]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2010-1-25 10240]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-6 115168]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-29 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-15 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .reg: Applications\regedit.exe="C:\WINDOWS\regedit.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2012-11-03 04:37:14 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E27FB21B-EE7E-444B-A8C1-F7CB18EB3C7A}\mpengine.dll
2012-11-02 17:49:08 -------- d-----w- C:\Program Files (x86)\Full Uninstall
2012-10-27 17:31:26 261600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\components\browsercomps.dll
2012-10-27 17:31:25 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\breakpadinjector.dll
2012-10-27 17:31:25 18912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll
2012-10-26 04:09:57 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-10-26 04:09:57 157272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-10-25 16:09:07 196440 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2012-10-10 18:35:12 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-10-10 18:35:09 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-10-10 18:35:07 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-10-10 18:35:07 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-10-10 18:33:48 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-10-10 18:33:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-10-10 18:33:27 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-10 18:33:27 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-10-10 18:32:55 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-10-10 18:32:55 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-10-10 18:32:40 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-10 18:32:39 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-10 18:32:39 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-10 18:32:38 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-10 18:32:38 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-10 18:32:38 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
.
==================== Find3M ====================
.
2012-11-03 16:40:51 17920 ----a-w- C:\Windows\System32\rpcnetp.exe
2012-11-03 16:40:49 58288 ----a-w- C:\Windows\SysWow64\rpcnet.dll
2012-10-10 03:25:55 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-10 03:25:55 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-30 02:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-04 18:30:12 38912 ----a-w- C:\Windows\SysWow64\identprv.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-08-21 20:01:20 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-08-21 20:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-08-21 20:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 9:58:04.39 ===============

*Here is the attach.txt:

*.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-19.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 6/10/2010 10:45:34 PM
System Uptime: 11/3/2012 9:40:13 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0G848F
Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz | Microprocessor | 2100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 218 GiB total, 58.534 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP228: 10/2/2012 1:11:06 PM - Windows Update
RP229: 10/10/2012 9:08:39 AM - Windows Update
RP230: 10/11/2012 3:01:26 AM - Windows Update
RP231: 10/16/2012 12:32:00 PM - Windows Update
RP232: 10/23/2012 5:18:07 PM - Windows Update
RP233: 10/26/2012 9:32:57 PM - Windows Update
RP234: 10/30/2012 12:16:33 PM - Windows Update
RP235: 11/2/2012 9:36:30 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.2
Adobe Shockwave Player 11.6
Airport Mania 2: Wild Trips
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Banctec Service Agreement
Big Fish Games: Game Manager
BitTorrent
BLOCKBUSTER Movielink
Bonjour
Burger Bustle
Burger Bustle: Ellie's Organics
calibre
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Complete Care Consumer Service Agreement
ConvertXtoDVD 4.1.2.336
Cooking Dash
Cooking Dash - DinerTown Studios
Cooking Dash 3: Thrills and Spills Collector's Edition
Cozi
D3DX10
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell Getting Started Guide
Dell Photo AIO Printer 926
Dell Support Center
Dell Touchpad
Dell Wireless WLAN Card Utility
Diner Dash 5: Boom
Facebook Plug-In
Farm Mania
Farm Mania 2
Farm Mania: Hot Vacation
Feedback Tool
FreeOCR 3.0
Full Uninstall version 2.11
Google Earth
Google Update Helper
GoToAssist 8.0.0.514
Hobby Farm
Hotel Dash 2: Lost Luxuries
Hotel Dash: Suite Success
iCloud
Intel(R) Graphics Media Accelerator Driver
Intel(R) Rapid Storage Technology
Intel® Matrix Storage Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 33
Junk Mail filter update
LeapFrog Connect
LeapFrog LeapPad Explorer Plugin
LeapFrog Leapster Explorer Plugin
LoJack for Laptops Notifier
Malwarebytes Anti-Malware version 1.65.1.1000
McAfee SecurityCenter
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MotoConnect
Motorola Driver Installation 4.6.0
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Oasis
ooVoo
ooVoo toolbar, powered by Ask.com Updater
Photomatix Pro version 3.2.9
Pioneer Lands
PlayReady PC Runtime x86
PowerDVD DX
Quickset64
QuickTime
R for Windows 2.15.1
Recuva
Registry Life version 1.40
Roads of Rome II
Roxio Burn
Scholastic eReader Support Files
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition 
Shared C Run-time for x64
SimpleOCR 3.1
Skype 5.10
Soap Opera Dash
Storia
Supermarket Mania ® 2
swMSM
Top Chef
TotalAudioConverter
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
Veetle TV 0.9.18
VideoCam Suite 3.0
Wedding Dash
Wedding Dash 4-Ever
Wedding Dash: Ready, Aim, Love
WildTangent Games
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.01 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
11/2/2012 10:37:13 AM, Error: Service Control Manager [7034] - The Dock Login Service service terminated unexpectedly. It has done this 1 time(s).
11/2/2012 10:24:10 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
11/1/2012 8:31:06 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00009088 (0xfffff8800573b880, 0xfffff8800573b884, 0xfffff8800573b888, 0xfffff8800573b88c). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 110112-72790-01.
11/1/2012 2:39:16 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mcmscsvc service.
11/1/2012 2:38:46 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNASvc service.
11/1/2012 2:38:16 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McMPFSvc service.
11/1/2012 2:37:46 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McAfee SiteAdvisor Service service.
11/1/2012 11:26:48 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
11/1/2012 10:19:27 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
10/31/2012 9:15:02 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNaiAnn service.
10/31/2012 9:11:58 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
10/30/2012 9:24:34 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
10/30/2012 9:24:31 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/30/2012 9:24:29 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
10/29/2012 3:37:12 PM, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).
10/29/2012 3:35:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
10/29/2012 3:35:45 PM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/29/2012 3:35:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
10/27/2012 4:01:39 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The pipe has been ended.
10/27/2012 4:01:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "109" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
10/27/2012 10:02:35 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2.
.
==== End Of File ===========================

*Don't have the arc.txt log because I have a 64-bit OS. Thanks!*


----------



## Mark1956 (May 7, 2011)

Hi, my name is Mark and I will be helping you.

*IMPORTANT*:* Please take the time to read this first.*
For the *benefit of others* that are waiting for help please try to respond *as fast as you can *and make sure you *read all of the instructions* I will be giving you to follow. Time spent waiting for replies or having to repeat questions keeps *other people waiting in the queue* for help.

I am in Spain at GMT+1 hour, I check my emails several times a day so will usually reply to your responses within a few hours or less unless it is night time here. During the evening here I will usually reply within minutes. Please *try to do the same* for a swift clean up. Some Malware needs to be dealt with quickly or it will multiply and become deeply embedded in your system and *more difficult to find and remove*, so quick replies will have *more than one benefit.*

Keep in mind that *I cannot see your PC*, so please give as much detail as possible if something goes wrong or you receive any error messages.

Malware can be unpredictable and often time consuming to remove, on rare occasions something can go awry and your system may need to have Windows re-installed. Please make sure before we start that you have *copies of all your important data* saved to an external hard drive or CD/DVD's. Please make sure you *disconnect any external hard drives and/or Flash drives* during the clean up.

If you have run *any scans that found an infection* please let me know.

*DO NOT* run any scans or make any changes that I have not asked you to do as this can cause misleading results and make my job much harder in trying to help you. Please also uninstall *any file sharing software* i.e. uTorrent, BitTorrent, etc, if you insist on keeping it *do not use it* until we are finished. Use of file sharing software is one of the easiest ways to get your PC infected.

If I get *no reply from you for two days* I will mark the thread as Solved and move on to helping someone else. If you know you will be unable to reply for any length of time please let me know in advance.

Please* don't abandon the thread* as soon as your PC starts to work normally again as there will be other* important checks* to make to help protect your system from re-infection. It is also important to follow the correct procedure when removing the tools used to ensure *all quarantined infections are completely removed and infected Restore Points are safely deleted.
*
Stick with me and we can quickly clean up your PC, if you *cannot dedicate the time* then a Reformat and Re-install will be your quickest option.

________________________________________________________________________________________

Please uninstall:
BitTorrent 
Java 6 Update 33

Please follow this to post your minidump files, if they cannot be found at C:\Windows\minidump look for C:\Windows\MEMORY.DMP

First locate your minidump files, open *Windows Explorer* and click on the *C:* drive in the left pane, in the right pane look down the list of folders and double click on *Windows* to view its contents._ *NOTE:* If your operating system is installed under a different drive letter then look there._ Scroll down the contents of the *Windows* folder and look for a folder called *minidump* and double click on it. You should now see the *minidump* files will have a *.dmp* extension.

Zip up at least 6 of the most recent files into *one* zip folder (if there are less then just zip up what you have).

*NOTE:* To zip up the files in Windows (all versions). Right click the file, click on* Send To*, and then click
*Compressed (zipped) Folder*. That will create a zip folder containing a copy of the file, you should see it appear.

If there is more than one *.dmp* file click on the first one, hold down the shift key and then click on the last one. That should highlight all the files. Then right click in the highlighted area, click on *Send To*, and then click *Compressed (zipped) Folder*.




Below the *Message Box* click on *Go Advanced*. Then scroll down until you see a button, *Manage Attachments*. Click on that and a new window opens.
Click on the *Browse* button, find the zip folder you made earlier and click on it so it becomes highlighted.
Now click on the *Upload* button. Wait for the Upload to complete, it will appear just below the *Browse* box.
When done, click on the *Close this window* button at the top of the page.
Enter your message-text in the message box, then click on *Submit Message/Reply.*

*NOTE:* If no minidump files can be found please follow this to check the settings.

Click on Start > Control Panel > System > Advanced System Settings (in the left hand pane) > Settings button for Startup and Recovery. In the System Failure box make these settings.

Check > Write an event to the system log.
Check > Automatically restart.
Select > 'Small Memory Dump' in the Write debugging information box.
Small Dump Directory should read %SystemRoot%\Minidump.

Check at the bottom of the box that "Overwrite any existing file" is not checked. If it is you will have to go back to the "Write debugging information" box, change "Small memory dump" to "Complete memory dump" then you can uncheck the "Overwrite any existing file" box. Then go back and reset "complete memory dump" back to "Small memory dump". Heaven knows why microsoft designed it that way.

Hit OK, OK again and close the System box.

_________________________________________________________________


> Have tried doing checks when the computer restarts, but the check never happens.


Please tell me what checks you tried, have you tried the System File Checker (sfc /scannow) or the Disc Check (chkdsk /r).

__________________________________________________________________

Please run these two scans and post the logs:

*SCAN 1*
Click on this link to download : ADWCleaner

 and save it to your desktop.

*NOTE:* If using Internet Explorer and you get an alert that stops the program downloading click on *Tools > Smartscreen Filter > Turn off

Smartscreen Filter* then click on *OK* in the box that opens. Then click on the link again.

Close your browser and click on this icon on your desktop:









You will then see the screen below, click on the *Delete* button (as indicated), accept any prompts that appear and allow it to reboot the PC.

When the PC has rebooted you will be presented with the report, copy & paste it into your next post.










*SCAN 2*
Download RogueKiller (by tigzy) and save direct to your Desktop.
On the web page click on this:










Quit all running programs 
Start RogueKiller.exe 
Wait until Prescan has finished. 
Ensure all boxes are ticked under "Report" tab. 
Click on Scan. 
Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
NOTE: *DO NOT attempt to remove anything that the scan detects.*


----------



## skyla07 (Nov 3, 2012)

Thank you very much for your quick response. I am going to start following all of your instructions now!


----------



## skyla07 (Nov 3, 2012)

I am trying to zip the dmp files, but everytime I click send to compressed file, it says "File not found, or no read permission."


----------



## skyla07 (Nov 3, 2012)

I am not sure if it worked or not. After I got the error message, there was a zipped file in with the other dmp files. Please let me know if it worked or not


----------



## skyla07 (Nov 3, 2012)

I have done both scans, sfc /scannow and chkdsk /r. The sfc/ scannnow found some things, but couldn't repair all of them I believe, and then when I did chkdsk /r, it said that it couldn't do it while the system was in use, and would you like to do it upon restart, and I said y, and it never did it when I restarted, and I tried it several times.

I am not sure if you want me to move onto the scans if I haven't resolved the dmp zip file issue


----------



## skyla07 (Nov 3, 2012)

I went ahead and did the scans anyway. The dmp files seemed to not pertain to the scans. Here are the results of the scans:

*ADWcleaner:

*# AdwCleaner v2.006 - Logfile created 11/03/2012 at 14:04:48
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : coocabarra2 - COOCABARRA2-PC
# Boot Mode : Normal
# Running from : C:\Users\coocabarra2\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Users\coocabarra2\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\coocabarra2\AppData\Roaming\Mozilla\Firefox\Profiles\7u3nc8oj.default\Conduit
Folder Deleted : C:\Users\coocabarra2\AppData\Roaming\Mozilla\Firefox\Profiles\7u3nc8oj.default\extensions\[email protected]
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{DD7C44CC-0F60-4FD9-A38F-5CF30D698AC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dca-bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000059881.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000059881.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F2CF666-0EC7-418E-B86A-459AD43BCAB1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD05B915-F77B-474A-9D42-9FEEAF5475C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default 
File : C:\Users\coocabarra2\AppData\Roaming\Mozilla\Firefox\Profiles\7u3nc8oj.default\prefs.js

Deleted : user_pref("CT2438727..clientLogIsEnabled", true);
Deleted : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2438727.AppTrackingLastCheckTime", "Fri Jun 10 2011 18:42:12 GMT-0700 (Pacific Daylight[...]
Deleted : user_pref("CT2438727.CTID", "CT2438727");
Deleted : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT2438727.CurrentServerDate", "17-6-2011");
Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2438727.DialogsGetterLastCheckTime", "Tue Mar 22 2011 16:29:16 GMT-0700 (Pacific Daylig[...]
Deleted : user_pref("CT2438727.DownloadReferralCookieData", "");
Deleted : user_pref("CT2438727.EnableSearchHistory", false);
Deleted : user_pref("CT2438727.EnableSearchSuggest", false);
Deleted : user_pref("CT2438727.FirstServerDate", "10-6-2010");
Deleted : user_pref("CT2438727.FirstTime", true);
Deleted : user_pref("CT2438727.FirstTimeFF3", true);
Deleted : user_pref("CT2438727.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2438727.GroupingInvalidateCache", false);
Deleted : user_pref("CT2438727.GroupingLastCheckTime", "0");
Deleted : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2438727.HasUserGlobalKeys", true);
Deleted : user_pref("CT2438727.Initialize", true);
Deleted : user_pref("CT2438727.InitializeCommonPrefs", true);
Deleted : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2438727.InstalledDate", "Thu Jun 10 2010 23:38:42 GMT-0700 (Pacific Daylight Time)");
Deleted : user_pref("CT2438727.InvalidateCache", false);
Deleted : user_pref("CT2438727.IsGrouping", false);
Deleted : user_pref("CT2438727.IsMulticommunity", false);
Deleted : user_pref("CT2438727.IsOpenThankYouPage", true);
Deleted : user_pref("CT2438727.IsOpenUninstallPage", true);
Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Thu Jun 16 2011 10:22:26 GMT-0700 (Pacific Dayligh[...]
Deleted : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2438727.LastLogin_2.5.8.6", "Tue Jul 20 2010 08:30:14 GMT-0700 (Pacific Daylight Time)"[...]
Deleted : user_pref("CT2438727.LastLogin_2.7.1.3", "Tue Mar 22 2011 14:50:54 GMT-0700 (Pacific Daylight Time)"[...]
Deleted : user_pref("CT2438727.LastLogin_3.3.3.2", "Mon May 23 2011 21:28:34 GMT-0700 (Pacific Daylight Time)"[...]
Deleted : user_pref("CT2438727.LastLogin_3.3.5.1", "Thu Jun 16 2011 23:13:13 GMT-0700 (Pacific Daylight Time)"[...]
Deleted : user_pref("CT2438727.LatestVersion", "3.3.5.1");
Deleted : user_pref("CT2438727.Locale", "en");
Deleted : user_pref("CT2438727.LoginCache", 4);
Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2438727.MCDetectTooltipShow", false);
Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2438727.RadioLastCheckTime", "0");
Deleted : user_pref("CT2438727.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT2438727.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2438727.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2438727.SearchBoxWidth", 160);
Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Deleted : user_pref("CT2438727.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Thu Jun 16 2011 10:22:25 GMT-0700 (Pacific Dayli[...]
Deleted : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2438727.ServiceMapLastCheckTime", "Thu Jun 16 2011 10:22:26 GMT-0700 (Pacific Daylight [...]
Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Thu Jun 16 2011 21:49:59 GMT-0700 (Pacific Daylight Ti[...]
Deleted : user_pref("CT2438727.SettingsLastUpdate", "1306975986");
Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Tue Jun 07 2011 17:45:36 GMT-0700 (Pacific Day[...]
Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1278548974");
Deleted : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727");
Deleted : user_pref("CT2438727.UserID", "UN31690325351520976");
Deleted : user_pref("CT2438727.ValidationData_Search", 2);
Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2438727.alertChannelId", "832836");
Deleted : user_pref("CT2438727.backendstorage.currentgame", "66726F6E74696572");
Deleted : user_pref("CT2438727.clientLogIsEnabled", false);
Deleted : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2438727.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Deleted : user_pref("CT2438727.globalFirstTimeInfoLastCheckTime", "Thu Jun 16 2011 23:13:16 GMT-0700 (Pacific [...]
Deleted : user_pref("CT2438727.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2438727.myStuffEnabled", true);
Deleted : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2438727.oldAppsList", "129017707048431316,129017707048587567,129509324767711885,1290239[...]
Deleted : user_pref("CT2438727.testingCtid", "");
Deleted : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Thu Jun 16 2011 10:22:26 GMT-0700 (Pacific D[...]
Deleted : user_pref("CT2438727.toolbarContextMenuLastCheckTime", "Tue Mar 22 2011 16:29:16 GMT-0700 (Pacific D[...]
Deleted : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2438727.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2438727");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/US", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Mar 22 2011 16:29:16 GMT-07[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jun 16 2011 18:39:24 GMT-0700 (Pacif[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 16 2011 10:22:25 GMT-0700 (Pacific D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{0b8587fa-35de-4008-a69c-ab2799127a1d}");
Deleted : user_pref("CommunityToolbar.globalUserId", "f28a2019-936b-4caf-9a38-b5db7b422b77");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("browser.search.defaultenginename", "Shareaza Web Search");
Deleted : user_pref("browser.search.order.1", "Shareaza Web Search");
Deleted : user_pref("extensions.facemoods.aflt", "_#antn");
Deleted : user_pref("extensions.facemoods.firstRun", false);
Deleted : user_pref("extensions.facemoods.lastActv", "16");

*************************

AdwCleaner[S1].txt - [15274 octets] - [03/11/2012 14:04:48]

########## EOF - C:\AdwCleaner[S1].txt - [15335 octets] ##########

*RK:

*RogueKiller V8.2.2 [11/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : coocabarra2 [Admin rights]
Mode : Scan -- Date : 11/03/2012 14:22:26

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM250HI +++++
--- User ---
[MBR] 714008eb6e9f24a4e2f0143b58463179
[BSP] 9fb90d3ffbbd9dd65be595685260bd2d : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 223434 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_11032012_02d1422.txt >>
RKreport[1]_S_11032012_02d1422.txt

Thanks!


----------



## Mark1956 (May 7, 2011)

You've done everything ok. The attachment of the minidump files is empty. Try right clicking on each file in turn and selecting Copy, then right click on open space on the desktop and select Paste, once you have made all the copies on the desktop try to zip them up.

For the disc check start by making a Recovery disc, as follows:

Go to Control Panel and select Backup and Restore. In the left hand pane select Create a System Recovery disc and follow the prompts.

Put the disk in the problem PC and reboot, it should boot from it although you may have to go into the Bios and set the CD to 1st in the boot order. Answer all the prompts and select *Repair your Computer* when the option appears. Select *Command Prompt* and then type in *chkdsk /r* and hit the Enter key, it should run. When complete type exit and boot back into Windows.

Then follow this guide to find the *chkdsk* log. *NOTE:* You need to do the search for *wininit* not *chkdsk*.
Windows 7 Disk Check log

Once the log is in view then click on* Copy* in the right hand pane and select *"Copy details as text".*
You can then *right click* on the message box on this forum and select *Paste* and the log will appear, add any further information asked for and then click on *Submit/Post Quick Reply* and your done.

Follow this to run the System File Checker again and post the log.


Windows 7 System File Checker
Click on *Start* and type *cmd* in the search box. Right click on *cmd* in the popup menu and select *Run as Administrator*.
Another box will open, at the Command Prompt, type *sfc /scannow* and press Enter. (Note the gap between the c and the /)
Let the check run to completion.

*To find the log*
Copy & Paste the following command at the Command Prompt and press Enter:

* findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt*
This will place a file on your desktop called *sfcdetails.txt* which contains the results of the scan.
Zip up the file and attach it to your next post.


----------



## skyla07 (Nov 3, 2012)

I followed the instructions, and got stuck after I typed in chkdsk /r. After I typed that in, it said this: "The type of the file system is NTFS. Cannot lock current drive. Windows cannot run disk checking on this volume because it is write protected. That's as far as I have gotten. Here are the dmp files as well.


----------



## Mark1956 (May 7, 2011)

My mistake, when you run chkdsk /r after booting from the Recovery disc you have to add the drive letter so the command you need to type will be: *chkdsk /r C:* make sure you leave spaces before the forward slash and the C.

Another error on my part is that when you run the disc check in this way it does not save a log so no need to look for it. When the disc check runs have a look at the results and make a note of any corrections listed and look for a line that mentions Bad Sectors and see how many KB's it states.

Once done please boot back into windows and continue with my instructions to run the System File Checker and post the log.

All the minidumps show a problem with Iastor.sys which is a driver related to the control of the hard drive, so we need to reinstall the driver. Please tell me the make and model number of your PC.

There is also a possibility that Iastor.sys is infected so please run the following scan and post the log. Once we have made sure everything is clean we can attempt to recover your missing files, but no guarantees. Please don't run any temporary file cleaners as this will make it impossible to restore the hidden files.

Please follow the instructions exactly as written, deviating from the instructions and trying to fix anything before I have seen the logs may make your PC unbootable. If TDSSKiller does not offer the Cure option *DO NOT select delete* as you may remove files needed for the system to operate.

Please download Kaspersky's *TDSSKiller* and *save it to your Desktop. <-Important!*
_-- The tool is frequently updated...if you used TDSSKiller before, delete that version and download the most current one before using again._

_Be sure to print out and follow the instructions for performing a scan_.


Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
Alternatively, you can download TDSSKiller.exe and use that instead.
Double-click on *TDSSKiller.exe* to run the tool for known TDSS variants.
_*Vista*/*Windows 7* users right-click and select Run As Administrator_.
If an update is available, TDSSKiller will prompt you to update and download the most current version. Click *Load Update*. Close TDSSKiller and start again.


When the program opens, click the *Change parameters.*









Under "Additional options", check the boxes next to *Verify file digital signatures* and *Detect TDLFS file system*, then click *OK*.









Click the *Start Scan* button.









Do not use the computer during the scan
If the scan completes with nothing found, click *Close* to exit.
If '*Suspicious objects*' are detected, the default action will be *Skip*. Leave the default set to Skip and click on *Continue*.
If *Malicious objects* are detected, they will show in the Scan results - *Select action for found objects:* and offer three options.









Ensure *Cure* is selected...then click *Continue* -> *Reboot computer* *for cure completion.*









*Important! ->* If *Cure* *is not available*, please choose *Skip* instead. *Do not choose Delete unless instructed.* If you choose *Delete* you may *remove critical system files* and make your PC *unstable* or possibly *unbootable*.
A log file named *TDSSKiller_version_date_time_log.txt* will be created and saved to the root directory (usually Local Disk C: ).
Copy and paste the contents of that file in your next reply.

_-- If TDSSKiller does not run, try renaming it. To do this, right-click on *TDSSKiller.exe*, select *Rename* and give it a random name with the *.com* file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it to something else *before* beginning the download and saving to the computer or to perform the scan in "safe mode"._


----------



## skyla07 (Nov 3, 2012)

Okay, I am not getting very far today. I tried 3 times to to get to the repair computer option, but it hasn't worked. I reboot the computer with the repair disk in there, and press f12 for boot options, select boot from cd/dvd, and then it has a progress bar saying windows is loading files, and then when that is done, it brings me to the bluish screen, then an error box pops up with this error: Error 0x4001100200001012. I even tried a 4th time, and that time I erased my dvdrw disc, and re-did the repair disc, and rebooted that way, and I still got the error message.


----------



## skyla07 (Nov 3, 2012)

Also, the make and model of my computer is a Dell Inspiron 1545 Model# PP41L.


----------



## Mark1956 (May 7, 2011)

Ok, for now just go ahead with the scan using TDSSKiller.


----------



## skyla07 (Nov 3, 2012)

Kaspersky found 2 "suspicious" objects, so I just left it at skip and clicked continue like you said. Here is the .txt:

12:10:50.0699 5584 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:10:51.0919 5584 ============================================================
12:10:51.0919 5584 Current date / time: 2012/11/04 12:10:51.0919
12:10:51.0919 5584 SystemInfo:
12:10:51.0919 5584 
12:10:51.0919 5584 OS Version: 6.1.7601 ServicePack: 1.0
12:10:51.0919 5584 Product type: Workstation
12:10:51.0919 5584 ComputerName: COOCABARRA2-PC
12:10:51.0919 5584 UserName: coocabarra2
12:10:51.0919 5584 Windows directory: C:\Windows
12:10:51.0919 5584 System windows directory: C:\Windows
12:10:51.0919 5584 Running under WOW64
12:10:51.0919 5584 Processor architecture: Intel x64
12:10:51.0919 5584 Number of processors: 2
12:10:51.0919 5584 Page size: 0x1000
12:10:51.0919 5584 Boot type: Normal boot
12:10:51.0919 5584 ============================================================
12:10:52.0619 5584 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:10:52.0619 5584 ============================================================
12:10:52.0619 5584 \Device\Harddisk0\DR0:
12:10:52.0619 5584 MBR partitions:
12:10:52.0629 5584 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
12:10:52.0629 5584 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465170
12:10:52.0629 5584 ============================================================
12:10:52.0659 5584 C: <-> \Device\Harddisk0\DR0\Partition2
12:10:52.0659 5584 ============================================================
12:10:52.0659 5584 Initialize success
12:10:52.0659 5584 ============================================================
12:19:26.0506 2716 ============================================================
12:19:26.0506 2716 Scan started
12:19:26.0506 2716 Mode: Manual; SigCheck; TDLFS; 
12:19:26.0506 2716 ============================================================
12:19:26.0740 2716 ================ Scan system memory ========================
12:19:26.0740 2716 System memory - ok
12:19:26.0740 2716 ================ Scan services =============================
12:19:27.0021 2716 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:19:27.0364 2716 1394ohci - ok
12:19:27.0411 2716 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:19:27.0442 2716 ACPI - ok
12:19:27.0489 2716 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:19:27.0551 2716 AcpiPmi - ok
12:19:27.0723 2716 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:19:27.0754 2716 AdobeFlashPlayerUpdateSvc - ok
12:19:27.0832 2716 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:19:27.0894 2716 adp94xx - ok
12:19:27.0926 2716 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:19:27.0941 2716 adpahci - ok
12:19:27.0957 2716 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:19:27.0988 2716 adpu320 - ok
12:19:28.0019 2716 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:19:28.0097 2716 AeLookupSvc - ok
12:19:28.0175 2716 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:19:28.0222 2716 AFD - ok
12:19:28.0284 2716 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:19:28.0331 2716 agp440 - ok
12:19:28.0347 2716 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:19:28.0425 2716 ALG - ok
12:19:28.0472 2716 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:19:28.0503 2716 aliide - ok
12:19:28.0518 2716 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:19:28.0550 2716 amdide - ok
12:19:28.0596 2716 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:19:28.0674 2716 AmdK8 - ok
12:19:28.0706 2716 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:19:28.0768 2716 AmdPPM - ok
12:19:28.0830 2716 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:19:28.0924 2716 amdsata - ok
12:19:28.0955 2716 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:19:29.0002 2716 amdsbs - ok
12:19:29.0018 2716 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:19:29.0096 2716 amdxata - ok
12:19:29.0127 2716 [ 98449A2957778A6F025C418438A380F4 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
12:19:29.0376 2716 ApfiltrService - ok
12:19:29.0439 2716 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:19:29.0564 2716 AppID - ok
12:19:29.0610 2716 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:19:29.0688 2716 AppIDSvc - ok
12:19:29.0735 2716 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:19:29.0829 2716 Appinfo - ok
12:19:30.0032 2716 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:19:30.0063 2716 Apple Mobile Device - ok
12:19:30.0141 2716 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:19:30.0172 2716 arc - ok
12:19:30.0172 2716 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:19:30.0219 2716 arcsas - ok
12:19:30.0250 2716 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:19:30.0328 2716 AsyncMac - ok
12:19:30.0390 2716 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:19:30.0422 2716 atapi - ok
12:19:30.0500 2716 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:19:30.0593 2716 AudioEndpointBuilder - ok
12:19:30.0624 2716 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:19:30.0671 2716 AudioSrv - ok
12:19:30.0749 2716 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:19:30.0921 2716 AxInstSV - ok
12:19:30.0983 2716 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:19:31.0092 2716 b06bdrv - ok
12:19:31.0124 2716 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:19:31.0186 2716 b57nd60a - ok
12:19:31.0217 2716 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
12:19:31.0311 2716 BCM42RLY - ok
12:19:31.0404 2716 [ 37394D3553E220FB732C21E217E1BD8B ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:19:31.0514 2716 BCM43XX - ok
12:19:31.0560 2716 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:19:31.0638 2716 BDESVC - ok
12:19:31.0654 2716 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:19:31.0748 2716 Beep - ok
12:19:31.0826 2716 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:19:31.0935 2716 BFE - ok
12:19:31.0982 2716 [ ACC9C8C560C567FAD6F79C977AB2EA09 ] bgsvcgen C:\WINDOWS\SysWOW64\bgsvcgen.exe
12:19:32.0013 2716 bgsvcgen - ok
12:19:32.0091 2716 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
12:19:32.0169 2716 BITS - ok
12:19:32.0216 2716 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:19:32.0278 2716 blbdrive - ok
12:19:32.0387 2716 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:19:32.0418 2716 Bonjour Service - ok
12:19:32.0496 2716 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:19:32.0606 2716 bowser - ok
12:19:32.0652 2716 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:19:32.0715 2716 BrFiltLo - ok
12:19:32.0762 2716 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:19:32.0824 2716 BrFiltUp - ok
12:19:32.0871 2716 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:19:32.0949 2716 Browser - ok
12:19:32.0980 2716 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:19:33.0058 2716 Brserid - ok
12:19:33.0074 2716 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:19:33.0136 2716 BrSerWdm - ok
12:19:33.0183 2716 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:19:33.0261 2716 BrUsbMdm - ok
12:19:33.0292 2716 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:19:33.0323 2716 BrUsbSer - ok
12:19:33.0386 2716 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
12:19:33.0542 2716 BTCFilterService - ok
12:19:33.0573 2716 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:19:33.0620 2716 BTHMODEM - ok
12:19:33.0666 2716 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:19:33.0776 2716 bthserv - ok
12:19:33.0822 2716 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:19:33.0932 2716 cdfs - ok
12:19:33.0978 2716 [ 9EDD76D0800A022AE10B9243D0224E72 ] cdrbsdrv C:\Windows\system32\drivers\cdrbsdrv.sys
12:19:34.0072 2716 cdrbsdrv - ok
12:19:34.0134 2716 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:19:34.0244 2716 cdrom - ok
12:19:34.0322 2716 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:19:34.0462 2716 CertPropSvc - ok
12:19:34.0509 2716 [ 7C6B5BE2696DFD2D0BF6C9EE20326EF8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
12:19:34.0618 2716 cfwids - ok
12:19:34.0665 2716 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:19:34.0712 2716 circlass - ok
12:19:34.0774 2716 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:19:34.0805 2716 CLFS - ok
12:19:34.0883 2716 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:19:34.0914 2716 clr_optimization_v2.0.50727_32 - ok
12:19:34.0961 2716 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:19:34.0992 2716 clr_optimization_v2.0.50727_64 - ok
12:19:35.0070 2716 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:19:35.0195 2716 clr_optimization_v4.0.30319_32 - ok
12:19:35.0242 2716 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:19:35.0336 2716 clr_optimization_v4.0.30319_64 - ok
12:19:35.0382 2716 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:19:35.0445 2716 CmBatt - ok
12:19:35.0460 2716 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:19:35.0492 2716 cmdide - ok
12:19:35.0570 2716 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:19:35.0679 2716 CNG - ok
12:19:35.0726 2716 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:19:35.0757 2716 Compbatt - ok
12:19:35.0804 2716 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:19:35.0913 2716 CompositeBus - ok
12:19:35.0944 2716 COMSysApp - ok
12:19:35.0975 2716 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:19:35.0991 2716 crcdisk - ok
12:19:36.0053 2716 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:19:36.0131 2716 CryptSvc - ok
12:19:36.0194 2716 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:19:36.0303 2716 DcomLaunch - ok
12:19:36.0334 2716 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:19:36.0428 2716 defragsvc - ok
12:19:36.0490 2716 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:19:36.0615 2716 DfsC - ok
12:19:36.0646 2716 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:19:36.0755 2716 Dhcp - ok
12:19:36.0786 2716 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:19:36.0864 2716 discache - ok
12:19:36.0896 2716 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:19:36.0911 2716 Disk - ok
12:19:36.0942 2716 dlcx_device - ok
12:19:37.0020 2716 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:19:37.0067 2716 Dnscache - ok
12:19:37.0145 2716 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
12:19:37.0348 2716 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
12:19:37.0348 2716 DockLoginService - detected UnsignedFile.Multi.Generic (1)
12:19:37.0410 2716 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:19:37.0535 2716 dot3svc - ok
12:19:37.0598 2716 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:19:37.0691 2716 DPS - ok
12:19:37.0738 2716 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:19:37.0800 2716 drmkaud - ok
12:19:37.0863 2716 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:19:37.0956 2716 DXGKrnl - ok
12:19:37.0988 2716 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:19:38.0081 2716 EapHost - ok
12:19:38.0175 2716 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:19:38.0300 2716 ebdrv - ok
12:19:38.0346 2716 [ C118A82CD78818C29AB228366EBF81C3 ] EFS  C:\Windows\System32\lsass.exe
12:19:38.0378 2716 EFS - ok
12:19:38.0471 2716 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:19:38.0612 2716 ehRecvr - ok
12:19:38.0643 2716 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:19:38.0721 2716 ehSched - ok
12:19:38.0768 2716 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:19:38.0830 2716 elxstor - ok
12:19:38.0846 2716 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:19:38.0877 2716 ErrDev - ok
12:19:38.0939 2716 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:19:39.0048 2716 EventSystem - ok
12:19:39.0080 2716 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:19:39.0189 2716 exfat - ok
12:19:39.0236 2716 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:19:39.0329 2716 fastfat - ok
12:19:39.0407 2716 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:19:39.0610 2716 Fax - ok
12:19:39.0641 2716 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:19:39.0672 2716 fdc - ok
12:19:39.0719 2716 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:19:39.0813 2716 fdPHost - ok
12:19:39.0828 2716 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:19:39.0891 2716 FDResPub - ok
12:19:39.0922 2716 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:19:39.0953 2716 FileInfo - ok
12:19:39.0969 2716 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:19:40.0078 2716 Filetrace - ok
12:19:40.0125 2716 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:19:40.0140 2716 flpydisk - ok
12:19:40.0203 2716 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:19:40.0296 2716 FltMgr - ok
12:19:40.0374 2716 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:19:40.0437 2716 FontCache - ok
12:19:40.0499 2716 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:19:40.0593 2716 FontCache3.0.0.0 - ok
12:19:40.0608 2716 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:19:40.0640 2716 FsDepends - ok
12:19:40.0686 2716 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:19:40.0764 2716 fssfltr - ok
12:19:40.0842 2716 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:19:40.0983 2716 fsssvc - ok
12:19:41.0030 2716 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:19:41.0123 2716 Fs_Rec - ok
12:19:41.0186 2716 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:19:41.0217 2716 fvevol - ok
12:19:41.0264 2716 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:19:41.0295 2716 gagp30kx - ok
12:19:41.0404 2716 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
12:19:41.0529 2716 GameConsoleService - ok
12:19:41.0576 2716 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:19:41.0638 2716 GEARAspiWDM - ok
12:19:41.0700 2716 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
12:19:41.0794 2716 GoToAssist - ok
12:19:41.0872 2716 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:19:41.0950 2716 gpsvc - ok
12:19:42.0059 2716 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:19:42.0090 2716 gupdate - ok
12:19:42.0106 2716 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:19:42.0137 2716 gupdatem - ok
12:19:42.0168 2716 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:19:42.0231 2716 hcw85cir - ok
12:19:42.0340 2716 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:19:42.0402 2716 HDAudBus - ok
12:19:42.0434 2716 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:19:42.0480 2716 HidBatt - ok
12:19:42.0512 2716 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:19:42.0558 2716 HidBth - ok
12:19:42.0574 2716 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:19:42.0636 2716 HidIr - ok
12:19:42.0668 2716 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
12:19:42.0746 2716 hidserv - ok
12:19:42.0792 2716 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:19:42.0855 2716 HidUsb - ok
12:19:42.0948 2716 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
12:19:43.0058 2716 HipShieldK - ok
12:19:43.0104 2716 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:19:43.0260 2716 hkmsvc - ok
12:19:43.0323 2716 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:19:43.0416 2716 HomeGroupListener - ok
12:19:43.0479 2716 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:19:43.0541 2716 HomeGroupProvider - ok
12:19:43.0604 2716 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:19:43.0682 2716 HpSAMD - ok
12:19:43.0760 2716 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:19:43.0853 2716 HTTP - ok
12:19:43.0900 2716 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:19:43.0916 2716 hwpolicy - ok
12:19:43.0978 2716 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:19:44.0009 2716 i8042prt - ok
12:19:44.0072 2716 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:19:44.0103 2716 IAANTMON - ok
12:19:44.0134 2716 [ 4F6FB2CDBDEEFC47E7D2066E78254580 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:19:44.0181 2716 iaStor - ok
12:19:44.0243 2716 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:19:44.0337 2716 iaStorV - ok
12:19:44.0415 2716 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:19:44.0524 2716 idsvc - ok
12:19:44.0727 2716 [ BABD5F9B2BCC82CE556A0BAF1AE208A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:19:45.0023 2716 igfx - ok
12:19:45.0070 2716 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:19:45.0101 2716 iirsp - ok
12:19:45.0179 2716 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:19:45.0257 2716 IKEEXT - ok
12:19:45.0320 2716 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:19:45.0335 2716 intelide - ok
12:19:45.0366 2716 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:19:45.0413 2716 intelppm - ok
12:19:45.0460 2716 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:19:45.0554 2716 IPBusEnum - ok
12:19:45.0632 2716 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:19:45.0756 2716 IpFilterDriver - ok
12:19:45.0803 2716 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:19:45.0912 2716 iphlpsvc - ok
12:19:45.0959 2716 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:19:46.0084 2716 IPMIDRV - ok
12:19:46.0131 2716 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:19:46.0240 2716 IPNAT - ok
12:19:46.0318 2716 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:19:46.0365 2716 iPod Service - ok
12:19:46.0412 2716 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:19:46.0474 2716 IRENUM - ok
12:19:46.0521 2716 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:19:46.0552 2716 isapnp - ok
12:19:46.0583 2716 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:19:46.0677 2716 iScsiPrt - ok
12:19:46.0708 2716 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:19:46.0739 2716 kbdclass - ok
12:19:46.0770 2716 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:19:46.0864 2716 kbdhid - ok
12:19:46.0880 2716 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:19:46.0911 2716 KeyIso - ok
12:19:46.0958 2716 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:19:47.0036 2716 KSecDD - ok
12:19:47.0067 2716 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:19:47.0145 2716 KSecPkg - ok
12:19:47.0176 2716 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:19:47.0254 2716 ksthunk - ok
12:19:47.0301 2716 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:19:47.0410 2716 KtmRm - ok
12:19:47.0472 2716 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:19:47.0550 2716 LanmanServer - ok
12:19:47.0613 2716 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:19:47.0706 2716 LanmanWorkstation - ok
12:19:48.0018 2716 [ 4CCC8AABE7880C56BA10043B8FBCA3EB ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
12:19:48.0190 2716 LeapFrog Connect Device Service - ok
12:19:48.0284 2716 [ 797289607A5EBF31353AA5EAD141F872 ] Leapfrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
12:19:48.0408 2716 Leapfrog-USBLAN - ok
12:19:48.0455 2716 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:19:48.0533 2716 lltdio - ok
12:19:48.0596 2716 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:19:48.0689 2716 lltdsvc - ok
12:19:48.0705 2716 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:19:48.0752 2716 lmhosts - ok
12:19:48.0798 2716 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:19:48.0830 2716 LSI_FC - ok
12:19:48.0845 2716 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:19:48.0876 2716 LSI_SAS - ok
12:19:48.0876 2716 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:19:48.0908 2716 LSI_SAS2 - ok
12:19:48.0908 2716 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:19:48.0939 2716 LSI_SCSI - ok
12:19:48.0970 2716 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:19:49.0064 2716 luafv - ok
12:19:49.0251 2716 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:49.0282 2716 McAfee SiteAdvisor Service - ok
12:19:49.0313 2716 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:49.0344 2716 McMPFSvc - ok
12:19:49.0360 2716 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:49.0391 2716 mcmscsvc - ok
12:19:49.0407 2716 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:49.0422 2716 McNaiAnn - ok
12:19:49.0438 2716 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:49.0454 2716 McNASvc - ok
12:19:49.0578 2716 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
12:19:49.0688 2716 McODS - ok
12:19:49.0703 2716 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:49.0719 2716 McProxy - ok
12:19:49.0797 2716 [ D4F9C8CE2D7D5B9A1F739AADEBFFCA6F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
12:19:49.0844 2716 McShield - ok
12:19:49.0890 2716 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:19:49.0984 2716 Mcx2Svc - ok
12:19:50.0015 2716 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:19:50.0046 2716 megasas - ok
12:19:50.0093 2716 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:19:50.0140 2716 MegaSR - ok
12:19:50.0202 2716 [ C73B93FED17829F11273459DA05E1976 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
12:19:50.0234 2716 mfeapfk - ok
12:19:50.0296 2716 [ 298C065BB9E09D5F14CCD9E8244DE4A0 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
12:19:50.0390 2716 mfeavfk - ok
12:19:50.0452 2716 mfeavfk01 - ok
12:19:50.0733 2716 [ AB66AF840EF1667AA73DDA6CE987D0E1 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:19:50.0748 2716 mfefire - ok
12:19:50.0842 2716 [ 4D604F0B85E98C5AD99B89AF72A4E28A ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
12:19:50.0951 2716 mfefirek - ok
12:19:51.0014 2716 [ 85AFDEAD1366BED11A84A5C6FC0A65D2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
12:19:51.0138 2716 mfehidk - ok
12:19:51.0185 2716 [ 1B08579938FD72626D92F3C2219903EA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
12:19:51.0279 2716 mferkdet - ok
12:19:51.0310 2716 [ 984BBBB9BE02EF838DABDF3F3126A91B ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
12:19:51.0341 2716 mfevtp - ok
12:19:51.0435 2716 [ 6251BE428073704FF1002231520C8F16 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
12:19:51.0528 2716 mfewfpk - ok
12:19:51.0575 2716 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:19:51.0622 2716 MMCSS - ok
12:19:51.0638 2716 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:19:51.0716 2716 Modem - ok
12:19:51.0762 2716 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:19:51.0825 2716 monitor - ok
12:19:51.0872 2716 [ 338BA6B7170111EDC2E43B5B4EAF17DF ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
12:19:51.0981 2716 motccgp - ok
12:19:52.0028 2716 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
12:19:52.0168 2716 motccgpfl - ok
12:19:52.0215 2716 [ E90ABA3C6F01BE2C456C4AA857B28646 ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
12:19:52.0371 2716 motmodem - ok
12:19:52.0433 2716 [ 9B2923C59D49672D1205C391A1296525 ] MotoConnect Service C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
12:19:52.0449 2716 MotoConnect Service - ok
12:19:52.0496 2716 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
12:19:52.0620 2716 MotoSwitchService - ok
12:19:52.0652 2716 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
12:19:52.0745 2716 Motousbnet - ok
12:19:52.0808 2716 [ 307727F9829FB46FF4BE0E4D1DAC5002 ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys
12:19:52.0917 2716 motusbdevice - ok
12:19:52.0979 2716 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
12:19:53.0010 2716 mouclass - ok
12:19:53.0073 2716 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:19:53.0120 2716 mouhid - ok
12:19:53.0166 2716 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:19:53.0198 2716 mountmgr - ok
12:19:53.0354 2716 [ 19E4BAA7BE36144C41AF844DE1CFB50D ] Movielink Core Service C:\Program Files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
12:19:53.0432 2716 Movielink Core Service - ok
12:19:53.0541 2716 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:19:53.0666 2716 MozillaMaintenance - ok
12:19:53.0712 2716 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:19:53.0806 2716 mpio - ok
12:19:53.0837 2716 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:19:53.0884 2716 mpsdrv - ok
12:19:53.0946 2716 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:19:54.0056 2716 MpsSvc - ok
12:19:54.0102 2716 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:19:54.0180 2716 MRxDAV - ok
12:19:54.0227 2716 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:19:54.0305 2716 mrxsmb - ok
12:19:54.0352 2716 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:19:54.0477 2716 mrxsmb10 - ok
12:19:54.0508 2716 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:19:54.0617 2716 mrxsmb20 - ok
12:19:54.0680 2716 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:19:54.0789 2716 msahci - ok
12:19:54.0804 2716 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:19:54.0882 2716 msdsm - ok
12:19:54.0898 2716 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:19:54.0929 2716 MSDTC - ok
12:19:54.0976 2716 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:19:55.0023 2716 Msfs - ok
12:19:55.0038 2716 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:19:55.0085 2716 mshidkmdf - ok
12:19:55.0101 2716 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:19:55.0116 2716 msisadrv - ok
12:19:55.0163 2716 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:19:55.0257 2716 MSiSCSI - ok
12:19:55.0257 2716 msiserver - ok
12:19:55.0350 2716 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
12:19:55.0366 2716 MSK80Service - ok
12:19:55.0413 2716 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:19:55.0506 2716 MSKSSRV - ok
12:19:55.0538 2716 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:19:55.0616 2716 MSPCLOCK - ok
12:19:55.0647 2716 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:19:55.0756 2716 MSPQM - ok
12:19:55.0803 2716 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:19:55.0865 2716 MsRPC - ok
12:19:55.0912 2716 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:19:55.0928 2716 mssmbios - ok
12:19:55.0959 2716 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:19:56.0052 2716 MSTEE - ok
12:19:56.0084 2716 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:19:56.0130 2716 MTConfig - ok
12:19:56.0177 2716 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:19:56.0208 2716 Mup - ok
12:19:56.0271 2716 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:19:56.0427 2716 napagent - ok
12:19:56.0489 2716 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:19:56.0536 2716 NativeWifiP - ok
12:19:56.0630 2716 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:19:56.0676 2716 NDIS - ok
12:19:56.0692 2716 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:19:56.0739 2716 NdisCap - ok
12:19:56.0786 2716 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:19:56.0864 2716 NdisTapi - ok
12:19:56.0926 2716 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:19:57.0066 2716 Ndisuio - ok
12:19:57.0113 2716 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:19:57.0222 2716 NdisWan - ok
12:19:57.0269 2716 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:19:57.0410 2716 NDProxy - ok
12:19:57.0456 2716 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:19:57.0534 2716 NetBIOS - ok
12:19:57.0597 2716 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:19:57.0659 2716 NetBT - ok
12:19:57.0690 2716 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:19:57.0722 2716 Netlogon - ok
12:19:57.0768 2716 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:19:57.0862 2716 Netman - ok
12:19:57.0893 2716 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:19:57.0987 2716 netprofm - ok
12:19:58.0018 2716 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:19:58.0049 2716 NetTcpPortSharing - ok
12:19:58.0080 2716 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:19:58.0096 2716 nfrd960 - ok
12:19:58.0158 2716 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:19:58.0236 2716 NlaSvc - ok
12:19:58.0252 2716 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:19:58.0299 2716 Npfs - ok
12:19:58.0330 2716 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:19:58.0392 2716 nsi - ok
12:19:58.0408 2716 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:19:58.0470 2716 nsiproxy - ok
12:19:58.0564 2716 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:19:58.0689 2716 Ntfs - ok
12:19:58.0736 2716 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:19:58.0798 2716 Null - ok
12:19:58.0845 2716 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:19:58.0954 2716 nvraid - ok
12:19:58.0985 2716 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:19:59.0094 2716 nvstor - ok
12:19:59.0141 2716 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:19:59.0157 2716 nv_agp - ok
12:19:59.0282 2716 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:19:59.0406 2716 odserv - ok
12:19:59.0453 2716 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:19:59.0469 2716 ohci1394 - ok
12:19:59.0516 2716 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:19:59.0625 2716 ose - ok
12:19:59.0656 2716 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:19:59.0687 2716 p2pimsvc - ok
12:19:59.0718 2716 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:19:59.0765 2716 p2psvc - ok
12:19:59.0812 2716 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:19:59.0843 2716 Parport - ok
12:19:59.0890 2716 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:19:59.0984 2716 partmgr - ok
12:20:00.0015 2716 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:20:00.0062 2716 PcaSvc - ok
12:20:00.0124 2716 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:20:00.0233 2716 pci - ok
12:20:00.0249 2716 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:20:00.0280 2716 pciide - ok
12:20:00.0280 2716 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:20:00.0311 2716 pcmcia - ok
12:20:00.0327 2716 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:20:00.0358 2716 pcw - ok
12:20:00.0389 2716 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:20:00.0498 2716 PEAUTH - ok
12:20:00.0576 2716 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:20:00.0623 2716 PerfHost - ok
12:20:00.0717 2716 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:20:00.0904 2716 pla - ok
12:20:00.0998 2716 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:20:01.0060 2716 PlugPlay - ok
12:20:01.0091 2716 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:20:01.0138 2716 PNRPAutoReg - ok
12:20:01.0169 2716 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:20:01.0185 2716 PNRPsvc - ok
12:20:01.0247 2716 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:20:01.0341 2716 PolicyAgent - ok
12:20:01.0388 2716 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:20:01.0466 2716 Power - ok
12:20:01.0559 2716 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:20:01.0684 2716 PptpMiniport - ok
12:20:01.0715 2716 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:20:01.0762 2716 Processor - ok
12:20:01.0793 2716 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:20:01.0871 2716 ProfSvc - ok
12:20:01.0902 2716 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:20:01.0934 2716 ProtectedStorage - ok
12:20:02.0012 2716 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:20:02.0090 2716 Psched - ok
12:20:02.0136 2716 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:20:02.0230 2716 PxHlpa64 - ok
12:20:02.0277 2716 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:20:02.0355 2716 ql2300 - ok
12:20:02.0402 2716 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:20:02.0417 2716 ql40xx - ok
12:20:02.0448 2716 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:20:02.0511 2716 QWAVE - ok
12:20:02.0526 2716 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:20:02.0604 2716 QWAVEdrv - ok
12:20:02.0636 2716 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:20:02.0729 2716 RasAcd - ok
12:20:02.0776 2716 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:20:02.0854 2716 RasAgileVpn - ok
12:20:02.0870 2716 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:20:02.0963 2716 RasAuto - ok
12:20:03.0026 2716 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:20:03.0150 2716 Rasl2tp - ok
12:20:03.0228 2716 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:20:03.0322 2716 RasMan - ok
12:20:03.0338 2716 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:20:03.0384 2716 RasPppoe - ok
12:20:03.0400 2716 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:20:03.0462 2716 RasSstp - ok
12:20:03.0509 2716 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:20:03.0618 2716 rdbss - ok
12:20:03.0634 2716 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:20:03.0696 2716 rdpbus - ok
12:20:03.0712 2716 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:20:03.0774 2716 RDPCDD - ok
12:20:03.0790 2716 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:20:03.0852 2716 RDPENCDD - ok
12:20:03.0884 2716 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:20:03.0930 2716 RDPREFMP - ok
12:20:03.0977 2716 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:20:04.0118 2716 RDPWD - ok
12:20:04.0196 2716 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:20:04.0305 2716 rdyboost - ok
12:20:04.0352 2716 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:20:04.0414 2716 RemoteAccess - ok
12:20:04.0445 2716 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:20:04.0539 2716 RemoteRegistry - ok
12:20:04.0554 2716 RimUsb - ok
12:20:04.0601 2716 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:20:04.0679 2716 RimVSerPort - ok
12:20:04.0726 2716 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
12:20:04.0804 2716 ROOTMODEM - ok
12:20:04.0835 2716 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:20:04.0898 2716 RpcEptMapper - ok
12:20:04.0913 2716 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:20:04.0976 2716 RpcLocator - ok
12:20:05.0054 2716 [ 6684437F3628EF237C354F77D33426D1 ] rpcnet C:\WINDOWS\SysWOW64\rpcnet.exe
12:20:05.0069 2716 rpcnet - ok
12:20:05.0132 2716 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs  C:\Windows\System32\rpcss.dll
12:20:05.0210 2716 RpcSs - ok
12:20:05.0256 2716 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:20:05.0350 2716 rspndr - ok
12:20:05.0397 2716 [ 4A25DC970C58104602ED274DACAFD784 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:20:05.0444 2716 RSUSBSTOR - ok
12:20:05.0490 2716 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:20:05.0506 2716 SamSs - ok
12:20:05.0568 2716 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:20:05.0678 2716 sbp2port - ok
12:20:05.0709 2716 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:20:05.0787 2716 SCardSvr - ok
12:20:05.0834 2716 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:20:05.0974 2716 scfilter - ok
12:20:06.0036 2716 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:20:06.0128 2716 Schedule - ok
12:20:06.0160 2716 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:20:06.0222 2716 SCPolicySvc - ok
12:20:06.0269 2716 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:20:06.0331 2716 SDRSVC - ok
12:20:06.0440 2716 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:20:06.0472 2716 SeaPort - ok
12:20:06.0503 2716 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:20:06.0612 2716 secdrv - ok
12:20:06.0674 2716 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:20:06.0768 2716 seclogon - ok
12:20:06.0799 2716 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
12:20:06.0893 2716 SENS - ok
12:20:06.0924 2716 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:20:06.0971 2716 SensrSvc - ok
12:20:06.0986 2716 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:20:07.0049 2716 Serenum - ok
12:20:07.0127 2716 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:20:07.0174 2716 Serial - ok
12:20:07.0189 2716 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:20:07.0252 2716 sermouse - ok
12:20:07.0314 2716 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:20:07.0454 2716 SessionEnv - ok
12:20:07.0501 2716 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:20:07.0564 2716 sffdisk - ok
12:20:07.0595 2716 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:20:07.0642 2716 sffp_mmc - ok
12:20:07.0673 2716 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:20:07.0798 2716 sffp_sd - ok
12:20:07.0829 2716 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:20:07.0876 2716 sfloppy - ok
12:20:07.0969 2716 [ 7F475425582163602EF1589C0071E521 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
12:20:08.0000 2716 SftService - ok
12:20:08.0063 2716 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:20:08.0172 2716 SharedAccess - ok
12:20:08.0234 2716 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:20:08.0344 2716 ShellHWDetection - ok
12:20:08.0375 2716 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2  C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:20:08.0390 2716 SiSRaid2 - ok
12:20:08.0406 2716 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:20:08.0437 2716 SiSRaid4 - ok
12:20:08.0500 2716 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:20:15.0130 2716 SkypeUpdate - ok
12:20:15.0161 2716 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:20:15.0223 2716 Smb - ok
12:20:15.0254 2716 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:20:15.0301 2716 SNMPTRAP - ok
12:20:15.0332 2716 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:20:15.0348 2716 spldr - ok
12:20:15.0410 2716 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:20:15.0488 2716 Spooler - ok
12:20:15.0613 2716 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:20:15.0769 2716 sppsvc - ok
12:20:15.0800 2716 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:20:15.0863 2716 sppuinotify - ok
12:20:15.0925 2716 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:20:16.0034 2716 srv - ok
12:20:16.0081 2716 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:20:16.0190 2716 srv2 - ok
12:20:16.0237 2716 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:20:16.0362 2716 srvnet - ok
12:20:16.0393 2716 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:20:16.0456 2716 SSDPSRV - ok
12:20:16.0487 2716 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:20:16.0565 2716 SstpSvc - ok
12:20:16.0674 2716 [ 444109453A2B87E6C16BCDA5953E81A9 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
12:20:16.0721 2716 STacSV - ok
12:20:16.0768 2716 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:20:16.0799 2716 stexstor - ok
12:20:16.0830 2716 [ 02E784FA49032F84964DB90A3ED81890 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:20:16.0939 2716 STHDA - ok
12:20:17.0002 2716 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:20:17.0095 2716 stisvc - ok
12:20:17.0126 2716 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:20:17.0158 2716 swenum - ok
12:20:17.0189 2716 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:20:17.0314 2716 swprv - ok
12:20:17.0392 2716 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:20:17.0485 2716 SysMain - ok
12:20:17.0532 2716 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:20:17.0626 2716 TabletInputService - ok
12:20:17.0657 2716 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:20:17.0719 2716 TapiSrv - ok
12:20:17.0766 2716 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:20:17.0813 2716 TBS - ok
12:20:17.0906 2716 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:20:18.0016 2716 Tcpip - ok
12:20:18.0062 2716 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:20:18.0125 2716 TCPIP6 - ok
12:20:18.0187 2716 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:20:18.0328 2716 tcpipreg - ok
12:20:18.0374 2716 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:20:18.0452 2716 TDPIPE - ok
12:20:18.0515 2716 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:20:18.0608 2716 TDTCP - ok
12:20:18.0655 2716 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:20:18.0780 2716 tdx - ok
12:20:18.0827 2716 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:20:18.0920 2716 TermDD - ok
12:20:18.0983 2716 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:20:19.0061 2716 TermService - ok
12:20:19.0076 2716 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:20:19.0123 2716 Themes - ok
12:20:19.0154 2716 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:20:19.0201 2716 THREADORDER - ok
12:20:19.0217 2716 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:20:19.0248 2716 TrkWks - ok
12:20:19.0326 2716 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:20:19.0404 2716 TrustedInstaller - ok
12:20:19.0435 2716 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:20:19.0544 2716 tssecsrv - ok
12:20:19.0622 2716 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:20:19.0763 2716 TsUsbFlt - ok
12:20:19.0841 2716 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:20:19.0966 2716 tunnel - ok
12:20:20.0012 2716 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:20:20.0044 2716 uagp35 - ok
12:20:20.0106 2716 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:20:20.0231 2716 udfs - ok
12:20:20.0278 2716 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:20:20.0293 2716 UI0Detect - ok
12:20:20.0356 2716 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:20:20.0387 2716 uliagpkx - ok
12:20:20.0418 2716 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:20:20.0527 2716 umbus - ok
12:20:20.0558 2716 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:20:20.0605 2716 UmPass - ok
12:20:20.0652 2716 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:20:20.0746 2716 upnphost - ok
12:20:20.0980 2716 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:20:21.0120 2716 USBAAPL64 - ok
12:20:21.0198 2716 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:20:21.0323 2716 usbaudio - ok
12:20:21.0385 2716 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:20:21.0494 2716 usbccgp - ok
12:20:21.0557 2716 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:20:21.0604 2716 usbcir - ok
12:20:21.0619 2716 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:20:21.0713 2716 usbehci - ok
12:20:21.0760 2716 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:20:21.0853 2716 usbhub - ok
12:20:21.0869 2716 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:20:21.0978 2716 usbohci - ok
12:20:22.0040 2716 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:20:22.0103 2716 usbprint - ok
12:20:22.0134 2716 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:20:22.0196 2716 usbscan - ok
12:20:22.0212 2716 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:20:22.0384 2716 USBSTOR - ok
12:20:22.0430 2716 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:20:22.0571 2716 usbuhci - ok
12:20:22.0649 2716 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:20:22.0742 2716 usbvideo - ok
12:20:22.0774 2716 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:20:22.0836 2716 UxSms - ok
12:20:22.0852 2716 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:20:22.0883 2716 VaultSvc - ok
12:20:22.0914 2716 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:20:22.0930 2716 vdrvroot - ok
12:20:22.0992 2716 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:20:23.0101 2716 vds - ok
12:20:23.0148 2716 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:20:23.0164 2716 vga - ok
12:20:23.0179 2716 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:20:23.0273 2716 VgaSave - ok
12:20:23.0320 2716 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:20:23.0398 2716 vhdmp - ok
12:20:23.0444 2716 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:20:23.0460 2716 viaide - ok
12:20:23.0491 2716 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:20:23.0585 2716 volmgr - ok
12:20:23.0632 2716 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:20:23.0694 2716 volmgrx - ok
12:20:23.0725 2716 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:20:23.0788 2716 volsnap - ok
12:20:23.0819 2716 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:20:23.0850 2716 vsmraid - ok
12:20:23.0944 2716 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:20:24.0100 2716 VSS - ok
12:20:24.0115 2716 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:20:24.0178 2716 vwifibus - ok
12:20:24.0224 2716 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:20:24.0271 2716 vwififlt - ok
12:20:24.0318 2716 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:20:24.0396 2716 W32Time - ok
12:20:24.0443 2716 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:20:24.0474 2716 WacomPen - ok
12:20:24.0536 2716 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:20:24.0677 2716 WANARP - ok
12:20:24.0692 2716 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:20:24.0724 2716 Wanarpv6 - ok
12:20:24.0786 2716 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:20:24.0911 2716 WatAdminSvc - ok
12:20:24.0989 2716 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:20:25.0114 2716 wbengine - ok
12:20:25.0145 2716 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:20:25.0192 2716 WbioSrvc - ok
12:20:25.0254 2716 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:20:25.0379 2716 wcncsvc - ok
12:20:25.0441 2716 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:20:25.0488 2716 WcsPlugInService - ok
12:20:25.0504 2716 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:20:25.0535 2716 Wd - ok
12:20:25.0566 2716 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:20:25.0613 2716 Wdf01000 - ok
12:20:25.0644 2716 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:20:25.0738 2716 WdiServiceHost - ok
12:20:25.0753 2716 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:20:25.0784 2716 WdiSystemHost - ok
12:20:25.0847 2716 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:20:25.0972 2716 WebClient - ok
12:20:26.0003 2716 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:20:26.0128 2716 Wecsvc - ok
12:20:26.0159 2716 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:20:26.0206 2716 wercplsupport - ok
12:20:26.0221 2716 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:20:26.0315 2716 WerSvc - ok
12:20:26.0346 2716 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:20:26.0424 2716 WfpLwf - ok
12:20:26.0471 2716 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
12:20:26.0564 2716 WimFltr - ok
12:20:26.0580 2716 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:20:26.0596 2716 WIMMount - ok
12:20:26.0611 2716 WinDefend - ok
12:20:26.0627 2716 WinHttpAutoProxySvc - ok
12:20:26.0674 2716 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:20:26.0767 2716 Winmgmt - ok
12:20:26.0861 2716 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:20:27.0017 2716 WinRM - ok
12:20:27.0095 2716 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:20:27.0204 2716 WinUsb - ok
12:20:27.0251 2716 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:20:27.0329 2716 Wlansvc - ok
12:20:27.0454 2716 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:20:28.0327 2716 wlcrasvc - ok
12:20:28.0483 2716 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:20:28.0592 2716 wlidsvc - ok
12:20:28.0655 2716 [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
12:20:28.0686 2716 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
12:20:28.0686 2716 wltrysvc - detected UnsignedFile.Multi.Generic (1)
12:20:28.0764 2716 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:20:28.0795 2716 WmiAcpi - ok
12:20:28.0842 2716 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:20:28.0904 2716 wmiApSrv - ok
12:20:28.0951 2716 WMPNetworkSvc - ok
12:20:28.0998 2716 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:20:29.0045 2716 WPCSvc - ok
12:20:29.0107 2716 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:20:29.0201 2716 WPDBusEnum - ok
12:20:29.0248 2716 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:20:29.0310 2716 ws2ifsl - ok
12:20:29.0357 2716 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
12:20:29.0419 2716 wscsvc - ok
12:20:29.0419 2716 WSearch - ok
12:20:29.0528 2716 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:20:29.0606 2716 wuauserv - ok
12:20:29.0638 2716 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:20:29.0778 2716 WudfPf - ok
12:20:29.0872 2716 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:20:29.0981 2716 WUDFRd - ok
12:20:30.0043 2716 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:20:30.0074 2716 wudfsvc - ok
12:20:30.0121 2716 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:20:30.0184 2716 WwanSvc - ok
12:20:30.0262 2716 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
12:20:30.0324 2716 yukonw7 - ok
12:20:30.0371 2716 ================ Scan global ===============================
12:20:30.0402 2716 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:20:30.0449 2716 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:20:30.0464 2716 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:20:30.0511 2716 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:20:30.0558 2716 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:20:30.0558 2716 [Global] - ok
12:20:30.0558 2716 ================ Scan MBR ==================================
12:20:30.0589 2716 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
12:20:30.0979 2716 \Device\Harddisk0\DR0 - ok
12:20:30.0979 2716 ================ Scan VBR ==================================
12:20:31.0010 2716 [ 844C807994E1622088C74B59ACA5FB41 ] \Device\Harddisk0\DR0\Partition1
12:20:31.0010 2716 \Device\Harddisk0\DR0\Partition1 - ok
12:20:31.0026 2716 [ EEA4D12AA54C36C0EFDE1D90AF15EF89 ] \Device\Harddisk0\DR0\Partition2
12:20:31.0042 2716 \Device\Harddisk0\DR0\Partition2 - ok
12:20:31.0042 2716 ============================================================
12:20:31.0042 2716 Scan finished
12:20:31.0042 2716 ============================================================
12:20:31.0057 2832 Detected object count: 2
12:20:31.0057 2832 Actual detected object count: 2
12:20:42.0461 2832 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
12:20:42.0461 2832 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:20:42.0461 2832 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:20:42.0461 2832 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip


----------



## Mark1956 (May 7, 2011)

TDSSKiller did not find any problems.

Please go here: http://www.dell.com/support/drivers/us/en/19/Product/inspiron-1545

Under Operating System select Windows 7 64bit.

Click on the button next to Serial ATA and download the last three drivers in the list for Intel and save them to your desktop. Then launch each driver to install it.

Please follow the instructions in post 8 to run and post an SFC log.


----------



## skyla07 (Nov 3, 2012)

How exactly do I install the drivers? I have dl'd them from the Dell website and saved them to my desktop, and extracted the files. When I click on the IaStor.sys to start downloading them, it says that windows cannot open the file. Is there an easy way to install these?


----------



## skyla07 (Nov 3, 2012)

Okay, so the 3rd driver file I could not open. The 4th one in the list I did, and it worked, and I restarted the computer. When I did the last one from the list, it started out okay, but then it gave me an error sign when it started to copy the files. The error message said "file copying was not successful, setup will exit". Not sure if you want me to go ahead and do the sfc now or wait. By the way, I really appreciate your help!


----------



## Mark1956 (May 7, 2011)

You're welcome.

The downloads are all .exe files and should not be extracted, all you do is double click on each one.

Once all are installed do the SFC.


----------



## skyla07 (Nov 3, 2012)

Every time I double click them, they ask me where I want to extract the files to, so I just put them on the desktop. I don't know why it's asking me that if they shouldn't be unzipped.


----------



## skyla07 (Nov 3, 2012)

Even after extracting and running all of them, only the second to last on the list would let me install it. The first one says its a .sys file, and I can't DL it, the last one gives me that error message when I get to the copying files part.


----------



## skyla07 (Nov 3, 2012)

Okay, I realized what the problem was. When I would click the back button after looking at the download, it would revert back to Windows Vista 32-bit. I made sure that all 3 that I downloaded were for Windows 7 64-bit. The first 2 worked, and the last one said that it was a copy of another file that I had already downloaded. I overwrote it anyway, and it gave me the same problem about the .sys file. So I haven't been able to download that one. Should I proceed to do the SFC anyway?


----------



## Mark1956 (May 7, 2011)

Ok, sounds like you have gone as far as you can with those updates, I did notice that two of them have the same version number so that could be the cause of the issue.

Yes, please continue with running SFC.


----------



## skyla07 (Nov 3, 2012)

Okay, here is what it said:

"0 kb in bad sectors"

"Correcting errors in the master file tables (MFT) BITMAP attribute. CHKDSK discovered free space marked as allocated in the volume bitmap. Windows has made corrections to the file system."


----------



## Mark1956 (May 7, 2011)

That is a good result from the Disc Check and it has made some important corrections. Please now run the System File Checker and post the log.


----------



## skyla07 (Nov 3, 2012)

I am so sorry! I totally read that wrong. Okay, so here is what you wanted, the SFC log:

2012-11-01 22:14:36, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:14:36, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2012-11-01 22:14:50, Info CSI 0000000c [SR] Verify complete
2012-11-01 22:14:50, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:14:50, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2012-11-01 22:15:00, Info CSI 00000010 [SR] Verify complete
2012-11-01 22:15:00, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:15:01, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2012-11-01 22:15:13, Info CSI 00000014 [SR] Verify complete
2012-11-01 22:15:13, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:15:13, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2012-11-01 22:15:44, Info CSI 00000018 [SR] Verify complete
2012-11-01 22:15:44, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:15:44, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2012-11-01 22:16:06, Info CSI 0000001c [SR] Verify complete
2012-11-01 22:16:07, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:16:07, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2012-11-01 22:16:32, Info CSI 00000020 [SR] Verify complete
2012-11-01 22:16:33, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:16:33, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2012-11-01 22:16:52, Info CSI 00000024 [SR] Verify complete
2012-11-01 22:16:52, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:16:52, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2012-11-01 22:17:24, Info CSI 00000028 [SR] Verify complete
2012-11-01 22:17:24, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:17:24, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2012-11-01 22:17:37, Info CSI 0000002c [SR] Verify complete
2012-11-01 22:17:37, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:17:37, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2012-11-01 22:17:50, Info CSI 00000030 [SR] Verify complete
2012-11-01 22:17:52, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:17:52, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2012-11-01 22:18:08, Info CSI 00000035 [SR] Verify complete
2012-11-01 22:18:08, Info CSI 00000036 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:18:08, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2012-11-01 22:18:31, Info CSI 00000039 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-01 22:18:47, Info CSI 0000003c [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-01 22:18:47, Info CSI 0000003d [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-01 22:18:47, Info CSI 00000040 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2012-11-01 22:18:48, Info CSI 00000042 [SR] Verify complete
2012-11-01 22:18:48, Info CSI 00000043 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:18:48, Info CSI 00000044 [SR] Beginning Verify and Repair transaction
2012-11-01 22:19:00, Info CSI 00000048 [SR] Verify complete
2012-11-01 22:19:01, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:19:01, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2012-11-01 22:19:12, Info CSI 0000004d [SR] Verify complete
2012-11-01 22:19:12, Info CSI 0000004e [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:19:12, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2012-11-01 22:19:25, Info CSI 00000051 [SR] Verify complete
2012-11-01 22:19:25, Info CSI 00000052 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:19:25, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2012-11-01 22:19:39, Info CSI 00000075 [SR] Verify complete
2012-11-01 22:19:39, Info CSI 00000076 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:19:39, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
2012-11-01 22:19:49, Info CSI 0000007c [SR] Verify complete
2012-11-01 22:19:49, Info CSI 0000007d [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:19:49, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
2012-11-01 22:19:59, Info CSI 00000080 [SR] Verify complete
2012-11-01 22:19:59, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:19:59, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2012-11-01 22:20:09, Info CSI 00000084 [SR] Verify complete
2012-11-01 22:20:09, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:20:09, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2012-11-01 22:20:17, Info CSI 00000088 [SR] Verify complete
2012-11-01 22:20:17, Info CSI 00000089 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:20:17, Info CSI 0000008a [SR] Beginning Verify and Repair transaction
2012-11-01 22:20:28, Info CSI 0000008c [SR] Verify complete
2012-11-01 22:20:28, Info CSI 0000008d [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:20:28, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
2012-11-01 22:20:43, Info CSI 000000b1 [SR] Verify complete
2012-11-01 22:20:43, Info CSI 000000b2 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:20:43, Info CSI 000000b3 [SR] Beginning Verify and Repair transaction
2012-11-01 22:20:56, Info CSI 000000b5 [SR] Verify complete
2012-11-01 22:20:56, Info CSI 000000b6 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:20:56, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction
2012-11-01 22:21:18, Info CSI 000000b9 [SR] Verify complete
2012-11-01 22:21:18, Info CSI 000000ba [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:21:18, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2012-11-01 22:21:31, Info CSI 000000bf [SR] Verify complete
2012-11-01 22:21:32, Info CSI 000000c0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:21:32, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction
2012-11-01 22:21:40, Info CSI 000000c3 [SR] Verify complete
2012-11-01 22:21:40, Info CSI 000000c4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:21:40, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction
2012-11-01 22:21:45, Info CSI 000000c7 [SR] Verify complete
2012-11-01 22:21:45, Info CSI 000000c8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:21:45, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
2012-11-01 22:22:04, Info CSI 000000d7 [SR] Verify complete
2012-11-01 22:22:04, Info CSI 000000d8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:22:04, Info CSI 000000d9 [SR] Beginning Verify and Repair transaction
2012-11-01 22:22:20, Info CSI 000000e0 [SR] Verify complete
2012-11-01 22:22:20, Info CSI 000000e1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:22:20, Info CSI 000000e2 [SR] Beginning Verify and Repair transaction
2012-11-01 22:22:30, Info CSI 000000e4 [SR] Verify complete
2012-11-01 22:22:30, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:22:30, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2012-11-01 22:22:43, Info CSI 000000e8 [SR] Verify complete
2012-11-01 22:22:44, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:22:44, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2012-11-01 22:22:51, Info CSI 000000ec [SR] Verify complete
2012-11-01 22:22:51, Info CSI 000000ed [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:22:51, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
2012-11-01 22:23:04, Info CSI 000000f2 [SR] Verify complete
2012-11-01 22:23:04, Info CSI 000000f3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:23:04, Info CSI 000000f4 [SR] Beginning Verify and Repair transaction
2012-11-01 22:23:12, Info CSI 000000f6 [SR] Verify complete
2012-11-01 22:23:13, Info CSI 000000f7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:23:13, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction
2012-11-01 22:23:17, Info CSI 000000fa [SR] Verify complete
2012-11-01 22:23:17, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:23:17, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2012-11-01 22:23:29, Info CSI 000000fe [SR] Verify complete
2012-11-01 22:23:29, Info CSI 000000ff [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:23:29, Info CSI 00000100 [SR] Beginning Verify and Repair transaction
2012-11-01 22:23:38, Info CSI 00000102 [SR] Verify complete
2012-11-01 22:23:38, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:23:38, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2012-11-01 22:23:47, Info CSI 00000106 [SR] Verify complete
2012-11-01 22:23:47, Info CSI 00000107 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:23:47, Info CSI 00000108 [SR] Beginning Verify and Repair transaction
2012-11-01 22:24:01, Info CSI 00000112 [SR] Verify complete
2012-11-01 22:24:02, Info CSI 00000113 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:24:02, Info CSI 00000114 [SR] Beginning Verify and Repair transaction
2012-11-01 22:24:13, Info CSI 00000124 [SR] Verify complete
2012-11-01 22:24:13, Info CSI 00000125 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:24:13, Info CSI 00000126 [SR] Beginning Verify and Repair transaction
2012-11-01 22:24:24, Info CSI 00000128 [SR] Verify complete
2012-11-01 22:24:25, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:24:25, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
2012-11-01 22:25:02, Info CSI 0000012c [SR] Verify complete
2012-11-01 22:25:03, Info CSI 0000012d [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:25:03, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
2012-11-01 22:25:36, Info CSI 00000131 [SR] Verify complete
2012-11-01 22:25:36, Info CSI 00000132 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:25:36, Info CSI 00000133 [SR] Beginning Verify and Repair transaction
2012-11-01 22:25:47, Info CSI 00000135 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-01 22:25:51, Info CSI 00000137 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-01 22:25:51, Info CSI 00000138 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-01 22:25:51, Info CSI 0000013b [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2012-11-01 22:25:51, Info CSI 0000013d [SR] Verify complete
2012-11-01 22:25:51, Info CSI 0000013e [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:25:51, Info CSI 0000013f [SR] Beginning Verify and Repair transaction
2012-11-01 22:26:02, Info CSI 00000141 [SR] Verify complete
2012-11-01 22:26:02, Info CSI 00000142 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:26:02, Info CSI 00000143 [SR] Beginning Verify and Repair transaction
2012-11-01 22:26:11, Info CSI 00000145 [SR] Verify complete
2012-11-01 22:26:11, Info CSI 00000146 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:26:11, Info CSI 00000147 [SR] Beginning Verify and Repair transaction
2012-11-01 22:26:24, Info CSI 0000014b [SR] Verify complete
2012-11-01 22:26:24, Info CSI 0000014c [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:26:24, Info CSI 0000014d [SR] Beginning Verify and Repair transaction
2012-11-01 22:26:44, Info CSI 0000014f [SR] Verify complete
2012-11-01 22:26:44, Info CSI 00000150 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:26:44, Info CSI 00000151 [SR] Beginning Verify and Repair transaction
2012-11-01 22:26:56, Info CSI 00000154 [SR] Verify complete
2012-11-01 22:26:56, Info CSI 00000155 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:26:56, Info CSI 00000156 [SR] Beginning Verify and Repair transaction
2012-11-01 22:27:05, Info CSI 00000158 [SR] Verify complete
2012-11-01 22:27:06, Info CSI 00000159 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:27:06, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
2012-11-01 22:27:16, Info CSI 0000015d [SR] Verify complete
2012-11-01 22:27:17, Info CSI 0000015e [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:27:17, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2012-11-01 22:27:33, Info CSI 00000162 [SR] Verify complete
2012-11-01 22:27:34, Info CSI 00000163 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:27:34, Info CSI 00000164 [SR] Beginning Verify and Repair transaction
2012-11-01 22:27:43, Info CSI 00000166 [SR] Verify complete
2012-11-01 22:27:43, Info CSI 00000167 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:27:43, Info CSI 00000168 [SR] Beginning Verify and Repair transaction
2012-11-01 22:27:52, Info CSI 0000016a [SR] Verify complete
2012-11-01 22:27:52, Info CSI 0000016b [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:27:52, Info CSI 0000016c [SR] Beginning Verify and Repair transaction
2012-11-01 22:28:00, Info CSI 0000016e [SR] Verify complete
2012-11-01 22:28:01, Info CSI 0000016f [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:28:01, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2012-11-01 22:28:19, Info CSI 00000173 [SR] Verify complete
2012-11-01 22:28:19, Info CSI 00000174 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:28:19, Info CSI 00000175 [SR] Beginning Verify and Repair transaction
2012-11-01 22:28:27, Info CSI 00000177 [SR] Verify complete
2012-11-01 22:28:28, Info CSI 00000178 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:28:28, Info CSI 00000179 [SR] Beginning Verify and Repair transaction
2012-11-01 22:28:42, Info CSI 0000017c [SR] Verify complete
2012-11-01 22:28:42, Info CSI 0000017d [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:28:42, Info CSI 0000017e [SR] Beginning Verify and Repair transaction
2012-11-01 22:28:53, Info CSI 00000180 [SR] Verify complete
2012-11-01 22:28:53, Info CSI 00000181 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:28:53, Info CSI 00000182 [SR] Beginning Verify and Repair transaction
2012-11-01 22:29:03, Info CSI 00000186 [SR] Verify complete
2012-11-01 22:29:04, Info CSI 00000187 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:29:04, Info CSI 00000188 [SR] Beginning Verify and Repair transaction
2012-11-01 22:29:16, Info CSI 0000018a [SR] Verify complete
2012-11-01 22:29:17, Info CSI 0000018b [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:29:17, Info CSI 0000018c [SR] Beginning Verify and Repair transaction
2012-11-01 22:29:31, Info CSI 0000018f [SR] Verify complete
2012-11-01 22:29:32, Info CSI 00000190 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:29:32, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
2012-11-01 22:29:42, Info CSI 00000193 [SR] Verify complete
2012-11-01 22:29:42, Info CSI 00000194 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:29:42, Info CSI 00000195 [SR] Beginning Verify and Repair transaction
2012-11-01 22:29:45, Info CSI 00000197 [SR] Verify complete
2012-11-01 22:29:46, Info CSI 00000198 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:29:46, Info CSI 00000199 [SR] Beginning Verify and Repair transaction
2012-11-01 22:29:54, Info CSI 0000019b [SR] Verify complete
2012-11-01 22:29:54, Info CSI 0000019c [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:29:54, Info CSI 0000019d [SR] Beginning Verify and Repair transaction
2012-11-01 22:30:04, Info CSI 0000019f [SR] Verify complete
2012-11-01 22:30:05, Info  CSI 000001a0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:30:05, Info CSI 000001a1 [SR] Beginning Verify and Repair transaction
2012-11-01 22:30:15, Info CSI 000001a3 [SR] Verify complete
2012-11-01 22:30:16, Info CSI 000001a4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:30:16, Info CSI 000001a5 [SR] Beginning Verify and Repair transaction
2012-11-01 22:30:23, Info CSI 000001a7 [SR] Verify complete
2012-11-01 22:30:24, Info CSI 000001a8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:30:24, Info CSI 000001a9 [SR] Beginning Verify and Repair transaction
2012-11-01 22:30:33, Info CSI 000001ab [SR] Verify complete
2012-11-01 22:30:33, Info CSI 000001ac [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:30:33, Info CSI 000001ad [SR] Beginning Verify and Repair transaction
2012-11-01 22:31:08, Info CSI 000001af [SR] Verify complete
2012-11-01 22:31:08, Info CSI 000001b0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:31:08, Info CSI 000001b1 [SR] Beginning Verify and Repair transaction
2012-11-01 22:31:54, Info CSI 000001b3 [SR] Verify complete
2012-11-01 22:31:55, Info CSI 000001b4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:31:55, Info CSI 000001b5 [SR] Beginning Verify and Repair transaction
2012-11-01 22:32:10, Info CSI 000001b7 [SR] Verify complete
2012-11-01 22:32:10, Info CSI 000001b8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:32:10, Info CSI 000001b9 [SR] Beginning Verify and Repair transaction
2012-11-01 22:32:18, Info CSI 000001bb [SR] Verify complete
2012-11-01 22:32:18, Info CSI 000001bc [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:32:18, Info CSI 000001bd [SR] Beginning Verify and Repair transaction
2012-11-01 22:32:23, Info CSI 000001bf [SR] Verify complete
2012-11-01 22:32:24, Info CSI 000001c0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:32:24, Info CSI 000001c1 [SR] Beginning Verify and Repair transaction
2012-11-01 22:32:32, Info CSI 000001c3 [SR] Verify complete
2012-11-01 22:32:32, Info CSI 000001c4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:32:32, Info CSI 000001c5 [SR] Beginning Verify and Repair transaction
2012-11-01 22:32:45, Info CSI 000001c7 [SR] Verify complete
2012-11-01 22:32:46, Info CSI 000001c8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:32:46, Info CSI 000001c9 [SR] Beginning Verify and Repair transaction
2012-11-01 22:32:57, Info CSI 000001d1 [SR] Verify complete
2012-11-01 22:32:57, Info CSI 000001d2 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:32:57, Info CSI 000001d3 [SR] Beginning Verify and Repair transaction
2012-11-01 22:33:04, Info CSI 000001d5 [SR] Verify complete
2012-11-01 22:33:05, Info CSI 000001d6 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:33:05, Info CSI 000001d7 [SR] Beginning Verify and Repair transaction
2012-11-01 22:33:12, Info CSI 000001d9 [SR] Verify complete
2012-11-01 22:33:13, Info CSI 000001da [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:33:13, Info CSI 000001db [SR] Beginning Verify and Repair transaction
2012-11-01 22:33:19, Info CSI 000001dd [SR] Verify complete
2012-11-01 22:33:20, Info CSI 000001de [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:33:20, Info CSI 000001df [SR] Beginning Verify and Repair transaction
2012-11-01 22:33:33, Info CSI 000001e2 [SR] Verify complete
2012-11-01 22:33:33, Info CSI 000001e3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:33:33, Info CSI 000001e4 [SR] Beginning Verify and Repair transaction
2012-11-01 22:33:43, Info CSI 000001e6 [SR] Verify complete
2012-11-01 22:33:43, Info CSI 000001e7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:33:43, Info CSI 000001e8 [SR] Beginning Verify and Repair transaction
2012-11-01 22:33:48, Info CSI 000001ea [SR] Verify complete
2012-11-01 22:33:48, Info CSI 000001eb [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:33:48, Info CSI 000001ec [SR] Beginning Verify and Repair transaction
2012-11-01 22:33:59, Info CSI 000001ee [SR] Verify complete
2012-11-01 22:33:59, Info CSI 000001ef [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:33:59, Info CSI 000001f0 [SR] Beginning Verify and Repair transaction
2012-11-01 22:34:20, Info CSI 000001f5 [SR] Verify complete
2012-11-01 22:34:20, Info CSI 000001f6 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:34:20, Info CSI 000001f7 [SR] Beginning Verify and Repair transaction
2012-11-01 22:34:39, Info CSI 000001fc [SR] Verify complete
2012-11-01 22:34:40, Info CSI 000001fd [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:34:40, Info CSI 000001fe [SR] Beginning Verify and Repair transaction
2012-11-01 22:34:53, Info CSI 00000202 [SR] Verify complete
2012-11-01 22:34:53, Info CSI 00000203 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:34:53, Info CSI 00000204 [SR] Beginning Verify and Repair transaction
2012-11-01 22:35:06, Info CSI 0000020f [SR] Verify complete
2012-11-01 22:35:07, Info CSI 00000210 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:35:07, Info CSI 00000211 [SR] Beginning Verify and Repair transaction
2012-11-01 22:35:17, Info CSI 00000216 [SR] Verify complete
2012-11-01 22:35:18, Info CSI 00000217 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:35:18, Info CSI 00000218 [SR] Beginning Verify and Repair transaction
2012-11-01 22:35:26, Info CSI 0000021a [SR] Verify complete
2012-11-01 22:35:27, Info CSI 0000021b [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:35:27, Info CSI 0000021c [SR] Beginning Verify and Repair transaction
2012-11-01 22:35:36, Info CSI 00000220 [SR] Verify complete
2012-11-01 22:35:36, Info CSI 00000221 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:35:36, Info CSI 00000222 [SR] Beginning Verify and Repair transaction
2012-11-01 22:35:45, Info CSI 00000238 [SR] Verify complete
2012-11-01 22:35:46, Info CSI 00000239 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:35:46, Info CSI 0000023a [SR] Beginning Verify and Repair transaction
2012-11-01 22:35:54, Info CSI 0000024b [SR] Verify complete
2012-11-01 22:35:55, Info CSI 0000024c [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:35:55, Info CSI 0000024d [SR] Beginning Verify and Repair transaction
2012-11-01 22:36:03, Info CSI 0000024f [SR] Verify complete
2012-11-01 22:36:03, Info CSI 00000250 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:36:03, Info CSI 00000251 [SR] Beginning Verify and Repair transaction
2012-11-01 22:36:12, Info CSI 00000253 [SR] Verify complete
2012-11-01 22:36:12, Info CSI 00000254 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:36:12, Info CSI 00000255 [SR] Beginning Verify and Repair transaction
2012-11-01 22:36:21, Info CSI 00000263 [SR] Verify complete
2012-11-01 22:36:21, Info CSI 00000264 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:36:21, Info CSI 00000265 [SR] Beginning Verify and Repair transaction
2012-11-01 22:36:39, Info CSI 00000267 [SR] Verify complete
2012-11-01 22:36:39, Info CSI 00000268 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:36:39, Info CSI 00000269 [SR] Beginning Verify and Repair transaction
2012-11-01 22:36:50, Info CSI 00000277 [SR] Verify complete
2012-11-01 22:36:50, Info CSI 00000278 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:36:50, Info CSI 00000279 [SR] Beginning Verify and Repair transaction
2012-11-01 22:36:56, Info CSI 0000027b [SR] Verify complete
2012-11-01 22:36:56, Info CSI 0000027c [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:36:56, Info CSI 0000027d [SR] Beginning Verify and Repair transaction
2012-11-01 22:37:05, Info CSI 0000027f [SR] Verify complete
2012-11-01 22:37:06, Info CSI 00000280 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:37:06, Info CSI 00000281 [SR] Beginning Verify and Repair transaction
2012-11-01 22:37:15, Info CSI 00000284 [SR] Verify complete
2012-11-01 22:37:15, Info CSI 00000285 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:37:15, Info CSI 00000286 [SR] Beginning Verify and Repair transaction
2012-11-01 22:37:19, Info CSI 00000288 [SR] Verify complete
2012-11-01 22:37:20, Info CSI 00000289 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:37:20, Info CSI 0000028a [SR] Beginning Verify and Repair transaction
2012-11-01 22:37:32, Info CSI 0000028c [SR] Verify complete
2012-11-01 22:37:33, Info CSI 0000028d [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:37:33, Info CSI 0000028e [SR] Beginning Verify and Repair transaction
2012-11-01 22:37:46, Info CSI 00000290 [SR] Verify complete
2012-11-01 22:37:47, Info CSI 00000291 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:37:47, Info CSI 00000292 [SR] Beginning Verify and Repair transaction
2012-11-01 22:38:00, Info CSI 00000299 [SR] Verify complete
2012-11-01 22:38:00, Info CSI 0000029a [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:38:00, Info  CSI 0000029b [SR] Beginning Verify and Repair transaction
2012-11-01 22:38:10, Info CSI 000002b0 [SR] Verify complete
2012-11-01 22:38:11, Info CSI 000002b1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:38:11, Info CSI 000002b2 [SR] Beginning Verify and Repair transaction
2012-11-01 22:38:35, Info CSI 000002b4 [SR] Verify complete
2012-11-01 22:38:36, Info CSI 000002b5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:38:36, Info CSI 000002b6 [SR] Beginning Verify and Repair transaction
2012-11-01 22:38:47, Info CSI 000002b8 [SR] Verify complete
2012-11-01 22:38:47, Info CSI 000002b9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:38:47, Info CSI 000002ba [SR] Beginning Verify and Repair transaction
2012-11-01 22:38:55, Info CSI 000002bd [SR] Verify complete
2012-11-01 22:38:55, Info CSI 000002be [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:38:55, Info CSI 000002bf [SR] Beginning Verify and Repair transaction
2012-11-01 22:39:02, Info CSI 000002c2 [SR] Verify complete
2012-11-01 22:39:02, Info CSI 000002c3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:39:02, Info CSI 000002c4 [SR] Beginning Verify and Repair transaction
2012-11-01 22:39:09, Info CSI 000002c6 [SR] Verify complete
2012-11-01 22:39:09, Info CSI 000002c7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:39:09, Info CSI 000002c8 [SR] Beginning Verify and Repair transaction
2012-11-01 22:39:18, Info CSI 000002ca [SR] Verify complete
2012-11-01 22:39:19, Info CSI 000002cb [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:39:19, Info CSI 000002cc [SR] Beginning Verify and Repair transaction
2012-11-01 22:39:26, Info CSI 000002cf [SR] Verify complete
2012-11-01 22:39:27, Info CSI 000002d0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:39:27, Info CSI 000002d1 [SR] Beginning Verify and Repair transaction
2012-11-01 22:39:34, Info CSI 000002d3 [SR] Verify complete
2012-11-01 22:39:34, Info CSI 000002d4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:39:34, Info CSI 000002d5 [SR] Beginning Verify and Repair transaction
2012-11-01 22:39:43, Info CSI 000002d7 [SR] Verify complete
2012-11-01 22:39:43, Info CSI 000002d8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:39:43, Info CSI 000002d9 [SR] Beginning Verify and Repair transaction
2012-11-01 22:39:54, Info CSI 000002db [SR] Verify complete
2012-11-01 22:39:54, Info CSI 000002dc [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:39:54, Info CSI 000002dd [SR] Beginning Verify and Repair transaction
2012-11-01 22:40:06, Info CSI 000002e0 [SR] Verify complete
2012-11-01 22:40:07, Info CSI 000002e1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:40:07, Info CSI 000002e2 [SR] Beginning Verify and Repair transaction
2012-11-01 22:40:11, Info CSI 000002e4 [SR] Verify complete
2012-11-01 22:40:12, Info CSI 000002e5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:40:12, Info CSI 000002e6 [SR] Beginning Verify and Repair transaction
2012-11-01 22:40:21, Info CSI 000002e8 [SR] Verify complete
2012-11-01 22:40:21, Info CSI 000002e9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:40:21, Info CSI 000002ea [SR] Beginning Verify and Repair transaction
2012-11-01 22:40:30, Info CSI 000002ec [SR] Verify complete
2012-11-01 22:40:30, Info CSI 000002ed [SR] Verifying 100 (0x0000000000000064) components
2012-11-01 22:40:30, Info CSI 000002ee [SR] Beginning Verify and Repair transaction
2012-11-01 22:40:41, Info CSI 000002f0 [SR] Verify complete
2012-11-01 22:40:41, Info CSI 000002f1 [SR] Verifying 24 (0x0000000000000018) components
2012-11-01 22:40:41, Info CSI 000002f2 [SR] Beginning Verify and Repair transaction
2012-11-01 22:40:43, Info CSI 000002f4 [SR] Verify complete
2012-11-01 22:40:43, Info CSI 000002f5 [SR] Repairing 2 components
2012-11-01 22:40:43, Info CSI 000002f6 [SR] Beginning Verify and Repair transaction
2012-11-01 22:40:43, Info CSI 000002f8 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-01 22:40:43, Info CSI 000002fa [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-01 22:40:43, Info CSI 000002fc [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-01 22:40:43, Info CSI 000002fd [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-01 22:40:43, Info CSI 00000300 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2012-11-01 22:40:43, Info CSI 00000302 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-01 22:40:43, Info CSI 00000303 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-01 22:40:43, Info CSI 00000306 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2012-11-01 22:40:43, Info CSI 00000308 [SR] Repair complete
2012-11-01 22:40:43, Info CSI 00000309 [SR] Committing transaction
2012-11-01 22:40:43, Info CSI 0000030d [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
2012-11-05 18:14:45, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:14:45, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2012-11-05 18:14:49, Info CSI 0000000c [SR] Verify complete
2012-11-05 18:14:50, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:14:50, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2012-11-05 18:14:53, Info CSI 00000010 [SR] Verify complete
2012-11-05 18:14:54, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:14:54, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2012-11-05 18:14:57, Info CSI 00000014 [SR] Verify complete
2012-11-05 18:14:58, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:14:58, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2012-11-05 18:15:03, Info CSI 00000018 [SR] Verify complete
2012-11-05 18:15:04, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:15:04, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2012-11-05 18:15:10, Info CSI 0000001c [SR] Verify complete
2012-11-05 18:15:11, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:15:11, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2012-11-05 18:15:16, Info CSI 00000020 [SR] Verify complete
2012-11-05 18:15:17, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:15:17, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2012-11-05 18:15:21, Info CSI 00000024 [SR] Verify complete
2012-11-05 18:15:21, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:15:21, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2012-11-05 18:15:28, Info CSI 00000028 [SR] Verify complete
2012-11-05 18:15:28, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:15:28, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2012-11-05 18:15:33, Info CSI 0000002c [SR] Verify complete
2012-11-05 18:15:34, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:15:34, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2012-11-05 18:15:36, Info CSI 00000030 [SR] Verify complete
2012-11-05 18:15:36, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:15:36, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2012-11-05 18:15:42, Info CSI 00000035 [SR] Verify complete
2012-11-05 18:15:42, Info CSI 00000036 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:15:42, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2012-11-05 18:15:48, Info CSI 00000039 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-05 18:15:51, Info CSI 0000003c [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-05 18:15:51, Info CSI 0000003d [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-05 18:15:51, Info CSI 00000040 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2012-11-05 18:15:52, Info CSI 00000042 [SR] Verify complete
2012-11-05 18:15:52, Info CSI 00000043 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:15:52, Info CSI 00000044 [SR] Beginning Verify and Repair transaction
2012-11-05 18:15:58, Info CSI 00000048 [SR] Verify complete
2012-11-05 18:15:59, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:15:59, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2012-11-05 18:16:05, Info CSI 0000004d [SR] Verify complete
2012-11-05 18:16:06, Info CSI 0000004e [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:16:06, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2012-11-05 18:16:14, Info CSI 00000051 [SR] Verify complete
2012-11-05 18:16:14, Info CSI 00000052 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:16:14, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2012-11-05 18:16:25, Info CSI 00000075 [SR] Verify complete
2012-11-05 18:16:25, Info CSI 00000076 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:16:25, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
2012-11-05 18:16:33, Info CSI 0000007c [SR] Verify complete
2012-11-05 18:16:34, Info CSI 0000007d [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:16:34, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
2012-11-05 18:16:41, Info CSI 00000080 [SR] Verify complete
2012-11-05 18:16:41, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:16:41, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2012-11-05 18:16:50, Info CSI 00000084 [SR] Verify complete
2012-11-05 18:16:50, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:16:50, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2012-11-05 18:16:57, Info CSI 00000088 [SR] Verify complete
2012-11-05 18:16:58, Info CSI 00000089 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:16:58, Info CSI 0000008a [SR] Beginning Verify and Repair transaction
2012-11-05 18:17:07, Info CSI 0000008c [SR] Verify complete
2012-11-05 18:17:07, Info CSI 0000008d [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:17:07, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
2012-11-05 18:17:19, Info CSI 000000b1 [SR] Verify complete
2012-11-05 18:17:20, Info CSI 000000b2 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:17:20, Info CSI 000000b3 [SR] Beginning Verify and Repair transaction
2012-11-05 18:17:31, Info CSI 000000b5 [SR] Verify complete
2012-11-05 18:17:31, Info CSI 000000b6 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:17:31, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction
2012-11-05 18:17:49, Info CSI 000000b9 [SR] Verify complete
2012-11-05 18:17:49, Info CSI 000000ba [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:17:49, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2012-11-05 18:18:00, Info CSI 000000bf [SR] Verify complete
2012-11-05 18:18:00, Info CSI 000000c0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:18:00, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction
2012-11-05 18:18:03, Info CSI 000000c3 [SR] Verify complete
2012-11-05 18:18:03, Info CSI 000000c4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:18:03, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction
2012-11-05 18:18:04, Info CSI 000000c7 [SR] Verify complete
2012-11-05 18:18:05, Info CSI 000000c8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:18:05, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
2012-11-05 18:18:15, Info CSI 000000d7 [SR] Verify complete
2012-11-05 18:18:15, Info CSI 000000d8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:18:15, Info CSI 000000d9 [SR] Beginning Verify and Repair transaction
2012-11-05 18:18:22, Info CSI 000000e0 [SR] Verify complete
2012-11-05 18:18:22, Info CSI 000000e1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:18:22, Info CSI 000000e2 [SR] Beginning Verify and Repair transaction
2012-11-05 18:18:31, Info CSI 000000e4 [SR] Verify complete
2012-11-05 18:18:31, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:18:31, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2012-11-05 18:18:47, Info CSI 000000e8 [SR] Verify complete
2012-11-05 18:18:47, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:18:47, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2012-11-05 18:19:03, Info CSI 000000ec [SR] Verify complete
2012-11-05 18:19:04, Info CSI 000000ed [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:19:04, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
2012-11-05 18:19:37, Info CSI 000000f2 [SR] Verify complete
2012-11-05 18:19:37, Info CSI 000000f3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:19:37, Info CSI 000000f4 [SR] Beginning Verify and Repair transaction
2012-11-05 18:19:54, Info CSI 000000f6 [SR] Verify complete
2012-11-05 18:19:54, Info CSI 000000f7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:19:54, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction
2012-11-05 18:19:58, Info CSI 000000fa [SR] Verify complete
2012-11-05 18:19:59, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:19:59, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2012-11-05 18:20:18, Info CSI 000000fe [SR] Verify complete
2012-11-05 18:20:19, Info CSI 000000ff [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:20:19, Info CSI 00000100 [SR] Beginning Verify and Repair transaction
2012-11-05 18:20:29, Info CSI 00000102 [SR] Verify complete
2012-11-05 18:20:30, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:20:30, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2012-11-05 18:20:41, Info CSI 00000106 [SR] Verify complete
2012-11-05 18:20:41, Info CSI 00000107 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:20:41, Info CSI 00000108 [SR] Beginning Verify and Repair transaction
2012-11-05 18:21:15, Info CSI 00000112 [SR] Verify complete
2012-11-05 18:21:15, Info CSI 00000113 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:21:15, Info CSI 00000114 [SR] Beginning Verify and Repair transaction
2012-11-05 18:21:25, Info CSI 00000124 [SR] Verify complete
2012-11-05 18:21:26, Info CSI 00000125 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:21:26, Info CSI 00000126 [SR] Beginning Verify and Repair transaction
2012-11-05 18:22:04, Info CSI 00000128 [SR] Verify complete
2012-11-05 18:22:04, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:22:04, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
2012-11-05 18:24:27, Info CSI 0000012c [SR] Verify complete
2012-11-05 18:24:27, Info CSI 0000012d [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:24:27, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
2012-11-05 18:26:24, Info CSI 00000131 [SR] Verify complete
2012-11-05 18:26:24, Info CSI 00000132 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:26:24, Info CSI 00000133 [SR] Beginning Verify and Repair transaction
2012-11-05 18:27:00, Info CSI 00000135 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-05 18:27:07, Info CSI 00000137 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-05 18:27:07, Info CSI 00000138 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-05 18:27:07, Info CSI 0000013b [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2012-11-05 18:27:07, Info CSI 0000013d [SR] Verify complete
2012-11-05 18:27:08, Info  CSI 0000013e [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:27:08, Info CSI 0000013f [SR] Beginning Verify and Repair transaction
2012-11-05 18:27:51, Info CSI 00000141 [SR] Verify complete
2012-11-05 18:27:51, Info CSI 00000142 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:27:51, Info CSI 00000143 [SR] Beginning Verify and Repair transaction
2012-11-05 18:28:18, Info CSI 00000145 [SR] Verify complete
2012-11-05 18:28:18, Info CSI 00000146 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:28:18, Info CSI 00000147 [SR] Beginning Verify and Repair transaction
2012-11-05 18:28:54, Info CSI 0000014b [SR] Verify complete
2012-11-05 18:28:54, Info CSI 0000014c [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:28:54, Info CSI 0000014d [SR] Beginning Verify and Repair transaction
2012-11-05 18:30:58, Info CSI 0000014f [SR] Verify complete
2012-11-05 18:30:58, Info CSI 00000150 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:30:58, Info CSI 00000151 [SR] Beginning Verify and Repair transaction
2012-11-05 18:32:06, Info CSI 00000154 [SR] Verify complete
2012-11-05 18:32:06, Info CSI 00000155 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:32:06, Info CSI 00000156 [SR] Beginning Verify and Repair transaction
2012-11-05 18:32:46, Info CSI 00000158 [SR] Verify complete
2012-11-05 18:32:46, Info CSI 00000159 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:32:46, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
2012-11-05 18:33:30, Info CSI 0000015d [SR] Verify complete
2012-11-05 18:33:31, Info CSI 0000015e [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:33:31, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2012-11-05 18:34:35, Info CSI 00000162 [SR] Verify complete
2012-11-05 18:34:36, Info CSI 00000163 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:34:36, Info CSI 00000164 [SR] Beginning Verify and Repair transaction
2012-11-05 18:35:11, Info CSI 00000166 [SR] Verify complete
2012-11-05 18:35:11, Info CSI 00000167 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:35:11, Info CSI 00000168 [SR] Beginning Verify and Repair transaction
2012-11-05 18:35:29, Info CSI 0000016a [SR] Verify complete
2012-11-05 18:35:30, Info CSI 0000016b [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:35:30, Info CSI 0000016c [SR] Beginning Verify and Repair transaction
2012-11-05 18:35:48, Info CSI 0000016e [SR] Verify complete
2012-11-05 18:35:49, Info CSI 0000016f [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:35:49, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2012-11-05 18:36:24, Info CSI 00000173 [SR] Verify complete
2012-11-05 18:36:25, Info CSI 00000174 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:36:25, Info CSI 00000175 [SR] Beginning Verify and Repair transaction
2012-11-05 18:36:51, Info CSI 00000177 [SR] Verify complete
2012-11-05 18:36:51, Info CSI 00000178 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:36:51, Info CSI 00000179 [SR] Beginning Verify and Repair transaction
2012-11-05 18:37:19, Info CSI 0000017c [SR] Verify complete
2012-11-05 18:37:19, Info CSI 0000017d [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:37:19, Info CSI 0000017e [SR] Beginning Verify and Repair transaction
2012-11-05 18:37:49, Info CSI 00000180 [SR] Verify complete
2012-11-05 18:37:50, Info CSI 00000181 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:37:50, Info CSI 00000182 [SR] Beginning Verify and Repair transaction
2012-11-05 18:38:17, Info CSI 00000186 [SR] Verify complete
2012-11-05 18:38:18, Info CSI 00000187 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:38:18, Info CSI 00000188 [SR] Beginning Verify and Repair transaction
2012-11-05 18:38:58, Info CSI 0000018a [SR] Verify complete
2012-11-05 18:38:58, Info CSI 0000018b [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:38:58, Info CSI 0000018c [SR] Beginning Verify and Repair transaction
2012-11-05 18:39:27, Info CSI 0000018f [SR] Verify complete
2012-11-05 18:39:28, Info CSI 00000190 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:39:28, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
2012-11-05 18:39:59, Info CSI 00000193 [SR] Verify complete
2012-11-05 18:39:59, Info CSI 00000194 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:39:59, Info CSI 00000195 [SR] Beginning Verify and Repair transaction
2012-11-05 18:40:09, Info CSI 00000197 [SR] Verify complete
2012-11-05 18:40:10, Info CSI 00000198 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:40:10, Info CSI 00000199 [SR] Beginning Verify and Repair transaction
2012-11-05 18:40:33, Info CSI 0000019b [SR] Verify complete
2012-11-05 18:40:33, Info CSI 0000019c [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:40:33, Info CSI 0000019d [SR] Beginning Verify and Repair transaction
2012-11-05 18:41:02, Info CSI 0000019f [SR] Verify complete
2012-11-05 18:41:02, Info CSI 000001a0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:41:02, Info CSI 000001a1 [SR] Beginning Verify and Repair transaction
2012-11-05 18:41:34, Info CSI 000001a3 [SR] Verify complete
2012-11-05 18:41:35, Info CSI 000001a4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:41:35, Info CSI 000001a5 [SR] Beginning Verify and Repair transaction
2012-11-05 18:41:57, Info CSI 000001a7 [SR] Verify complete
2012-11-05 18:41:57, Info CSI 000001a8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:41:57, Info CSI 000001a9 [SR] Beginning Verify and Repair transaction
2012-11-05 18:42:29, Info CSI 000001ab [SR] Verify complete
2012-11-05 18:42:29, Info CSI 000001ac [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:42:29, Info CSI 000001ad [SR] Beginning Verify and Repair transaction
2012-11-05 18:44:52, Info CSI 000001af [SR] Verify complete
2012-11-05 18:44:52, Info CSI 000001b0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:44:52, Info CSI 000001b1 [SR] Beginning Verify and Repair transaction
2012-11-05 18:47:39, Info CSI 000001b3 [SR] Verify complete
2012-11-05 18:47:39, Info CSI 000001b4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:47:39, Info CSI 000001b5 [SR] Beginning Verify and Repair transaction
2012-11-05 18:48:30, Info CSI 000001b7 [SR] Verify complete
2012-11-05 18:48:31, Info CSI 000001b8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:48:31, Info CSI 000001b9 [SR] Beginning Verify and Repair transaction
2012-11-05 18:48:58, Info CSI 000001bb [SR] Verify complete
2012-11-05 18:48:59, Info CSI 000001bc [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:48:59, Info CSI 000001bd [SR] Beginning Verify and Repair transaction
2012-11-05 18:49:16, Info CSI 000001bf [SR] Verify complete
2012-11-05 18:49:16, Info CSI 000001c0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:49:16, Info CSI 000001c1 [SR] Beginning Verify and Repair transaction
2012-11-05 18:49:35, Info CSI 000001c3 [SR] Verify complete
2012-11-05 18:49:35, Info CSI 000001c4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:49:35, Info CSI 000001c5 [SR] Beginning Verify and Repair transaction
2012-11-05 18:50:15, Info CSI 000001c7 [SR] Verify complete
2012-11-05 18:50:16, Info CSI 000001c8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:50:16, Info CSI 000001c9 [SR] Beginning Verify and Repair transaction
2012-11-05 18:50:45, Info CSI 000001d1 [SR] Verify complete
2012-11-05 18:50:45, Info CSI 000001d2 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:50:45, Info CSI 000001d3 [SR] Beginning Verify and Repair transaction
2012-11-05 18:51:09, Info CSI 000001d5 [SR] Verify complete
2012-11-05 18:51:10, Info CSI 000001d6 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:51:10, Info CSI 000001d7 [SR] Beginning Verify and Repair transaction
2012-11-05 18:51:33, Info CSI 000001d9 [SR] Verify complete
2012-11-05 18:51:34, Info CSI 000001da [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:51:34, Info CSI 000001db [SR] Beginning Verify and Repair transaction
2012-11-05 18:52:02, Info CSI 000001dd [SR] Verify complete
2012-11-05 18:52:02, Info CSI 000001de [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:52:02, Info CSI 000001df [SR] Beginning Verify and Repair transaction
2012-11-05 18:52:21, Info CSI 000001e2 [SR] Verify complete
2012-11-05 18:52:21, Info CSI 000001e3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:52:21, Info CSI 000001e4 [SR] Beginning Verify and Repair transaction
2012-11-05 18:52:37, Info CSI 000001e6 [SR] Verify complete
2012-11-05 18:52:37, Info CSI 000001e7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:52:37, Info CSI 000001e8 [SR] Beginning Verify and Repair transaction
2012-11-05 18:52:42, Info CSI 000001ea [SR] Verify complete
2012-11-05 18:52:42, Info CSI 000001eb [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:52:42, Info  CSI 000001ec [SR] Beginning Verify and Repair transaction
2012-11-05 18:53:00, Info CSI 000001ee [SR] Verify complete
2012-11-05 18:53:01, Info CSI 000001ef [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:53:01, Info CSI 000001f0 [SR] Beginning Verify and Repair transaction
2012-11-05 18:53:40, Info CSI 000001f5 [SR] Verify complete
2012-11-05 18:53:41, Info CSI 000001f6 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:53:41, Info CSI 000001f7 [SR] Beginning Verify and Repair transaction
2012-11-05 18:54:07, Info CSI 000001fc [SR] Verify complete
2012-11-05 18:54:08, Info CSI 000001fd [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:54:08, Info CSI 000001fe [SR] Beginning Verify and Repair transaction
2012-11-05 18:54:27, Info CSI 00000202 [SR] Verify complete
2012-11-05 18:54:27, Info CSI 00000203 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:54:27, Info CSI 00000204 [SR] Beginning Verify and Repair transaction
2012-11-05 18:54:55, Info CSI 0000020f [SR] Verify complete
2012-11-05 18:54:55, Info CSI 00000210 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:54:55, Info CSI 00000211 [SR] Beginning Verify and Repair transaction
2012-11-05 18:55:11, Info CSI 00000216 [SR] Verify complete
2012-11-05 18:55:11, Info CSI 00000217 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:55:11, Info CSI 00000218 [SR] Beginning Verify and Repair transaction
2012-11-05 18:55:25, Info CSI 0000021a [SR] Verify complete
2012-11-05 18:55:26, Info CSI 0000021b [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:55:26, Info CSI 0000021c [SR] Beginning Verify and Repair transaction
2012-11-05 18:55:38, Info CSI 00000220 [SR] Verify complete
2012-11-05 18:55:38, Info CSI 00000221 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:55:38, Info CSI 00000222 [SR] Beginning Verify and Repair transaction
2012-11-05 18:55:51, Info CSI 00000238 [SR] Verify complete
2012-11-05 18:55:51, Info CSI 00000239 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:55:51, Info CSI 0000023a [SR] Beginning Verify and Repair transaction
2012-11-05 18:56:04, Info CSI 0000024b [SR] Verify complete
2012-11-05 18:56:04, Info CSI 0000024c [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:56:04, Info CSI 0000024d [SR] Beginning Verify and Repair transaction
2012-11-05 18:56:20, Info CSI 0000024f [SR] Verify complete
2012-11-05 18:56:20, Info CSI 00000250 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:56:20, Info CSI 00000251 [SR] Beginning Verify and Repair transaction
2012-11-05 18:56:34, Info CSI 00000253 [SR] Verify complete
2012-11-05 18:56:34, Info CSI 00000254 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:56:34, Info CSI 00000255 [SR] Beginning Verify and Repair transaction
2012-11-05 18:56:46, Info CSI 00000263 [SR] Verify complete
2012-11-05 18:56:47, Info CSI 00000264 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:56:47, Info CSI 00000265 [SR] Beginning Verify and Repair transaction
2012-11-05 18:57:13, Info CSI 00000267 [SR] Verify complete
2012-11-05 18:57:13, Info CSI 00000268 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:57:13, Info CSI 00000269 [SR] Beginning Verify and Repair transaction
2012-11-05 18:57:27, Info CSI 00000277 [SR] Verify complete
2012-11-05 18:57:28, Info CSI 00000278 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:57:28, Info CSI 00000279 [SR] Beginning Verify and Repair transaction
2012-11-05 18:57:35, Info CSI 0000027b [SR] Verify complete
2012-11-05 18:57:36, Info CSI 0000027c [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:57:36, Info CSI 0000027d [SR] Beginning Verify and Repair transaction
2012-11-05 18:57:50, Info CSI 0000027f [SR] Verify complete
2012-11-05 18:57:51, Info CSI 00000280 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:57:51, Info CSI 00000281 [SR] Beginning Verify and Repair transaction
2012-11-05 18:58:07, Info CSI 00000284 [SR] Verify complete
2012-11-05 18:58:07, Info CSI 00000285 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:58:07, Info CSI 00000286 [SR] Beginning Verify and Repair transaction
2012-11-05 18:58:14, Info CSI 00000288 [SR] Verify complete
2012-11-05 18:58:14, Info CSI 00000289 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:58:14, Info CSI 0000028a [SR] Beginning Verify and Repair transaction
2012-11-05 18:58:37, Info CSI 0000028c [SR] Verify complete
2012-11-05 18:58:37, Info CSI 0000028d [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:58:37, Info CSI 0000028e [SR] Beginning Verify and Repair transaction
2012-11-05 18:58:53, Info CSI 00000290 [SR] Verify complete
2012-11-05 18:58:53, Info CSI 00000291 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:58:53, Info CSI 00000292 [SR] Beginning Verify and Repair transaction
2012-11-05 18:59:10, Info CSI 00000299 [SR] Verify complete
2012-11-05 18:59:11, Info CSI 0000029a [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:59:11, Info CSI 0000029b [SR] Beginning Verify and Repair transaction
2012-11-05 18:59:25, Info CSI 000002b0 [SR] Verify complete
2012-11-05 18:59:25, Info CSI 000002b1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 18:59:25, Info CSI 000002b2 [SR] Beginning Verify and Repair transaction
2012-11-05 19:00:38, Info CSI 000002b4 [SR] Verify complete
2012-11-05 19:00:38, Info CSI 000002b5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:00:38, Info CSI 000002b6 [SR] Beginning Verify and Repair transaction
2012-11-05 19:00:58, Info CSI 000002b8 [SR] Verify complete
2012-11-05 19:00:58, Info CSI 000002b9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:00:58, Info CSI 000002ba [SR] Beginning Verify and Repair transaction
2012-11-05 19:01:10, Info CSI 000002bd [SR] Verify complete
2012-11-05 19:01:10, Info CSI 000002be [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:01:10, Info CSI 000002bf [SR] Beginning Verify and Repair transaction
2012-11-05 19:01:20, Info CSI 000002c2 [SR] Verify complete
2012-11-05 19:01:21, Info CSI 000002c3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:01:21, Info CSI 000002c4 [SR] Beginning Verify and Repair transaction
2012-11-05 19:01:35, Info CSI 000002c6 [SR] Verify complete
2012-11-05 19:01:35, Info CSI 000002c7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:01:35, Info CSI 000002c8 [SR] Beginning Verify and Repair transaction
2012-11-05 19:01:57, Info CSI 000002ca [SR] Verify complete
2012-11-05 19:01:58, Info CSI 000002cb [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:01:58, Info CSI 000002cc [SR] Beginning Verify and Repair transaction
2012-11-05 19:02:13, Info CSI 000002cf [SR] Verify complete
2012-11-05 19:02:13, Info CSI 000002d0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:02:13, Info CSI 000002d1 [SR] Beginning Verify and Repair transaction
2012-11-05 19:02:25, Info CSI 000002d3 [SR] Verify complete
2012-11-05 19:02:25, Info CSI 000002d4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:02:25, Info CSI 000002d5 [SR] Beginning Verify and Repair transaction
2012-11-05 19:02:40, Info CSI 000002d7 [SR] Verify complete
2012-11-05 19:02:41, Info CSI 000002d8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:02:41, Info CSI 000002d9 [SR] Beginning Verify and Repair transaction
2012-11-05 19:02:55, Info CSI 000002db [SR] Verify complete
2012-11-05 19:02:56, Info CSI 000002dc [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:02:56, Info CSI 000002dd [SR] Beginning Verify and Repair transaction
2012-11-05 19:03:15, Info CSI 000002e0 [SR] Verify complete
2012-11-05 19:03:16, Info CSI 000002e1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:03:16, Info CSI 000002e2 [SR] Beginning Verify and Repair transaction
2012-11-05 19:03:22, Info CSI 000002e4 [SR] Verify complete
2012-11-05 19:03:23, Info CSI 000002e5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:03:23, Info CSI 000002e6 [SR] Beginning Verify and Repair transaction
2012-11-05 19:03:35, Info CSI 000002e8 [SR] Verify complete
2012-11-05 19:03:35, Info CSI 000002e9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:03:35, Info CSI 000002ea [SR] Beginning Verify and Repair transaction
2012-11-05 19:03:49, Info CSI 000002ec [SR] Verify complete
2012-11-05 19:03:50, Info CSI 000002ed [SR] Verifying 100 (0x0000000000000064) components
2012-11-05 19:03:50, Info CSI 000002ee [SR] Beginning Verify and Repair transaction
2012-11-05 19:04:05, Info CSI 000002f0 [SR] Verify complete
2012-11-05 19:04:05, Info CSI 000002f1 [SR] Verifying 24 (0x0000000000000018) components
2012-11-05 19:04:05, Info CSI 000002f2 [SR] Beginning Verify and Repair transaction
2012-11-05 19:04:08, Info CSI 000002f4 [SR] Verify complete
2012-11-05 19:04:08, Info CSI 000002f5 [SR] Repairing 2 components
2012-11-05 19:04:08, Info CSI 000002f6 [SR] Beginning Verify and Repair transaction
2012-11-05 19:04:09, Info CSI 000002f8 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-05 19:04:09, Info CSI 000002fa [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-05 19:04:09, Info CSI 000002fc [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-05 19:04:09, Info CSI 000002fd [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-05 19:04:09, Info CSI 00000300 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2012-11-05 19:04:09, Info CSI 00000302 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-05 19:04:09, Info CSI 00000303 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-05 19:04:09, Info CSI 00000306 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2012-11-05 19:04:09, Info CSI 00000308 [SR] Repair complete
2012-11-05 19:04:09, Info CSI 00000309 [SR] Committing transaction
2012-11-05 19:04:09, Info CSI 0000030d [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired


----------



## Mark1956 (May 7, 2011)

There are two important files that have failed to be repaired, one of them is related to system restore.

Please run this scan:

Please download *SystemLook* from one of the links below and save it to your Desktop.


*Link 1: SystemLook (64-bit)*
Link 2: SystemLook (64-bit)


Double-click *SystemLook.exe* to run it.
_*Vista*/*Windows 7* users right-click and select Run As Administrator_.
Copy and paste everything in the codebox below into the main textfield:

```
:filefind
autochk.exe
tcpmon.ini
```

Click the Look button to start the scan.
When finished, a Notepad window will open SystemLook.txt with the results of the search and save a copy on your Desktop.
Please copy and paste the contents of that log in your next reply.


----------



## skyla07 (Nov 3, 2012)

Here is the log:

SystemLook 30.07.11 by jpshortstuff
Log created at 11:51 on 06/11/2012 by coocabarra2
Administrator - Elevation successful

========== filefind ==========

Searching for "autochk.exe"
C:\WINDOWS\System32\autochk.exe --a---- 777728 bytes [19:36 29/06/2011] [13:24 20/11/2010] 1B102EA095F79B8AB90101D43FAD79DC
C:\WINDOWS\SysWOW64\autochk.exe --a---- 668160 bytes [19:35 29/06/2011] [12:16 20/11/2010] F88A52EB62019D6A62FDD9E08034DBD8
C:\WINDOWS\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe --a---- 777728 bytes [23:25 13/07/2009] [01:38 14/07/2009] EB300B5B336606ABEB20662A6D638A4C
C:\WINDOWS\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe --a---- 777728 bytes [19:36 29/06/2011] [13:24 20/11/2010] 1B102EA095F79B8AB90101D43FAD79DC
C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe --a---- 668160 bytes [23:15 13/07/2009] [01:14 14/07/2009] 41E4C8EBA464E7D6A5BA5E8827732AEB
C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe  --a---- 668160 bytes [19:35 29/06/2011] [12:16 20/11/2010] F88A52EB62019D6A62FDD9E08034DBD8

Searching for "tcpmon.ini"
C:\WINDOWS\System32\tcpmon.ini --a---- 60224 bytes [21:01 10/06/2009] [00:51 19/01/2010] D79575BE490A45AD09BDEDBCACB5B155
C:\WINDOWS\winsxs\amd64_microsoft-windows-p..rtmonitor-tcpmonini_31bf3856ad364e35_6.1.7600.16385_none_2e6dc451c0fa9db5\tcpmon.ini --a---- 60224 bytes [21:01 10/06/2009] [00:51 19/01/2010] D79575BE490A45AD09BDEDBCACB5B155

-= EOF =-


----------



## Mark1956 (May 7, 2011)

Ok, looks like there are some good replacement files there that can be used, we will see how it goes with another tool, Combofix. I'd like you to run a scan with this first and then we shall use it to replace the bad files, it may do it automatically.

*STEP 1*
*NOTE:* If you have already used Combofix please delete the icon from your desktop.


Please download DeFogger and save it to your desktop.
Once downloaded, double-click on the *DeFogger* icon to start the tool.
The application window will appear.
You should now click on the *Disable* button to disable your CD Emulation drivers.
When it prompts you whether or not you want to continue, please click on the *Yes* button to continue.
When the program has completed you will see a *Finished!* message. Click on the *OK* button to exit the program.
If CD Emulation programs are present and have been disabled, *DeFogger* will now ask you to reboot the machine. Please allow it to do so by clicking on the *OK* button.

*STEP 2*
Please download *ComboFix*







from one of the locations below and *save it to your Desktop. <-Important!!!*


Download Mirror #1
Download Mirror #2

Be sure to print out and follow these instructions: *A guide and tutorial on using ComboFix*

*Vista*/*Windows 7* users can skip the Recovery Console instructions and use the Windows DVD to boot into the Vista Recovery Environment or Windows 7 System Recovery Options if something goes awry. If you do not have a Windows 7 DVD then please create a Windows 7 Repair Disc. *XP* users need to install the Recovery Console first.


Temporarily *disable* your *anti-virus*, script blocking and any *anti-malware* real-time protection _*before*_ performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause _"unpredictable results"_. Click this link to see a list of such programs and how to disable them.
If ComboFix detects an older version of itself, you will be asked to update the program.
ComboFix will begin by showing a Disclaimer. Read it and click *I Agree* if you want to continue.
Follow the prompts and click on *Yes* to continue scanning for malware.
If using Windows 7 or Vista and you receive a UAC prompt asking if you want to continue running the program, you should press the *Continue* button.
When finished, please copy and paste the contents of C:\*ComboFix.txt* (_which will open after reboot_) in your next reply.
Be sure to *re-enable* your anti-virus and other security programs.

_-- Do not touch your mouse/keyboard until the ComboFix scan has completed, as this may cause the process to stall or the computer to lock.
-- ComboFix will temporarily disable your desktop, and if interrupted may leave it disabled. If this occurs, please reboot to restore it.
-- ComboFix disables autorun of all CD, floppy and USB devices to assist with malware removal and increase security._

If you no longer have access to your Internet connection after running ComboFix, please reboot to restore it. If that does not restore the connection, then follow the instructions for Manually restoring the Internet connection provided in the "_How to Guide_" you printed out earlier. Those instructions only apply to XP, for Vista and Windows 7 go here: Internet connection repair

*NOTE:* if you see a message like this when you attempt to open anything after the reboot *"Illegal Operation attempted on a registry key that has been marked for deletion"* please reboot the system again and the warning should not return.



> *Do NOT use ComboFix* unless you have been instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be used under the guidance and supervision of an expert, *NOT for general public or personal use*. *Using this tool incorrectly could lead to serious problems with your operating system such as preventing it from ever starting again.* This site, sUBs and myself *will not* be responsible for any damage caused to your machine by misusing or running ComboFix on your own. Please read *ComboFix's Disclaimer*.


----------



## skyla07 (Nov 3, 2012)

Here is the combofix log:

ComboFix 12-11-06.03 - coocabarra2 11/06/2012 19:56:19.5.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3032.1422 [GMT -8:00]
Running from: c:\users\coocabarra2\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\087abda5-3ca9-433a-8a4e-6b9fc9285607.dll
c:\programdata\PCDr\6032\AddOnDownloaded\305a1406-381f-449d-9486-32504a38e5b0.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3b429c4f-8ba9-4a7d-bbb4-4548bb6d2539.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3c49c05a-0eb3-4044-a0f8-d4ea2a439295.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4704833a-6508-40cc-b98b-5ebd235e52ca.dll
c:\programdata\PCDr\6032\AddOnDownloaded\5cd81d7c-326c-42d2-8929-1ee85c69dc1d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\5f169f6e-cfce-411e-b266-aa53ac35ce83.dll
c:\programdata\PCDr\6032\AddOnDownloaded\8c199aef-9eca-4ab6-863d-c9136ebec654.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a7201707-7895-43cf-9119-8a0279b75d4c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a875f6ee-9729-4447-8d2c-63bd2e6396c1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\af728edb-0984-4c06-9a4b-0878bcfa9a26.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b510dd11-341c-4dfa-9f1e-dd5ddcc444f4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\cf9bce06-e765-4c6f-afa9-0d82a3adc417.dll
c:\programdata\PCDr\6032\AddOnDownloaded\dbecb802-efe1-453f-828f-29af4ab73508.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e1ce76af-328a-41dc-b2c4-0dd9771f6aa1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e3e252fe-80ab-4f89-82a9-b607007220bd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\eb115e4d-8592-4082-bffa-e65ae6b21e95.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ed26c1b3-d9f9-42e8-80e0-cd62e65fd901.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f28ef68b-8cc4-4c00-891d-473fb67bd0b0.dll
c:\programdata\SPL731D.tmp
c:\programdata\SPLE448.tmp
c:\users\coocabarra2\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Files Created from 2012-10-07 to 2012-11-07 )))))))))))))))))))))))))))))))
.
.
2012-11-07 04:25 . 2012-11-07 04:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-07 04:25 . 2012-11-07 04:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-07 03:07 . 2012-11-07 03:07 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{825DD614-8C90-4D36-B706-590AE4760CF2}\offreg.dll
2012-11-06 20:05 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{825DD614-8C90-4D36-B706-590AE4760CF2}\mpengine.dll
2012-11-05 14:17 . 2012-11-05 14:17 -------- d-----w- C:\found.000
2012-11-05 02:07 . 2011-12-06 23:55 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-11-05 01:45 . 2009-06-05 02:54 408600 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-11-05 00:37 . 2012-11-05 00:37 -------- d-----w- c:\users\coocabarra2\AppData\Roaming\InstallShield
2012-11-02 17:49 . 2012-11-02 17:49 -------- d-----w- c:\program files (x86)\Full Uninstall
2012-10-27 17:31 . 2012-10-26 04:09 261600 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\components\browsercomps.dll
2012-10-27 17:31 . 2012-10-26 04:09 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\breakpadinjector.dll
2012-10-27 17:31 . 2012-10-26 04:09 18912 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll
2012-10-26 04:09 . 2012-10-27 17:31 96224 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-10-26 04:09 . 2012-10-27 17:31 157272 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-10-25 16:09 . 2012-04-20 23:40 196440 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2012-10-10 18:35 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 18:35 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-10 18:35 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-10 18:35 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-10 18:33 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 18:33 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-10 18:33 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 18:33 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-10 18:32 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 18:32 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 18:32 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 18:32 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 18:32 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 18:32 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 18:32 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 18:32 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-07 04:22 . 2010-06-10 05:41 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2012-11-05 20:35 . 2010-06-11 05:59 58288 ----a-w- c:\windows\SysWow64\rpcnet.dll
2012-11-05 20:35 . 2010-06-10 05:43 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2012-11-05 20:34 . 2010-06-10 05:41 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2012-10-11 10:06 . 2010-10-14 16:01 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-10 03:25 . 2012-04-29 16:47 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-10 03:25 . 2011-05-22 00:55 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-30 02:54 . 2011-01-30 22:43 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-10 17:15 . 2012-09-10 17:15 87960 ----a-r- c:\users\coocabarra2\AppData\Roaming\Microsoft\Installer\{D74EB870-4745-467B-9430-DA53A604A456}\ARPPRODUCTICON.exe
2012-09-04 18:30 . 2012-10-01 21:10 38912 ----a-w- c:\windows\SysWow64\identprv.dll
2012-08-24 11:15 . 2012-09-22 10:04 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 10:04 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 10:04 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 10:04 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 10:04  1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 10:04 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 10:04 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 10:04 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 10:04 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 10:04 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 10:04 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 10:04 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 10:04 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 10:04 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 10:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 10:04 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 10:04 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 10:04 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 10:04 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 10:04 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 10:04 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 10:04 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 15:26 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 15:26 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 15:26 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 15:26 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-25 17:38 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 20:01 . 2012-09-23 17:44 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 20:01 . 2010-08-14 21:26 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 20:01 . 2010-08-14 21:26 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-20 17:38 . 2012-10-10 18:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-09-11 1779952]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-07-06 295304]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2009-09-17 165104]
.
c:\users\coocabarra2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-30 6144]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
R3 Leapfrog-USBLAN;Leapfrog-USBLAN;c:\windows\system32\DRIVERS\btblan.sys [2011-11-12 40320]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-07-17 106112]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2009-06-20 20992]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-30 9216]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 26624]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [2010-01-26 10240]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-07-17 335784]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe [2006-10-12 561152]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-07-17 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2012-07-17 177144]
S2 MotoConnect Service;MotoConnect Service;c:\program files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-06-24 91456]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-09-17 656624]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-07-17 69672]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-07-17 513456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-08 215552]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 03:25]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-12 07:03]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-12 07:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-06 384296]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 365080]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"MemoryCardManager"="c:\program files (x86)\Dell Photo AIO Printer 926\memcard.exe" [2006-11-04 304008]
"DLCXCATS"="c:\windows\system32\spool\DRIVERS\x64\3\DLCXtime.dll" [2006-10-16 31744]
"dlcxmon.exe"="c:\program files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SYSTEM32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\coocabarra2\AppData\Roaming\Mozilla\Firefox\Profiles\7u3nc8oj.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
.
.
------- File Associations -------
.
.reg=Regedit.Document
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-BFG-Wedding Dash - Ready, Aim, Love - c:\program files (x86)\Wedding Dash - Ready
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1669252175-1901661260-3532343193-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1669252175-1901661260-3532343193-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-06 20:30:58
ComboFix-quarantined-files.txt 2012-11-07 04:30
.
Pre-Run: 63,053,090,816 bytes free
Post-Run: 62,506,455,040 bytes free
.
- - End Of File - - A99D336D6026B958F1F6BD2FE47D1A28


----------



## Mark1956 (May 7, 2011)

Combofix has not found any problems, but please follow the instructions below to replace the suspect autochk.exe file.

I would also like to check the other suspect file. Unfortunately both the copies available are identical, so there is no other version on the system that we can use. Please navigate to C:\WINDOWS\System32\tcpmon.ini (it will probably show in the list of files without the .ini extension) using Windows Explorer, right click on the file and select Copy.
Go back to the desktop and right click on empty space and select Paste. The file should appear. Right click on it and select Send To and then Compressed (zipped) folder. A zip file will appear. Please then send the zip file as an attachment with your next post so I can check it.

We are now going to run ComboFix a different way so that we can replace them.

As with the first Combofix scan, disconnect from the internet and disable script blocking and all your security software.

Open Notepad by clicking







and in the search box type: *Notepad.exe* and hit *Enter*
Then copy and paste everything in the *code box* below into it.
-- Note: Make sure Word Wrap is unchecked in Notepad by clicking on *Format* in the top menu.


```
FCopy::
C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe | C:\WINDOWS\System32\autochk.exe


Reboot::
```

Save the file as *CFScript.txt* by choosing Save As... in the File Menu, and save it to your Desktop where the ComboFix icon is also located.
Close your browser and *disconnect* from the Internet.
Now use your mouse to *drag*, then *drop* the CFScript.txt file on top of ComboFix.exe as seen in the image below.









This will start ComboFix again and launch the script.
ComboFix may reboot your system when it finishes. This is normal.
A log with be created just as before and saved to C:\ComboFix.txt. Please copy and paste the contents of *ComboFix.txt* in your next reply.
Be sure to *re-enable* your anti-virus and other security programs *after* the scan is complete.


----------



## skyla07 (Nov 3, 2012)

I believe that was the right file that you wanted me to upload. It was under tcpmon.ini in the computer. It is is text/notepad file. Here is the result of the comobofix scan:

ComboFix 12-11-06.03 - coocabarra2 11/07/2012 13:42:18.6.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3032.1597 [GMT -8:00]
Running from: c:\users\coocabarra2\Desktop\ComboFix.exe
Command switches used :: c:\users\coocabarra2\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\087abda5-3ca9-433a-8a4e-6b9fc9285607.dll
c:\programdata\PCDr\6032\AddOnDownloaded\305a1406-381f-449d-9486-32504a38e5b0.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3b429c4f-8ba9-4a7d-bbb4-4548bb6d2539.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3c49c05a-0eb3-4044-a0f8-d4ea2a439295.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4704833a-6508-40cc-b98b-5ebd235e52ca.dll
c:\programdata\PCDr\6032\AddOnDownloaded\5cd81d7c-326c-42d2-8929-1ee85c69dc1d.dll
c:\programdata\PCDr\6032\AddOnDownloaded\5f169f6e-cfce-411e-b266-aa53ac35ce83.dll
c:\programdata\PCDr\6032\AddOnDownloaded\8c199aef-9eca-4ab6-863d-c9136ebec654.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a7201707-7895-43cf-9119-8a0279b75d4c.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a875f6ee-9729-4447-8d2c-63bd2e6396c1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\af728edb-0984-4c06-9a4b-0878bcfa9a26.dll
c:\programdata\PCDr\6032\AddOnDownloaded\b510dd11-341c-4dfa-9f1e-dd5ddcc444f4.dll
c:\programdata\PCDr\6032\AddOnDownloaded\cf9bce06-e765-4c6f-afa9-0d82a3adc417.dll
c:\programdata\PCDr\6032\AddOnDownloaded\dbecb802-efe1-453f-828f-29af4ab73508.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e1ce76af-328a-41dc-b2c4-0dd9771f6aa1.dll
c:\programdata\PCDr\6032\AddOnDownloaded\e3e252fe-80ab-4f89-82a9-b607007220bd.dll
c:\programdata\PCDr\6032\AddOnDownloaded\eb115e4d-8592-4082-bffa-e65ae6b21e95.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ed26c1b3-d9f9-42e8-80e0-cd62e65fd901.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f28ef68b-8cc4-4c00-891d-473fb67bd0b0.dll
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe --> c:\windows\System32\autochk.exe
.
((((((((((((((((((((((((( Files Created from 2012-10-07 to 2012-11-07 )))))))))))))))))))))))))))))))
.
.
2012-11-07 21:54 . 2012-11-07 21:54 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-07 21:54 . 2012-11-07 21:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-07 17:36 . 2012-11-07 21:55 -------- d-----w- c:\program files (x86)\Motorola
2012-11-07 03:07 . 2012-11-07 03:07 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{825DD614-8C90-4D36-B706-590AE4760CF2}\offreg.dll
2012-11-06 20:05 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{825DD614-8C90-4D36-B706-590AE4760CF2}\mpengine.dll
2012-11-05 14:17 . 2012-11-05 14:17 -------- d-----w- C:\found.000
2012-11-05 02:07 . 2011-12-06 23:55 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-11-05 01:45 . 2009-06-05 02:54 408600 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-11-05 00:37 . 2012-11-05 00:37 -------- d-----w- c:\users\coocabarra2\AppData\Roaming\InstallShield
2012-11-02 17:49 . 2012-11-02 17:49 -------- d-----w- c:\program files (x86)\Full Uninstall
2012-10-27 17:31 . 2012-10-26 04:09 261600 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\components\browsercomps.dll
2012-10-27 17:31 . 2012-10-26 04:09 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\breakpadinjector.dll
2012-10-27 17:31 . 2012-10-26 04:09 18912 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll
2012-10-26 04:09 . 2012-10-27 17:31 96224 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-10-26 04:09 . 2012-10-27 17:31 157272 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-10-25 16:09 . 2012-04-20 23:40 196440 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2012-10-10 18:35 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 18:35 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-10 18:35 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-10 18:35 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-10 18:33 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 18:33 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-10 18:33 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 18:33 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-10 18:32 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 18:32 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 18:32 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 18:32 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 18:32 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 18:32 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 18:32 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 18:32 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-07 21:55 . 2010-06-10 05:41 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2012-11-07 21:55 . 2010-06-11 05:59 58288 ----a-w- c:\windows\SysWow64\rpcnet.dll
2012-11-05 20:35 . 2010-06-10 05:43 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2012-11-05 20:34 . 2010-06-10 05:41 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2012-10-11 10:06 . 2010-10-14 16:01 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-10 03:25 . 2012-04-29 16:47 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-10 03:25 . 2011-05-22 00:55 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-30 02:54 . 2011-01-30 22:43 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-10 17:15 . 2012-09-10 17:15 87960 ----a-r- c:\users\coocabarra2\AppData\Roaming\Microsoft\Installer\{D74EB870-4745-467B-9430-DA53A604A456}\ARPPRODUCTICON.exe
2012-09-04 18:30 . 2012-10-01 21:10 38912 ----a-w- c:\windows\SysWow64\identprv.dll
2012-08-24 11:15 . 2012-09-22 10:04 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 10:04 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 10:04 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 10:04 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 10:04 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 10:04 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 10:04 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 10:04 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 10:04 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 10:04 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 10:04 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 10:04 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 10:04 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 10:04 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 10:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 10:04 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 10:04 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 10:04 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 10:04 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 10:04 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 10:04 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 10:04 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 15:26 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 15:26 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 15:26 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 15:26 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-25 17:38 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 20:01 . 2012-09-23 17:44 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 20:01 . 2010-08-14 21:26 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 20:01 . 2010-08-14 21:26 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-20 17:38 . 2012-10-10 18:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-09-11 1779952]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-07-06 295304]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2009-09-17 165104]
.
c:\users\coocabarra2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
R3 Leapfrog-USBLAN;Leapfrog-USBLAN;c:\windows\system32\DRIVERS\btblan.sys [2011-11-12 40320]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-07-17 106112]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-07-17 335784]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe [2006-10-12 561152]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-07-17 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2012-07-17 177144]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-09-17 656624]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-07-17 69672]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-07-17 513456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-08 215552]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 03:25]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-12 07:03]
.
2012-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-12 07:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-06 384296]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 365080]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"MemoryCardManager"="c:\program files (x86)\Dell Photo AIO Printer 926\memcard.exe" [2006-11-04 304008]
"DLCXCATS"="c:\windows\system32\spool\DRIVERS\x64\3\DLCXtime.dll" [2006-10-16 31744]
"dlcxmon.exe"="c:\program files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SYSTEM32\blank.htm
uInternet Settings,ProxyOverride = *.local;192.168.*.*
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\coocabarra2\AppData\Roaming\Mozilla\Firefox\Profiles\7u3nc8oj.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-BFG-Wedding Dash - Ready, Aim, Love - c:\program files (x86)\Wedding Dash - Ready
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1669252175-1901661260-3532343193-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1669252175-1901661260-3532343193-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\bgsvcgen.exe
c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files (x86)\Blockbuster\BLOCKBUSTERMovielink\MovielinkCore.exe
c:\windows\SysWOW64\rundll32.exe
c:\windows\SysWOW64\rpcnet.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
c:\program files (x86)\Absolute Software\LoJack for Laptops notifier\LoJackNotifier.exe
.
**************************************************************************
.
Completion time: 2012-11-07 14:03:35 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-07 22:03
ComboFix2.txt 2012-11-07 04:30
.
Pre-Run: 61,437,505,536 bytes free
Post-Run: 61,158,359,040 bytes free
.
- - End Of File - - EB8F86AD88ACA8135DA752258DF5E54C


----------



## Mark1956 (May 7, 2011)

The file tcpmon.ini is indeed a text file and seems to be solely related to printers. Why the System File Checker is having an issue with it is a bit of a mystery.

I'd like you to use Windows Explorer to navigate to that file (in the System32 folder) and change its name to tcpmon.old.
And, as the other problem file has been replaced I'd then like you to reboot the PC and do another run with the System File Checker and post the new log.


----------



## skyla07 (Nov 3, 2012)

The computer is not allowing me to change the file name. It is a configuration settings file. I looked at properties, and it says that the owner is "TrustedInstaller". They have full control of the file, and I only have read and execute privileges. I changed ownership to myself, and am able to rename the file, I just wanted to make sure that I am doing it to the correct file. There is also a tcpmon.dll, as well as the tcpmon.ini, and also a tcpmonui.dll. 

When I try to apply the changes in permissions so I can rename the file, it says "you are about to change the permission settings on system folders, which can result in unexpected access problems and reduce security. Do you want to continue?"

I just want to make sure that I am renaming the correct file, and that it is appropriate to change the permissions so that I may rename it, and that I won't mess anything up by doing so (as suggested by the above warning). 

If I hear from you that it is the correct file and that I should change permissions so I can rename it, then I will do so and go ahead with the system scan again. Thanks!


----------



## Mark1956 (May 7, 2011)

tcpmon.ini is the correct file, please go ahead and change the name and run the SFC scan.


----------



## skyla07 (Nov 3, 2012)

Here is the sfc log:

2012-11-08 13:36:24, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:36:24, Info  CSI 0000000a [SR] Beginning Verify and Repair transaction
2012-11-08 13:36:28, Info CSI 0000000c [SR] Verify complete
2012-11-08 13:36:28, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:36:28, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2012-11-08 13:36:32, Info CSI 00000010 [SR] Verify complete
2012-11-08 13:36:32, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:36:32, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2012-11-08 13:36:36, Info CSI 00000014 [SR] Verify complete
2012-11-08 13:36:37, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:36:37, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2012-11-08 13:36:42, Info CSI 00000018 [SR] Verify complete
2012-11-08 13:36:42, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:36:42, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2012-11-08 13:36:47, Info CSI 0000001c [SR] Verify complete
2012-11-08 13:36:47, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:36:47, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2012-11-08 13:36:52, Info CSI 00000020 [SR] Verify complete
2012-11-08 13:36:53, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:36:53, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2012-11-08 13:36:56, Info CSI 00000024 [SR] Verify complete
2012-11-08 13:36:57, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:36:57, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2012-11-08 13:37:02, Info CSI 00000028 [SR] Verify complete
2012-11-08 13:37:02, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:37:02, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2012-11-08 13:37:06, Info CSI 0000002c [SR] Verify complete
2012-11-08 13:37:06, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:37:06, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2012-11-08 13:37:09, Info CSI 00000030 [SR] Verify complete
2012-11-08 13:37:09, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:37:09, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2012-11-08 13:37:15, Info CSI 00000035 [SR] Verify complete
2012-11-08 13:37:15, Info CSI 00000036 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:37:15, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2012-11-08 13:37:23, Info CSI 00000039 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-08 13:37:28, Info CSI 0000003c [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-08 13:37:28, Info CSI 0000003d [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-08 13:37:28, Info CSI 00000040 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2012-11-08 13:37:28, Info CSI 00000042 [SR] Verify complete
2012-11-08 13:37:29, Info CSI 00000043 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:37:29, Info CSI 00000044 [SR] Beginning Verify and Repair transaction
2012-11-08 13:37:39, Info CSI 00000048 [SR] Verify complete
2012-11-08 13:37:39, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:37:39, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2012-11-08 13:37:48, Info CSI 0000004d [SR] Verify complete
2012-11-08 13:37:48, Info CSI 0000004e [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:37:48, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2012-11-08 13:37:56, Info CSI 00000051 [SR] Verify complete
2012-11-08 13:37:56, Info CSI 00000052 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:37:56, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2012-11-08 13:38:11, Info CSI 00000075 [SR] Verify complete
2012-11-08 13:38:11, Info CSI 00000076 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:38:11, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
2012-11-08 13:38:19, Info CSI 0000007c [SR] Verify complete
2012-11-08 13:38:19, Info CSI 0000007d [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:38:19, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
2012-11-08 13:38:40, Info CSI 00000080 [SR] Verify complete
2012-11-08 13:38:40, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:38:40, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2012-11-08 13:38:48, Info CSI 00000084 [SR] Verify complete
2012-11-08 13:38:49, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:38:49, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2012-11-08 13:38:55, Info CSI 00000088 [SR] Verify complete
2012-11-08 13:38:56, Info CSI 00000089 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:38:56, Info CSI 0000008a [SR] Beginning Verify and Repair transaction
2012-11-08 13:39:04, Info CSI 0000008c [SR] Verify complete
2012-11-08 13:39:04, Info CSI 0000008d [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:39:04, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
2012-11-08 13:39:16, Info CSI 000000b1 [SR] Verify complete
2012-11-08 13:39:17, Info CSI 000000b2 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:39:17, Info CSI 000000b3 [SR] Beginning Verify and Repair transaction
2012-11-08 13:39:27, Info CSI 000000b5 [SR] Verify complete
2012-11-08 13:39:27, Info CSI 000000b6 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:39:27, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction
2012-11-08 13:39:44, Info CSI 000000b9 [SR] Verify complete
2012-11-08 13:39:44, Info CSI 000000ba [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:39:44, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2012-11-08 13:39:55, Info CSI 000000bf [SR] Verify complete
2012-11-08 13:39:55, Info CSI 000000c0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:39:55, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction
2012-11-08 13:39:58, Info CSI 000000c3 [SR] Verify complete
2012-11-08 13:39:58, Info CSI 000000c4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:39:58, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction
2012-11-08 13:39:59, Info CSI 000000c7 [SR] Verify complete
2012-11-08 13:40:00, Info CSI 000000c8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:40:00, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
2012-11-08 13:40:09, Info CSI 000000d7 [SR] Verify complete
2012-11-08 13:40:09, Info CSI 000000d8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:40:09, Info CSI 000000d9 [SR] Beginning Verify and Repair transaction
2012-11-08 13:40:16, Info CSI 000000e0 [SR] Verify complete
2012-11-08 13:40:16, Info CSI 000000e1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:40:16, Info CSI 000000e2 [SR] Beginning Verify and Repair transaction
2012-11-08 13:40:21, Info CSI 000000e4 [SR] Verify complete
2012-11-08 13:40:21, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:40:21, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2012-11-08 13:40:28, Info CSI 000000e8 [SR] Verify complete
2012-11-08 13:40:28, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:40:28, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2012-11-08 13:40:36, Info CSI 000000ec [SR] Verify complete
2012-11-08 13:40:36, Info CSI 000000ed [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:40:36, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
2012-11-08 13:40:48, Info CSI 000000f2 [SR] Verify complete
2012-11-08 13:40:49, Info CSI 000000f3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:40:49, Info CSI 000000f4 [SR] Beginning Verify and Repair transaction
2012-11-08 13:40:56, Info CSI 000000f6 [SR] Verify complete
2012-11-08 13:40:56, Info CSI 000000f7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:40:56, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction
2012-11-08 13:41:00, Info CSI 000000fa [SR] Verify complete
2012-11-08 13:41:00, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:41:00, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2012-11-08 13:41:12, Info CSI 000000fe [SR] Verify complete
2012-11-08 13:41:12, Info CSI 000000ff [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:41:12, Info CSI 00000100 [SR] Beginning Verify and Repair transaction
2012-11-08 13:41:21, Info CSI 00000102 [SR] Verify complete
2012-11-08 13:41:21, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:41:21, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2012-11-08 13:41:29, Info CSI 00000106 [SR] Verify complete
2012-11-08 13:41:29, Info CSI 00000107 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:41:29, Info CSI 00000108 [SR] Beginning Verify and Repair transaction
2012-11-08 13:41:43, Info CSI 00000112 [SR] Verify complete
2012-11-08 13:41:44, Info CSI 00000113 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:41:44, Info CSI 00000114 [SR] Beginning Verify and Repair transaction
2012-11-08 13:41:52, Info CSI 00000124 [SR] Verify complete
2012-11-08 13:41:52, Info CSI 00000125 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:41:52, Info CSI 00000126 [SR] Beginning Verify and Repair transaction
2012-11-08 13:42:01, Info CSI 00000128 [SR] Verify complete
2012-11-08 13:42:01, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:42:01, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
2012-11-08 13:42:22, Info CSI 0000012c [SR] Verify complete
2012-11-08 13:42:23, Info CSI 0000012d [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:42:23, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
2012-11-08 13:42:41, Info CSI 00000131 [SR] Verify complete
2012-11-08 13:42:41, Info CSI 00000132 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:42:41, Info CSI 00000133 [SR] Beginning Verify and Repair transaction
2012-11-08 13:42:49, Info CSI 00000135 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-08 13:42:52, Info CSI 00000137 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-08 13:42:52, Info CSI 00000138 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-08 13:42:52, Info CSI 0000013a [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2012-11-08 13:42:52, Info CSI 0000013c [SR] Verify complete
2012-11-08 13:42:53, Info CSI 0000013d [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:42:53, Info CSI 0000013e [SR] Beginning Verify and Repair transaction
2012-11-08 13:43:01, Info  CSI 00000140 [SR] Verify complete
2012-11-08 13:43:01, Info CSI 00000141 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:43:01, Info CSI 00000142 [SR] Beginning Verify and Repair transaction
2012-11-08 13:43:07, Info CSI 00000144 [SR] Verify complete
2012-11-08 13:43:08, Info CSI 00000145 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:43:08, Info CSI 00000146 [SR] Beginning Verify and Repair transaction
2012-11-08 13:43:15, Info CSI 0000014a [SR] Verify complete
2012-11-08 13:43:15, Info CSI 0000014b [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:43:15, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
2012-11-08 13:43:32, Info CSI 0000014e [SR] Verify complete
2012-11-08 13:43:32, Info CSI 0000014f [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:43:32, Info CSI 00000150 [SR] Beginning Verify and Repair transaction
2012-11-08 13:43:43, Info CSI 00000153 [SR] Verify complete
2012-11-08 13:43:43, Info CSI 00000154 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:43:43, Info CSI 00000155 [SR] Beginning Verify and Repair transaction
2012-11-08 13:43:51, Info CSI 00000157 [SR] Verify complete
2012-11-08 13:43:51, Info CSI 00000158 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:43:51, Info CSI 00000159 [SR] Beginning Verify and Repair transaction
2012-11-08 13:44:00, Info CSI 0000015c [SR] Verify complete
2012-11-08 13:44:00, Info CSI 0000015d [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:44:00, Info CSI 0000015e [SR] Beginning Verify and Repair transaction
2012-11-08 13:44:13, Info CSI 00000161 [SR] Verify complete
2012-11-08 13:44:13, Info CSI 00000162 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:44:13, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2012-11-08 13:44:21, Info CSI 00000165 [SR] Verify complete
2012-11-08 13:44:21, Info CSI 00000166 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:44:21, Info CSI 00000167 [SR] Beginning Verify and Repair transaction
2012-11-08 13:44:29, Info CSI 00000169 [SR] Verify complete
2012-11-08 13:44:29, Info CSI 0000016a [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:44:29, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2012-11-08 13:44:37, Info CSI 0000016d [SR] Verify complete
2012-11-08 13:44:37, Info CSI 0000016e [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:44:37, Info CSI 0000016f [SR] Beginning Verify and Repair transaction
2012-11-08 13:44:48, Info CSI 00000172 [SR] Verify complete
2012-11-08 13:44:48, Info CSI 00000173 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:44:48, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2012-11-08 13:44:55, Info CSI 00000176 [SR] Verify complete
2012-11-08 13:44:55, Info CSI 00000177 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:44:55, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2012-11-08 13:45:03, Info CSI 0000017b [SR] Verify complete
2012-11-08 13:45:03, Info CSI 0000017c [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:45:03, Info CSI 0000017d [SR] Beginning Verify and Repair transaction
2012-11-08 13:45:11, Info CSI 0000017f [SR] Verify complete
2012-11-08 13:45:12, Info CSI 00000180 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:45:12, Info CSI 00000181 [SR] Beginning Verify and Repair transaction
2012-11-08 13:45:20, Info CSI 00000185 [SR] Verify complete
2012-11-08 13:45:20, Info CSI 00000186 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:45:20, Info CSI 00000187 [SR] Beginning Verify and Repair transaction
2012-11-08 13:45:30, Info CSI 00000189 [SR] Verify complete
2012-11-08 13:45:30, Info CSI 0000018a [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:45:30, Info CSI 0000018b [SR] Beginning Verify and Repair transaction
2012-11-08 13:45:39, Info CSI 0000018e [SR] Verify complete
2012-11-08 13:45:39, Info CSI 0000018f [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:45:39, Info CSI 00000190 [SR] Beginning Verify and Repair transaction
2012-11-08 13:45:46, Info CSI 00000192 [SR] Verify complete
2012-11-08 13:45:46, Info CSI 00000193 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:45:46, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
2012-11-08 13:45:49, Info CSI 00000196 [SR] Verify complete
2012-11-08 13:45:49, Info CSI 00000197 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:45:49, Info CSI 00000198 [SR] Beginning Verify and Repair transaction
2012-11-08 13:45:55, Info CSI 0000019a [SR] Verify complete
2012-11-08 13:45:56, Info CSI 0000019b [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:45:56, Info CSI 0000019c [SR] Beginning Verify and Repair transaction
2012-11-08 13:46:02, Info CSI 0000019e [SR] Verify complete
2012-11-08 13:46:03, Info CSI 0000019f [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:46:03, Info CSI 000001a0 [SR] Beginning Verify and Repair transaction
2012-11-08 13:46:11, Info CSI 000001a2 [SR] Verify complete
2012-11-08 13:46:11, Info CSI 000001a3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:46:11, Info CSI 000001a4 [SR] Beginning Verify and Repair transaction
2012-11-08 13:46:15, Info CSI 000001a6 [SR] Verify complete
2012-11-08 13:46:16, Info CSI 000001a7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:46:16, Info CSI 000001a8 [SR] Beginning Verify and Repair transaction
2012-11-08 13:46:22, Info CSI 000001aa [SR] Verify complete
2012-11-08 13:46:23, Info CSI 000001ab [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:46:23, Info CSI 000001ac [SR] Beginning Verify and Repair transaction
2012-11-08 13:46:47, Info CSI 000001ae [SR] Verify complete
2012-11-08 13:46:47, Info CSI 000001af [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:46:47, Info CSI 000001b0 [SR] Beginning Verify and Repair transaction
2012-11-08 13:47:15, Info CSI 000001b2 [SR] Verify complete
2012-11-08 13:47:15, Info CSI 000001b3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:47:15, Info CSI 000001b4 [SR] Beginning Verify and Repair transaction
2012-11-08 13:47:25, Info CSI 000001b6 [SR] Verify complete
2012-11-08 13:47:25, Info CSI 000001b7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:47:25, Info CSI 000001b8 [SR] Beginning Verify and Repair transaction
2012-11-08 13:47:30, Info CSI 000001ba [SR] Verify complete
2012-11-08 13:47:30, Info CSI 000001bb [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:47:30, Info CSI 000001bc [SR] Beginning Verify and Repair transaction
2012-11-08 13:47:35, Info CSI 000001be [SR] Verify complete
2012-11-08 13:47:35, Info CSI 000001bf [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:47:35, Info CSI 000001c0 [SR] Beginning Verify and Repair transaction
2012-11-08 13:47:40, Info CSI 000001c2 [SR] Verify complete
2012-11-08 13:47:40, Info CSI 000001c3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:47:40, Info CSI 000001c4 [SR] Beginning Verify and Repair transaction
2012-11-08 13:47:50, Info CSI 000001c6 [SR] Verify complete
2012-11-08 13:47:50, Info CSI 000001c7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:47:50, Info CSI 000001c8 [SR] Beginning Verify and Repair transaction
2012-11-08 13:48:05, Info CSI 000001d0 [SR] Verify complete
2012-11-08 13:48:05, Info CSI 000001d1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:48:05, Info CSI 000001d2 [SR] Beginning Verify and Repair transaction
2012-11-08 13:48:37, Info CSI 000001d4 [SR] Verify complete
2012-11-08 13:48:38, Info CSI 000001d5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:48:38, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction
2012-11-08 13:49:01, Info CSI 000001d8 [SR] Verify complete
2012-11-08 13:49:02, Info CSI 000001d9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:49:02, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2012-11-08 13:49:24, Info CSI 000001dc [SR] Verify complete
2012-11-08 13:49:24, Info CSI 000001dd [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:49:24, Info CSI 000001de [SR] Beginning Verify and Repair transaction
2012-11-08 13:49:54, Info CSI 000001e1 [SR] Verify complete
2012-11-08 13:49:55, Info CSI 000001e2 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:49:55, Info CSI 000001e3 [SR] Beginning Verify and Repair transaction
2012-11-08 13:50:03, Info CSI 000001e5 [SR] Verify complete
2012-11-08 13:50:03, Info CSI 000001e6 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:50:03, Info CSI 000001e7 [SR] Beginning Verify and Repair transaction
2012-11-08 13:50:20, Info CSI 000001e9 [SR] Verify complete
2012-11-08 13:50:21, Info CSI 000001ea [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:50:21, Info CSI 000001eb [SR] Beginning Verify and Repair transaction
2012-11-08 13:50:32, Info CSI 000001ed [SR] Verify complete
2012-11-08 13:50:33, Info CSI 000001ee [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:50:33, Info CSI 000001ef [SR] Beginning Verify and Repair transaction
2012-11-08 13:50:48, Info CSI 000001f4 [SR] Verify complete
2012-11-08 13:50:48, Info CSI 000001f5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:50:48, Info CSI 000001f6 [SR] Beginning Verify and Repair transaction
2012-11-08 13:51:00, Info CSI 000001fb [SR] Verify complete
2012-11-08 13:51:00, Info CSI 000001fc [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:51:00, Info CSI 000001fd [SR] Beginning Verify and Repair transaction
2012-11-08 13:51:10, Info CSI 00000201 [SR] Verify complete
2012-11-08 13:51:10, Info CSI 00000202 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:51:10, Info CSI 00000203 [SR] Beginning Verify and Repair transaction
2012-11-08 13:51:20, Info CSI 0000020e [SR] Verify complete
2012-11-08 13:51:20, Info CSI 0000020f [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:51:20, Info CSI 00000210 [SR] Beginning Verify and Repair transaction
2012-11-08 13:51:28, Info CSI 00000215 [SR] Verify complete
2012-11-08 13:51:28, Info CSI 00000216 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:51:28, Info CSI 00000217 [SR] Beginning Verify and Repair transaction
2012-11-08 13:51:35, Info CSI 00000219 [SR] Verify complete
2012-11-08 13:51:36, Info CSI 0000021a [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:51:36, Info CSI 0000021b [SR] Beginning Verify and Repair transaction
2012-11-08 13:51:41, Info CSI 0000021f [SR] Verify complete
2012-11-08 13:51:41, Info CSI 00000220 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:51:41, Info CSI 00000221 [SR] Beginning Verify and Repair transaction
2012-11-08 13:51:49, Info CSI 00000237 [SR] Verify complete
2012-11-08 13:51:49, Info CSI 00000238 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:51:49, Info CSI 00000239 [SR] Beginning Verify and Repair transaction
2012-11-08 13:51:56, Info CSI 0000024a [SR] Verify complete
2012-11-08 13:51:56, Info CSI 0000024b [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:51:56, Info CSI 0000024c [SR] Beginning Verify and Repair transaction
2012-11-08 13:52:03, Info CSI 0000024e [SR] Verify complete
2012-11-08 13:52:03, Info CSI 0000024f [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:52:03, Info CSI 00000250 [SR] Beginning Verify and Repair transaction
2012-11-08 13:52:10, Info CSI 00000252 [SR] Verify complete
2012-11-08 13:52:11, Info CSI 00000253 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:52:11, Info CSI 00000254 [SR] Beginning Verify and Repair transaction
2012-11-08 13:52:17, Info CSI 00000262 [SR] Verify complete
2012-11-08 13:52:17, Info CSI 00000263 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:52:17, Info CSI 00000264 [SR] Beginning Verify and Repair transaction
2012-11-08 13:52:28, Info CSI 00000266 [SR] Verify complete
2012-11-08 13:52:28, Info CSI 00000267 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:52:28, Info CSI 00000268 [SR] Beginning Verify and Repair transaction
2012-11-08 13:52:36, Info CSI 00000276 [SR] Verify complete
2012-11-08 13:52:36, Info CSI 00000277 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:52:36, Info CSI 00000278 [SR] Beginning Verify and Repair transaction
2012-11-08 13:52:40, Info CSI 0000027a [SR] Verify complete
2012-11-08 13:52:41, Info CSI 0000027b [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:52:41, Info CSI 0000027c [SR] Beginning Verify and Repair transaction
2012-11-08 13:52:46, Info CSI 0000027e [SR] Verify complete
2012-11-08 13:52:47, Info CSI 0000027f [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:52:47, Info CSI 00000280 [SR] Beginning Verify and Repair transaction
2012-11-08 13:52:53, Info CSI 00000283 [SR] Verify complete
2012-11-08 13:52:54, Info CSI 00000284 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:52:54, Info CSI 00000285 [SR] Beginning Verify and Repair transaction
2012-11-08 13:52:58, Info CSI 00000287 [SR] Verify complete
2012-11-08 13:52:58, Info CSI 00000288 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:52:58, Info CSI 00000289 [SR] Beginning Verify and Repair transaction
2012-11-08 13:53:07, Info CSI 0000028b [SR] Verify complete
2012-11-08 13:53:07, Info CSI 0000028c [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:53:07, Info CSI 0000028d [SR] Beginning Verify and Repair transaction
2012-11-08 13:53:14, Info CSI 0000028f [SR] Verify complete
2012-11-08 13:53:14, Info CSI 00000290 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:53:14, Info CSI 00000291 [SR] Beginning Verify and Repair transaction
2012-11-08 13:53:23, Info CSI 00000298 [SR] Verify complete
2012-11-08 13:53:24, Info CSI 00000299 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:53:24, Info CSI 0000029a [SR] Beginning Verify and Repair transaction
2012-11-08 13:53:31, Info CSI 000002af [SR] Verify complete
2012-11-08 13:53:31, Info CSI 000002b0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:53:31, Info CSI 000002b1 [SR] Beginning Verify and Repair transaction
2012-11-08 13:53:49, Info CSI 000002b3 [SR] Verify complete
2012-11-08 13:53:49, Info CSI 000002b4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:53:49, Info CSI 000002b5 [SR] Beginning Verify and Repair transaction
2012-11-08 13:53:55, Info CSI 000002b7 [SR] Verify complete
2012-11-08 13:53:56, Info CSI 000002b8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:53:56, Info CSI 000002b9 [SR] Beginning Verify and Repair transaction
2012-11-08 13:54:01, Info CSI 000002bc [SR] Verify complete
2012-11-08 13:54:01, Info CSI 000002bd [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:54:01, Info CSI 000002be [SR] Beginning Verify and Repair transaction
2012-11-08 13:54:06, Info CSI 000002c1 [SR] Verify complete
2012-11-08 13:54:06, Info CSI 000002c2 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:54:06, Info CSI 000002c3 [SR] Beginning Verify and Repair transaction
2012-11-08 13:54:11, Info CSI 000002c5 [SR] Verify complete
2012-11-08 13:54:11, Info CSI 000002c6 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:54:11, Info CSI 000002c7 [SR] Beginning Verify and Repair transaction
2012-11-08 13:54:18, Info CSI 000002c9 [SR] Verify complete
2012-11-08 13:54:18, Info CSI 000002ca [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:54:18, Info CSI 000002cb [SR] Beginning Verify and Repair transaction
2012-11-08 13:54:24, Info CSI 000002ce [SR] Verify complete
2012-11-08 13:54:25, Info CSI 000002cf [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:54:25, Info CSI 000002d0 [SR] Beginning Verify and Repair transaction
2012-11-08 13:54:29, Info CSI 000002d2 [SR] Verify complete
2012-11-08 13:54:30, Info CSI 000002d3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:54:30, Info CSI 000002d4 [SR] Beginning Verify and Repair transaction
2012-11-08 13:54:35, Info CSI 000002d6 [SR] Verify complete
2012-11-08 13:54:35, Info CSI 000002d7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:54:35, Info CSI 000002d8 [SR] Beginning Verify and Repair transaction
2012-11-08 13:54:41, Info CSI 000002da [SR] Verify complete
2012-11-08 13:54:41, Info CSI 000002db [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:54:41, Info CSI 000002dc [SR] Beginning Verify and Repair transaction
2012-11-08 13:54:49, Info CSI 000002df [SR] Verify complete
2012-11-08 13:54:50, Info CSI 000002e0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:54:50, Info CSI 000002e1 [SR] Beginning Verify and Repair transaction
2012-11-08 13:54:54, Info CSI 000002e3 [SR] Verify complete
2012-11-08 13:54:54, Info CSI 000002e4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:54:54, Info CSI 000002e5 [SR] Beginning Verify and Repair transaction
2012-11-08 13:55:01, Info CSI 000002e7 [SR] Verify complete
2012-11-08 13:55:01, Info CSI 000002e8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:55:01, Info CSI 000002e9 [SR] Beginning Verify and Repair transaction
2012-11-08 13:55:07, Info CSI 000002eb [SR] Verify complete
2012-11-08 13:55:08, Info CSI 000002ec [SR] Verifying 100 (0x0000000000000064) components
2012-11-08 13:55:08, Info CSI 000002ed [SR] Beginning Verify and Repair transaction
2012-11-08 13:55:15, Info CSI 000002ef [SR] Verify complete
2012-11-08 13:55:15, Info CSI 000002f0 [SR] Verifying 28 (0x000000000000001c) components
2012-11-08 13:55:15, Info CSI 000002f1 [SR] Beginning Verify and Repair transaction
2012-11-08 13:55:16, Info CSI 000002f3 [SR] Verify complete
2012-11-08 13:55:16, Info CSI 000002f4 [SR] Repairing 2 components
2012-11-08 13:55:16, Info CSI 000002f5 [SR] Beginning Verify and Repair transaction
2012-11-08 13:55:16, Info CSI 000002f7 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-08 13:55:16, Info CSI 000002f9 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-08 13:55:16, Info CSI 000002fb [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-08 13:55:16, Info CSI 000002fc [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-08 13:55:16, Info CSI 000002ff [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2012-11-08 13:55:16, Info CSI 00000301 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-08 13:55:16, Info CSI 00000302 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-08 13:55:16, Info CSI 00000304 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2012-11-08 13:55:16, Info CSI 00000306 [SR] Repair complete
2012-11-08 13:55:16, Info CSI 00000307 [SR] Committing transaction
2012-11-08 13:55:16, Info CSI 0000030b [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired


----------



## Mark1956 (May 7, 2011)

Please repeat the instructions I gave in post 26 and post the log.


----------



## skyla07 (Nov 3, 2012)

Here it is:

SystemLook 30.07.11 by jpshortstuff
Log created at 18:09 on 08/11/2012 by coocabarra2
Administrator - Elevation successful

========== filefind ==========

Searching for "autochk.exe"
C:\WINDOWS\System32\autochk.exe --a---- 777728 bytes [19:36 29/06/2011] [13:24 20/11/2010] 1B102EA095F79B8AB90101D43FAD79DC
C:\WINDOWS\SysWOW64\autochk.exe --a---- 668160 bytes [19:35 29/06/2011] [12:16 20/11/2010] F88A52EB62019D6A62FDD9E08034DBD8
C:\WINDOWS\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe --a---- 777728 bytes [23:25 13/07/2009] [01:38 14/07/2009] EB300B5B336606ABEB20662A6D638A4C
C:\WINDOWS\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe --a---- 777728 bytes [19:36 29/06/2011] [13:24 20/11/2010] 1B102EA095F79B8AB90101D43FAD79DC
C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe --a---- 668160 bytes [23:15 13/07/2009] [01:14 14/07/2009] 41E4C8EBA464E7D6A5BA5E8827732AEB
C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe --a---- 668160 bytes [19:35 29/06/2011] [12:16 20/11/2010] F88A52EB62019D6A62FDD9E08034DBD8

Searching for "tcpmon.ini"
C:\WINDOWS\winsxs\amd64_microsoft-windows-p..rtmonitor-tcpmonini_31bf3856ad364e35_6.1.7600.16385_none_2e6dc451c0fa9db5\tcpmon.ini --a---- 60224 bytes [21:01 10/06/2009] [00:51 19/01/2010] D79575BE490A45AD09BDEDBCACB5B155

-= EOF =-


----------



## Mark1956 (May 7, 2011)

Although SystemLook is no longer showing the tcpmon file that you changed the name of it is still showing in the SFC scan, very odd. As the file is only a text file I think we can safely leave that as it is and concentrate on fixing the autochk file.

The file replacement shows as being done, but SystemLook and SFC both show the replacement didn't stick and it has reverted back to its original version.

We will try using another tool to make the change which is a bit quicker to use, I will also include changing the back up copies. First though I need you to make a copy of the original file just in case we hit any problems.

Use Windows Explorer to navigate to C:\WINDOWS\System32\autochk.exe right click on the file and select Copy, then go back to the desktop, right click on empty space and then select Paste, that will leave a copy of the original file on your desktop.

Now follow these instructions and post the log, follow that with another run of SFC and post that log also.

Please download *OTM by OldTimer*. Save it to your desktop.

Double click *OTM.exe* to start the tool.


*Copy* the text in the code box below to the clipboard by highlighting *ALL* of them and *pressing CTRL + C* (or, after

highlighting, right-click and choose *Copy*):


```
:Processes
explorer.exe

:Files
C:\WINDOWS\System32\autochk.exe | C:\WINDOWS\SysWOW64\autochk.exe /replace
C:\WINDOWS\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe | C:\WINDOWS\SysWOW64\autochk.exe /replace
C:\WINDOWS\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe | C:\WINDOWS\SysWOW64\autochk.exe /replace
[createrestorepoint]
[emptyflash]
[emptytemp]
[resethosts]
[reboot]
```

 Return to OTM, right click in the *"Paste Instructions for Items to be Moved"* window (under the yellow bar) and choose *Paste*.
Click the red *Moveit!* button.
All your desktop icons will dissapear as the scan begins. It should complete within a few minutes.
Once complete you may see a box appear asking you to Restart the system to complete the file removal, accept it and it will reboot.
Even if that box does not appear the system should reboot as the command is included in the script.
When the system has come back to the desktop a Notepad document will open, please copy and paste that into your next post.

-- Note: The logs are saved here: C:\_OTM\MovedFiles


----------



## skyla07 (Nov 3, 2012)

Every time I try to save the OTM file to my desktop, it says that it can't be saved there, and to try another location. Then my McAfee pops up saying that it has removed a Trojan from my computer and no further action is required. I've tried to download it a couple of times and the same thing happens. Do I need to disable McAfee to download and run it?


----------



## Mark1956 (May 7, 2011)

Yup, disable McAfee if you can, even after being disabled it may still have active components running so if it causes further problems uninstall it and then run this clean up tool: McAfee Removal Tool
Then install this to keep you protected: Microsoft Security Essentials

If at any point you need to disable MSE it can be easily done:

Click on the icon in the Taskbar, then click on *Open* which should appear.
Click on the *Settings* tab and select *Real-time protection* in the list on the left.
Click on the check box to clear it next to *Turn on real-time protection (recommended).*
Click on *Save Changes* and close the window.


----------



## skyla07 (Nov 3, 2012)

OTM:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
Unable to replace file: C:\WINDOWS\System32\autochk.exe with C:\WINDOWS\SysWOW64\autochk.exe without a reboot.
Unable to replace file: C:\WINDOWS\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe with C:\WINDOWS\SysWOW64\autochk.exe without a reboot.
Unable to replace file: C:\WINDOWS\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe with C:\WINDOWS\SysWOW64\autochk.exe without a reboot.
File/Folder [createrestorepoint] not found.
File/Folder [emptyflash] not found.
File/Folder [emptytemp] not found.
File/Folder [resethosts] not found.
File/Folder [reboot] not found.

OTM by OldTimer - Version 3.1.21.0 log created on 11092012_224511

SFC:

2012-11-09 22:54:58, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:54:58, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:02, Info CSI 0000000c [SR] Verify complete
2012-11-09 22:55:03, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:03, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:06, Info CSI 00000010 [SR] Verify complete
2012-11-09 22:55:07, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:07, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:10, Info CSI 00000014 [SR] Verify complete
2012-11-09 22:55:11, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:11, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:16, Info CSI 00000018 [SR] Verify complete
2012-11-09 22:55:17, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:17, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:22, Info CSI 0000001c [SR] Verify complete
2012-11-09 22:55:22, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:22, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:27, Info CSI 00000020 [SR] Verify complete
2012-11-09 22:55:28, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:28, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:32, Info CSI 00000024 [SR] Verify complete
2012-11-09 22:55:32, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:32, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:37, Info CSI 00000028 [SR] Verify complete
2012-11-09 22:55:38, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:38, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:42, Info CSI 0000002c [SR] Verify complete
2012-11-09 22:55:42, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:42, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:44, Info CSI 00000030 [SR] Verify complete
2012-11-09 22:55:44, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:44, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:49, Info CSI 00000035 [SR] Verify complete
2012-11-09 22:55:50, Info CSI 00000036 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:50, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2012-11-09 22:55:55, Info CSI 00000039 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-09 22:55:58, Info CSI 0000003c [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-09 22:55:58, Info CSI 0000003d [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-09 22:55:58, Info CSI 00000040 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2012-11-09 22:55:59, Info CSI 00000042 [SR] Verify complete
2012-11-09 22:55:59, Info CSI 00000043 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:55:59, Info CSI 00000044 [SR] Beginning Verify and Repair transaction
2012-11-09 22:56:05, Info CSI 00000048 [SR] Verify complete
2012-11-09 22:56:05, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:56:05, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2012-11-09 22:56:12, Info CSI 0000004d [SR] Verify complete
2012-11-09 22:56:12, Info CSI 0000004e [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:56:12, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2012-11-09 22:56:19, Info CSI 00000051 [SR] Verify complete
2012-11-09 22:56:19, Info CSI 00000052 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:56:19, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2012-11-09 22:56:29, Info CSI 00000075 [SR] Verify complete
2012-11-09 22:56:30, Info CSI 00000076 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:56:30, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
2012-11-09 22:56:37, Info CSI 0000007c [SR] Verify complete
2012-11-09 22:56:37, Info CSI 0000007d [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:56:37, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
2012-11-09 22:56:47, Info CSI 00000080 [SR] Verify complete
2012-11-09 22:56:47, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:56:47, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2012-11-09 22:57:04, Info CSI 00000084 [SR] Verify complete
2012-11-09 22:57:04, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:57:04, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2012-11-09 22:57:14, Info CSI 00000088 [SR] Verify complete
2012-11-09 22:57:14, Info CSI 00000089 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:57:14, Info CSI 0000008a [SR] Beginning Verify and Repair transaction
2012-11-09 22:57:27, Info CSI 0000008c [SR] Verify complete
2012-11-09 22:57:27, Info CSI 0000008d [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:57:27, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
2012-11-09 22:57:53, Info CSI 000000b1 [SR] Verify complete
2012-11-09 22:57:53, Info CSI 000000b2 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:57:53, Info  CSI 000000b3 [SR] Beginning Verify and Repair transaction
2012-11-09 22:58:16, Info CSI 000000b5 [SR] Verify complete
2012-11-09 22:58:16, Info CSI 000000b6 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:58:16, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction
2012-11-09 22:58:52, Info CSI 000000b9 [SR] Verify complete
2012-11-09 22:58:52, Info CSI 000000ba [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:58:52, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2012-11-09 22:59:04, Info CSI 000000bf [SR] Verify complete
2012-11-09 22:59:05, Info CSI 000000c0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:59:05, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction
2012-11-09 22:59:08, Info CSI 000000c3 [SR] Verify complete
2012-11-09 22:59:08, Info CSI 000000c4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:59:08, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction
2012-11-09 22:59:10, Info CSI 000000c7 [SR] Verify complete
2012-11-09 22:59:10, Info CSI 000000c8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:59:10, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
2012-11-09 22:59:19, Info CSI 000000d7 [SR] Verify complete
2012-11-09 22:59:19, Info CSI 000000d8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:59:19, Info CSI 000000d9 [SR] Beginning Verify and Repair transaction
2012-11-09 22:59:29, Info CSI 000000e0 [SR] Verify complete
2012-11-09 22:59:29, Info CSI 000000e1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:59:29, Info CSI 000000e2 [SR] Beginning Verify and Repair transaction
2012-11-09 22:59:36, Info CSI 000000e4 [SR] Verify complete
2012-11-09 22:59:36, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:59:36, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2012-11-09 22:59:44, Info CSI 000000e8 [SR] Verify complete
2012-11-09 22:59:44, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:59:44, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2012-11-09 22:59:53, Info CSI 000000ec [SR] Verify complete
2012-11-09 22:59:53, Info CSI 000000ed [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 22:59:53, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
2012-11-09 23:00:06, Info CSI 000000f2 [SR] Verify complete
2012-11-09 23:00:06, Info CSI 000000f3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:00:06, Info CSI 000000f4 [SR] Beginning Verify and Repair transaction
2012-11-09 23:00:13, Info CSI 000000f6 [SR] Verify complete
2012-11-09 23:00:14, Info CSI 000000f7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:00:14, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction
2012-11-09 23:00:18, Info CSI 000000fa [SR] Verify complete
2012-11-09 23:00:18, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:00:18, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2012-11-09 23:00:29, Info CSI 000000fe [SR] Verify complete
2012-11-09 23:00:30, Info CSI 000000ff [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:00:30, Info CSI 00000100 [SR] Beginning Verify and Repair transaction
2012-11-09 23:00:38, Info CSI 00000102 [SR] Verify complete
2012-11-09 23:00:39, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:00:39, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2012-11-09 23:00:47, Info CSI 00000106 [SR] Verify complete
2012-11-09 23:00:47, Info CSI 00000107 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:00:47, Info CSI 00000108 [SR] Beginning Verify and Repair transaction
2012-11-09 23:01:02, Info CSI 00000112 [SR] Verify complete
2012-11-09 23:01:02, Info CSI 00000113 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:01:02, Info CSI 00000114 [SR] Beginning Verify and Repair transaction
2012-11-09 23:01:11, Info CSI 00000124 [SR] Verify complete
2012-11-09 23:01:12, Info CSI 00000125 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:01:12, Info CSI 00000126 [SR] Beginning Verify and Repair transaction
2012-11-09 23:01:28, Info CSI 00000128 [SR] Verify complete
2012-11-09 23:01:29, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:01:29, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
2012-11-09 23:01:50, Info CSI 0000012c [SR] Verify complete
2012-11-09 23:01:51, Info CSI 0000012d [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:01:51, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
2012-11-09 23:02:09, Info CSI 00000131 [SR] Verify complete
2012-11-09 23:02:10, Info CSI 00000132 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:02:10, Info CSI 00000133 [SR] Beginning Verify and Repair transaction
2012-11-09 23:02:18, Info CSI 00000135 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-09 23:02:21, Info CSI 00000137 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-09 23:02:21, Info CSI 00000138 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-09 23:02:21, Info CSI 0000013a [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2012-11-09 23:02:21, Info CSI 0000013c [SR] Verify complete
2012-11-09 23:02:21, Info CSI 0000013d [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:02:21, Info CSI 0000013e [SR] Beginning Verify and Repair transaction
2012-11-09 23:02:30, Info CSI 00000140 [SR] Verify complete
2012-11-09 23:02:30, Info CSI 00000141 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:02:30, Info CSI 00000142 [SR] Beginning Verify and Repair transaction
2012-11-09 23:02:36, Info CSI 00000144 [SR] Verify complete
2012-11-09 23:02:37, Info CSI 00000145 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:02:37, Info CSI 00000146 [SR] Beginning Verify and Repair transaction
2012-11-09 23:02:45, Info CSI 0000014a [SR] Verify complete
2012-11-09 23:02:45, Info CSI 0000014b [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:02:45, Info CSI 0000014c [SR] Beginning Verify and Repair transaction
2012-11-09 23:03:02, Info CSI 0000014e [SR] Verify complete
2012-11-09 23:03:03, Info CSI 0000014f [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:03:03, Info CSI 00000150 [SR] Beginning Verify and Repair transaction
2012-11-09 23:03:18, Info CSI 00000153 [SR] Verify complete
2012-11-09 23:03:18, Info CSI 00000154 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:03:18, Info CSI 00000155 [SR] Beginning Verify and Repair transaction
2012-11-09 23:03:25, Info CSI 00000157 [SR] Verify complete
2012-11-09 23:03:26, Info CSI 00000158 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:03:26, Info CSI 00000159 [SR] Beginning Verify and Repair transaction
2012-11-09 23:03:35, Info CSI 0000015c [SR] Verify complete
2012-11-09 23:03:35, Info CSI 0000015d [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:03:35, Info CSI 0000015e [SR] Beginning Verify and Repair transaction
2012-11-09 23:03:49, Info CSI 00000161 [SR] Verify complete
2012-11-09 23:03:49, Info CSI 00000162 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:03:49, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2012-11-09 23:03:57, Info CSI 00000165 [SR] Verify complete
2012-11-09 23:03:57, Info CSI 00000166 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:03:57, Info CSI 00000167 [SR] Beginning Verify and Repair transaction
2012-11-09 23:04:06, Info CSI 00000169 [SR] Verify complete
2012-11-09 23:04:07, Info CSI 0000016a [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:04:07, Info CSI 0000016b [SR] Beginning Verify and Repair transaction
2012-11-09 23:04:14, Info CSI 0000016d [SR] Verify complete
2012-11-09 23:04:14, Info CSI 0000016e [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:04:14, Info CSI 0000016f [SR] Beginning Verify and Repair transaction
2012-11-09 23:04:24, Info CSI 00000172 [SR] Verify complete
2012-11-09 23:04:25, Info CSI 00000173 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:04:25, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2012-11-09 23:04:31, Info CSI 00000176 [SR] Verify complete
2012-11-09 23:04:31, Info CSI 00000177 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:04:31, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2012-11-09 23:04:40, Info CSI 0000017b [SR] Verify complete
2012-11-09 23:04:41, Info CSI 0000017c [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:04:41, Info CSI 0000017d [SR] Beginning Verify and Repair transaction
2012-11-09 23:04:50, Info CSI 0000017f [SR] Verify complete
2012-11-09 23:04:50, Info CSI 00000180 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:04:50, Info CSI 00000181 [SR] Beginning Verify and Repair transaction
2012-11-09 23:04:58, Info CSI 00000185 [SR] Verify complete
2012-11-09 23:04:58, Info CSI 00000186 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:04:58, Info CSI 00000187 [SR] Beginning Verify and Repair transaction
2012-11-09 23:05:08, Info CSI 00000189 [SR] Verify complete
2012-11-09 23:05:08, Info CSI 0000018a [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:05:08, Info CSI 0000018b [SR] Beginning Verify and Repair transaction
2012-11-09 23:05:17, Info CSI 0000018e [SR] Verify complete
2012-11-09 23:05:18, Info CSI 0000018f [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:05:18, Info CSI 00000190 [SR] Beginning Verify and Repair transaction
2012-11-09 23:05:24, Info CSI 00000192 [SR] Verify complete
2012-11-09 23:05:24, Info CSI 00000193 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:05:24, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
2012-11-09 23:05:27, Info CSI 00000196 [SR] Verify complete
2012-11-09 23:05:27, Info CSI 00000197 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:05:27, Info CSI 00000198 [SR] Beginning Verify and Repair transaction
2012-11-09 23:05:34, Info CSI 0000019a [SR] Verify complete
2012-11-09 23:05:34, Info CSI 0000019b [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:05:34, Info CSI 0000019c [SR] Beginning Verify and Repair transaction
2012-11-09 23:05:41, Info CSI 0000019e [SR] Verify complete
2012-11-09 23:05:42, Info CSI 0000019f [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:05:42, Info CSI 000001a0 [SR] Beginning Verify and Repair transaction
2012-11-09 23:05:50, Info CSI 000001a2 [SR] Verify complete
2012-11-09 23:05:50, Info CSI 000001a3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:05:50, Info CSI 000001a4 [SR] Beginning Verify and Repair transaction
2012-11-09 23:05:55, Info CSI 000001a6 [SR] Verify complete
2012-11-09 23:05:55, Info CSI 000001a7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:05:55, Info CSI 000001a8 [SR] Beginning Verify and Repair transaction
2012-11-09 23:06:02, Info CSI 000001aa [SR] Verify complete
2012-11-09 23:06:03, Info CSI 000001ab [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:06:03, Info CSI 000001ac [SR] Beginning Verify and Repair transaction
2012-11-09 23:06:27, Info CSI 000001ae [SR] Verify complete
2012-11-09 23:06:27, Info CSI 000001af [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:06:27, Info CSI 000001b0 [SR] Beginning Verify and Repair transaction
2012-11-09 23:06:56, Info CSI 000001b2 [SR] Verify complete
2012-11-09 23:06:56, Info CSI 000001b3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:06:56, Info CSI 000001b4 [SR] Beginning Verify and Repair transaction
2012-11-09 23:07:06, Info CSI 000001b6 [SR] Verify complete
2012-11-09 23:07:06, Info CSI 000001b7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:07:06, Info CSI 000001b8 [SR] Beginning Verify and Repair transaction
2012-11-09 23:07:12, Info CSI 000001ba [SR] Verify complete
2012-11-09 23:07:13, Info CSI 000001bb [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:07:13, Info CSI 000001bc [SR] Beginning Verify and Repair transaction
2012-11-09 23:07:17, Info CSI 000001be [SR] Verify complete
2012-11-09 23:07:17, Info CSI 000001bf [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:07:17, Info CSI 000001c0 [SR] Beginning Verify and Repair transaction
2012-11-09 23:07:23, Info CSI 000001c2 [SR] Verify complete
2012-11-09 23:07:23, Info CSI 000001c3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:07:23, Info CSI 000001c4 [SR] Beginning Verify and Repair transaction
2012-11-09 23:07:36, Info CSI 000001c6 [SR] Verify complete
2012-11-09 23:07:36, Info CSI 000001c7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:07:36, Info CSI 000001c8 [SR] Beginning Verify and Repair transaction
2012-11-09 23:07:45, Info CSI 000001d0 [SR] Verify complete
2012-11-09 23:07:46, Info CSI 000001d1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:07:46, Info CSI 000001d2 [SR] Beginning Verify and Repair transaction
2012-11-09 23:07:52, Info CSI 000001d4 [SR] Verify complete
2012-11-09 23:07:52, Info CSI 000001d5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:07:52, Info CSI 000001d6 [SR] Beginning Verify and Repair transaction
2012-11-09 23:07:57, Info CSI 000001d8 [SR] Verify complete
2012-11-09 23:07:57, Info CSI 000001d9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:07:57, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2012-11-09 23:08:03, Info CSI 000001dc [SR] Verify complete
2012-11-09 23:08:03, Info CSI 000001dd [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:08:03, Info CSI 000001de [SR] Beginning Verify and Repair transaction
2012-11-09 23:08:14, Info CSI 000001e1 [SR] Verify complete
2012-11-09 23:08:14, Info CSI 000001e2 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:08:14, Info CSI 000001e3 [SR] Beginning Verify and Repair transaction
2012-11-09 23:08:22, Info CSI 000001e5 [SR] Verify complete
2012-11-09 23:08:22, Info CSI 000001e6 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:08:22, Info CSI 000001e7 [SR] Beginning Verify and Repair transaction
2012-11-09 23:08:26, Info CSI 000001e9 [SR] Verify complete
2012-11-09 23:08:26, Info CSI 000001ea [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:08:26, Info CSI 000001eb [SR] Beginning Verify and Repair transaction
2012-11-09 23:08:35, Info CSI 000001ed [SR] Verify complete
2012-11-09 23:08:35, Info CSI 000001ee [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:08:35, Info CSI 000001ef [SR] Beginning Verify and Repair transaction
2012-11-09 23:08:50, Info CSI 000001f4 [SR] Verify complete
2012-11-09 23:08:50, Info CSI 000001f5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:08:50, Info CSI 000001f6 [SR] Beginning Verify and Repair transaction
2012-11-09 23:09:01, Info CSI 000001fb [SR] Verify complete
2012-11-09 23:09:02, Info CSI 000001fc [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:09:02, Info CSI 000001fd [SR] Beginning Verify and Repair transaction
2012-11-09 23:09:12, Info CSI 00000201 [SR] Verify complete
2012-11-09 23:09:12, Info CSI 00000202 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:09:12, Info CSI 00000203 [SR] Beginning Verify and Repair transaction
2012-11-09 23:09:22, Info CSI 0000020e [SR] Verify complete
2012-11-09 23:09:22, Info CSI 0000020f [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:09:22, Info CSI 00000210 [SR] Beginning Verify and Repair transaction
2012-11-09 23:09:30, Info CSI 00000215 [SR] Verify complete
2012-11-09 23:09:30, Info CSI 00000216 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:09:30, Info CSI 00000217 [SR] Beginning Verify and Repair transaction
2012-11-09 23:09:36, Info CSI 00000218 [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:22{11}]"autochk.exe" from store
2012-11-09 23:09:37, Info CSI 0000021a [SR] Verify complete
2012-11-09 23:09:37, Info CSI 0000021b [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:09:37, Info CSI 0000021c [SR] Beginning Verify and Repair transaction
2012-11-09 23:09:43, Info CSI 00000220 [SR] Verify complete
2012-11-09 23:09:43, Info CSI 00000221 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:09:43, Info CSI 00000222 [SR] Beginning Verify and Repair transaction
2012-11-09 23:09:51, Info CSI 00000238 [SR] Verify complete
2012-11-09 23:09:51, Info CSI 00000239 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:09:51, Info CSI 0000023a [SR] Beginning Verify and Repair transaction
2012-11-09 23:09:57, Info CSI 0000024b [SR] Verify complete
2012-11-09 23:09:58, Info CSI 0000024c [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:09:58, Info CSI 0000024d [SR] Beginning Verify and Repair transaction
2012-11-09 23:10:04, Info CSI 0000024f [SR] Verify complete
2012-11-09 23:10:05, Info CSI 00000250 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:10:05, Info CSI 00000251 [SR] Beginning Verify and Repair transaction
2012-11-09 23:10:12, Info CSI 00000253 [SR] Verify complete
2012-11-09 23:10:12, Info CSI 00000254 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:10:12, Info CSI 00000255 [SR] Beginning Verify and Repair transaction
2012-11-09 23:10:18, Info CSI 00000263 [SR] Verify complete
2012-11-09 23:10:19, Info CSI 00000264 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:10:19, Info CSI 00000265 [SR] Beginning Verify and Repair transaction
2012-11-09 23:10:30, Info CSI 00000267 [SR] Verify complete
2012-11-09 23:10:30, Info CSI 00000268 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:10:30, Info CSI 00000269 [SR] Beginning Verify and Repair transaction
2012-11-09 23:10:39, Info CSI 00000277 [SR] Verify complete
2012-11-09 23:10:39, Info CSI 00000278 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:10:39, Info CSI 00000279 [SR] Beginning Verify and Repair transaction
2012-11-09 23:10:43, Info CSI 0000027b [SR] Verify complete
2012-11-09 23:10:43, Info CSI 0000027c [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:10:43, Info CSI 0000027d [SR] Beginning Verify and Repair transaction
2012-11-09 23:10:49, Info CSI 0000027f [SR] Verify complete
2012-11-09 23:10:49, Info CSI 00000280 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:10:49, Info CSI 00000281 [SR] Beginning Verify and Repair transaction
2012-11-09 23:10:57, Info CSI 00000284 [SR] Verify complete
2012-11-09 23:10:57, Info CSI 00000285 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:10:57, Info CSI 00000286 [SR] Beginning Verify and Repair transaction
2012-11-09 23:11:01, Info CSI 00000288 [SR] Verify complete
2012-11-09 23:11:01, Info CSI 00000289 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:11:01, Info CSI 0000028a [SR] Beginning Verify and Repair transaction
2012-11-09 23:11:10, Info CSI 0000028c [SR] Verify complete
2012-11-09 23:11:10, Info CSI 0000028d [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:11:10, Info CSI 0000028e [SR] Beginning Verify and Repair transaction
2012-11-09 23:11:19, Info CSI 00000290 [SR] Verify complete
2012-11-09 23:11:19, Info CSI 00000291 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:11:19, Info CSI 00000292 [SR] Beginning Verify and Repair transaction
2012-11-09 23:11:29, Info CSI 00000299 [SR] Verify complete
2012-11-09 23:11:29, Info CSI 0000029a [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:11:29, Info CSI 0000029b [SR] Beginning Verify and Repair transaction
2012-11-09 23:11:37, Info CSI 000002b0 [SR] Verify complete
2012-11-09 23:11:37, Info CSI 000002b1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:11:37, Info CSI 000002b2 [SR] Beginning Verify and Repair transaction
2012-11-09 23:11:55, Info CSI 000002b4 [SR] Verify complete
2012-11-09 23:11:55, Info CSI 000002b5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:11:55, Info CSI 000002b6 [SR] Beginning Verify and Repair transaction
2012-11-09 23:12:02, Info CSI 000002b8 [SR] Verify complete
2012-11-09 23:12:02, Info CSI 000002b9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:12:02, Info CSI 000002ba [SR] Beginning Verify and Repair transaction
2012-11-09 23:12:07, Info CSI 000002bd [SR] Verify complete
2012-11-09 23:12:07, Info CSI 000002be [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:12:07, Info CSI 000002bf [SR] Beginning Verify and Repair transaction
2012-11-09 23:12:12, Info CSI 000002c2 [SR] Verify complete
2012-11-09 23:12:12, Info CSI 000002c3 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:12:12, Info CSI 000002c4 [SR] Beginning Verify and Repair transaction
2012-11-09 23:12:18, Info CSI 000002c6 [SR] Verify complete
2012-11-09 23:12:19, Info CSI 000002c7 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:12:19, Info CSI 000002c8 [SR] Beginning Verify and Repair transaction
2012-11-09 23:12:26, Info CSI 000002ca [SR] Verify complete
2012-11-09 23:12:26, Info CSI 000002cb [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:12:26, Info CSI 000002cc [SR] Beginning Verify and Repair transaction
2012-11-09 23:12:32, Info CSI 000002cf [SR] Verify complete
2012-11-09 23:12:33, Info CSI 000002d0 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:12:33, Info CSI 000002d1 [SR] Beginning Verify and Repair transaction
2012-11-09 23:12:38, Info CSI 000002d3 [SR] Verify complete
2012-11-09 23:12:38, Info CSI 000002d4 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:12:38, Info CSI 000002d5 [SR] Beginning Verify and Repair transaction
2012-11-09 23:12:44, Info CSI 000002d7 [SR] Verify complete
2012-11-09 23:12:44, Info CSI 000002d8 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:12:44, Info CSI 000002d9 [SR] Beginning Verify and Repair transaction
2012-11-09 23:12:50, Info CSI 000002db [SR] Verify complete
2012-11-09 23:12:50, Info CSI 000002dc [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:12:50, Info CSI 000002dd [SR] Beginning Verify and Repair transaction
2012-11-09 23:12:59, Info CSI 000002e0 [SR] Verify complete
2012-11-09 23:13:00, Info CSI 000002e1 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:13:00, Info CSI 000002e2 [SR] Beginning Verify and Repair transaction
2012-11-09 23:13:04, Info CSI 000002e4 [SR] Verify complete
2012-11-09 23:13:04, Info CSI 000002e5 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:13:04, Info CSI 000002e6 [SR] Beginning Verify and Repair transaction
2012-11-09 23:13:10, Info CSI 000002e8 [SR] Verify complete
2012-11-09 23:13:10, Info CSI 000002e9 [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:13:10, Info CSI 000002ea [SR] Beginning Verify and Repair transaction
2012-11-09 23:13:17, Info CSI 000002ec [SR] Verify complete
2012-11-09 23:13:18, Info CSI 000002ed [SR] Verifying 100 (0x0000000000000064) components
2012-11-09 23:13:18, Info CSI 000002ee [SR] Beginning Verify and Repair transaction
2012-11-09 23:13:29, Info CSI 000002f0 [SR] Verify complete
2012-11-09 23:13:29, Info CSI 000002f1 [SR] Verifying 29 (0x000000000000001d) components
2012-11-09 23:13:29, Info CSI 000002f2 [SR] Beginning Verify and Repair transaction
2012-11-09 23:13:32, Info CSI 000002f4 [SR] Verify complete
2012-11-09 23:13:32, Info CSI 000002f5 [SR] Repairing 3 components
2012-11-09 23:13:32, Info CSI 000002f6 [SR] Beginning Verify and Repair transaction
2012-11-09 23:13:32, Info CSI 000002f8 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-09 23:13:32, Info CSI 000002fa [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-09 23:13:32, Info CSI 000002fc [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-09 23:13:32, Info CSI 000002fd [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-09 23:13:32, Info CSI 00000300 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2012-11-09 23:13:32, Info CSI 00000302 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-11-09 23:13:32, Info CSI 00000303 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-11-09 23:13:32, Info CSI 00000305 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2012-11-09 23:13:32, Info CSI 00000306 [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:22{11}]"autochk.exe" from store
2012-11-09 23:13:33, Info CSI 00000308 [SR] Repair complete
2012-11-09 23:13:33, Info CSI 00000309 [SR] Committing transaction
2012-11-09 23:13:33, Info CSI 0000030d [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired


----------



## Mark1956 (May 7, 2011)

I made a small error in the script for OTM so it won't have automatically rebooted which is needed to complete the file replacement. Did you reboot before running SFC, if not then reboot and run SFC again.


----------



## skyla07 (Nov 3, 2012)

Yes, actually it rebooted itself after OTM ran.


----------



## Mark1956 (May 7, 2011)

This is taking some sorting out. There appears to still be a problem with the autochk.exe file.

Please click on the green button at the top of this page to run an auto fix: http://support.microsoft.com/kb/975778/en-us this should replace the file with a fresh copy.

When complete please reboot the system, if not already done, and run SFC yet again.


----------



## skyla07 (Nov 3, 2012)

I'm so sorry, I know this is taking a while, but I really do appreciate your help.

I unzipped it to the desktop, but it popped up saying that the update is not applicable to my computer, and then it quit.


----------



## Mark1956 (May 7, 2011)

You're most welcome, my comment about how long this was taking was not a complaint more of an apology. We will get there in the end.

When you selected the download for the hotfix did you click on Show hotfixes for all Platforms and Languages and select the second one in the list for X64. If you didn't then you will have downloaded the fix for a 32bit system which would explain the error.


----------



## skyla07 (Nov 3, 2012)

Yes, I did. And just to make sure, I just did it again and made double sure that I selected the x64 platform, and it gave me the same error message.


----------



## Mark1956 (May 7, 2011)

Have you got a Windows 7 64bit installation disc or could you get access to another Windows 7 64bit PC?


----------



## skyla07 (Nov 3, 2012)

I do not have access to another PC, but I am currently looking for the installation CD that came with the laptop. I will post again soon after looking again to let you know if I was able to locate it or not.


----------



## Mark1956 (May 7, 2011)

OK.


----------



## skyla07 (Nov 3, 2012)

I am so sorry that it is taking me so long. We have had company for the holidays for farrrrr longer than I would have liked. I have been terribly busy and have not had the time to look for that disc. I know we have it here somewhere. I am going to bed right now, but will look first thing in the morning. Thank you for your patience and understanding.


----------



## Mark1956 (May 7, 2011)

No problem, whenever you are ready.


----------



## skyla07 (Nov 3, 2012)

What do I need the installation disc for Mark? Is it to erase the computer and reinstall windows? I am currently still looking for the CD, but on the fence about having to completely re-do everything. What kind of problem do I have with the my computer, and what are the risks associated with keeping things the way they are? Thank you in advance for answering my nagging questions!


----------



## Mark1956 (May 7, 2011)

I shall have to get back on this in the morning, it's 1.30AM where I am and I have lost track of where we were going so I will have to review the thread from start.

How well is the system running?


----------



## Mark1956 (May 7, 2011)

Looking back through the thread I was asking if you had a Windows 7 disc so we can copy and replace both of the corrupt files.

This may not be possible with an OEM re-installation disc, but we can try. It would be easier with a retail copy of Windows 7 or to copy the files from another PC.

Without the disc there is little we can do, but if you are happy with the way the system is running then all we need to do is check for required updates and clean up all the tools used.

I should point out that with the autochk.exe file copies not being fully repaired System Restore may not function correctly. At the end of the day the most efficient solution would be to do a full re-install of the OS. But, if you can borrow the correct retail copy of Windows 7 a Repair install will fix the corrupt files and leave all your personal files and installed software intact.


----------



## skyla07 (Nov 3, 2012)

Okay. I have one more place that I need to look for the disc. We just moved recently, so that is why is has taken so long to locate the disc. I suppose if I can't find it, I will do the updates and clean up the tools then. 

The system is running a little slow at times, but most of the time it runs pretty good. I don't know why, but for some reason the little battery charger icon located in the lower right hand side of the main tool/task bar is missing all of a sudden. Anyway, thank you for the explanation, and I will keep looking for that disc. Thanks!


----------



## Mark1956 (May 7, 2011)

Ok, please run this and post the log.

Download Security Check by screen317 from Here or Here.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please Copy & Paste the contents of that document into your next reply.


----------



## skyla07 (Nov 3, 2012)

Here is the result of that check:

Results of screen317's Security Check version 0.99.56 
Windows 7 Service Pack 1 x64 (UAC is enabled) 
Internet Explorer 9 
*``````````````Antivirus/Firewall Check:``````````````* 
Windows Firewall Enabled! 
McAfee Anti-Virus and Anti-Spyware 
WMI entry may not exist for antivirus; attempting automatic update. 
*`````````Anti-malware/Other Utilities Check:`````````* 
Malwarebytes Anti-Malware version 1.65.1.1000 
Adobe Flash Player 11.4.402.287 *Flash Player out of Date!* 
Adobe Reader 9 *Adobe Reader out of Date!* 
Mozilla Firefox 16.0.2 *Firefox out of Date!* 
*````````Process Check: objlist.exe by Laurent````````* 
*`````````````````System Health check`````````````````* 
Total Fragmentation on Drive C: 
*````````````````````End of Log``````````````````````*


----------



## Mark1956 (May 7, 2011)

There are a few items to update, please follow this and then continue with the instructions to clean up the tools used.

To update Firefox.
Open Firefox and click on Help > About Firefox.
Firefox will automatically check for any available update and install it.

*Adobe*
Close any programs you may have running - especially your web browser.
Click on Start







> *Control Panel*, double-click on Programs and Features and uninstall the following Adobe entries:

*Adobe Reader 9
Adobe lash Player 11*

*NOTE:* For *XP* click on







> *Control Panel*, double-click on *Add or Remove Programs* and continue as above.

Then go to this link Adobe Downloads and select the latest version to download and install. You will see this page below, click on the appropriate button for for the Adobe product that was just removed.










You will now see a page similar to this one:










All four Adobe products, Reader, Flash Player, Air and Shockwave Player are set by default to download the version for *Windows* Operating Systems and for *Internet Explorer* in *English*. If you are using a Macintosh, or you want to use the Adobe product with a different Browser or language you must click on the line (as indicated in the above image) to make further selections to meet your requirements.

As you will see in the above image the Adobe Reader is set for Windows 7, please click (as indicated) if you are using a different version of *Windows* to make further selections. All the other Adobe products are universal and you will only need to change the selection for different Browsers, Languages or for Macintosh.
NOTE: In all the downloads look out for the Google Toolbar and uncheck the box if you do not need it.

Some additional instructions may appear for XP installations. In all cases save the download to your desktop, then close your browser and double click on the Adobe icon on your desktop to install it. If you have any problems installing, disconnect from the internet and disable your Anti Virus and any other security software, instructions for most AV's, etc. can be found here: How to disable security software.

*To update Java*


Open the browser that you normally use and click on this link: Java Download
Click on the big red button *Free Java Download*
On the next page click on the big red button *Agree and Start Free Download*
Select *Run* whenever the option appears. If no *Run* option appears click on *Save* and then when the download completes click on *Run*. If a *User Account Control* warning appears click on *Continue*.
When the *Welcome to Java* window appears click on* Install*.
It may takes several minutes to download the installer depending on the speed of your connection, allow it to complete.
If any error messages appear click on OK and then click on the *Agree and start free download* button again.
Please wait for the *Java Setup* window to appear. Uncheck the box to install the *Ask Toolbar* and then click on *Next*.
*NOTE: *The Ask Toolbar option may change without notice to something different, please make sure you uncheck the box for anything else that is offered. On some systems this offer may not appear, in which case, continue with the next instruction.
You will then see the *Java Setup Progress* window and another will appear for *JavaFX* (on some systems the JavaFX will not appear or be installed). Finally the *Java Setup Complete* window will appear, click on *Close*.
If a Java page then appears with a button to *Verify Java Version* click on it and it will verify the installation.
The Installation is now complete, please reboot the system.
*NOTE:* The JavaFX component is not required unless you are developing Java applications. It is perfectly safe to keep on your system, but if you wish to uninstall it please do so.

______________________________________________________________________

To re-enable your CD Emulation drivers if you disabled them, double click *DeFogger.exe* to run the tool again.


The application window will appear.
Click the *Re-enable* button to re-enable your CD Emulation drivers.
Click *Yes* to continue.
A *'Finished!*' message will appear.
Click *OK*.
DeFogger will now ask to reboot the machine...click *OK*.

To uninstall ComboFix, press the *WINKEY + R* keys on your keyboard or click on Start







and type *Run* into the search box and hit *Enter*.
In the *Run* box type: *ComboFix /Uninstall* (Be sure to leave a space before the forward slash).











Click on *OK*.
If you encounter any problems using the switch from the Run dialog box, just rename ComboFix.exe to *Uninstall.exe*, then double-click on it to remove.
This will delete ComboFix's related folders/files, reset the clock settings, hide file extensions/system files, clear the System Restore cache to prevent possible reinfection and *create a new Restore point.*
When it has finished you will see a dialog box stating that _"ComboFix has been uninstalled". _
After that, you can delete the ComboFix.exe program from your computer (Desktop).

*Next*


Download *OTC* by OldTimer and save it to your *desktop.*
Double click







icon to start the program. 
If you are using Vista or Windows 7, please right-click and choose *Run as Administrator*
Then Click the big







button.
You will get a prompt saying "_Begin Cleanup Process_". Please select *Yes*.
Restart your computer when prompted.

-- Doing this will *remove* any specialized tools downloaded and used. If OTC does not delete itself, then delete the file manually when done.
-- Any leftover folders/files related to ComboFix or other tools which OTC did not remove can be deleted manually (right-click on it and choose delete).

*Please post back when this is complete and let me know if you have had any problems.*


----------



## Mark1956 (May 7, 2011)

I have been doing a bit more research on this and would like you to try something else. Please complete all the above instructions first.

First go back to the tcpmon.old file that you changed the name of and revert it back to tcpmon.ini. As a reminder it is in the C:\Windows\System32 folder. I have a suspicion it may still be listed with the .ini extension and that the name change didn't stick, if so, leave it as it is. If you do need to change the name reboot the PC before continuing and check the name has stuck.

Then run this:

Please download *SystemLook* from one of the links below and save it to your Desktop.


*Link 1: SystemLook (64-bit)*
Link 2: SystemLook (64-bit)


Double-click *SystemLook.exe* to run it.
_*Vista*/*Windows 7* users right-click and select Run As Administrator_.
Copy and paste everything in the codebox below into the main textfield:

```
:filefind
*tcpmon*
*autochk*
```

Click the Look button to start the scan.
When finished, a Notepad window will open SystemLook.txt with the results of the search and save a copy on your Desktop.
Please copy and paste the contents of that log in your next reply.

Then run sfc /scannow and post the log. Here are the instructions again to run it and find the log.
Once you have done this I am going to post instructions to replace the file using the Command Prompt and see if that works.


Windows 7 System File Checker
Click on *Start* and type *cmd* in the search box. Right click on *cmd* in the popup menu and select *Run as Administrator*.
Another box will open, at the Command Prompt, type *sfc /scannow* and press Enter. (Note the gap between the c and the /)
Let the check run to completion.

*To find the log*
Copy & Paste the following command at the Command Prompt and press Enter:

* findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt*
This will place a file on your desktop called *sfcdetails.txt* which contains the results of the scan.
Zip up the file and attach it to your next post.


----------



## skyla07 (Nov 3, 2012)

Here are the results of that scan. It actually did take when I changed it to tcpmon.old, and I did have to change it back like you asked me to do.


----------



## Mark1956 (May 7, 2011)

Ok, got that, but I also need the log from SystemLook.


----------



## skyla07 (Nov 3, 2012)

Okay, well I completely bypassed that instruction, sorry! Here it is:

SystemLook 30.07.11 by jpshortstuff
Log created at 18:06 on 08/12/2012 by coocabarra2
Administrator - Elevation successful

========== filefind ==========

Searching for "*tcpmon*"
C:\Users\coocabarra2\AppData\Roaming\Microsoft\Windows\Recent\tcpmon.ini.lnk --a---- 742 bytes [21:08 07/11/2012] [16:39 08/11/2012] 8535CF91B796CBE2A349F6E2F5972732
C:\Users\coocabarra2\AppData\Roaming\Microsoft\Windows\Recent\tcpmon.zip.lnk --a---- 514 bytes [22:11 07/11/2012] [22:11 07/11/2012] B99DEAC352EA443FAB994F45E63B5261
C:\WINDOWS\System32\tcpmon.dll --a---- 195072 bytes [00:39 14/07/2009] [01:41 14/07/2009] 32A3C8600AF124CBAAD845F13CFAE3CB
C:\WINDOWS\System32\tcpmon.ini.ini --a---- 60224 bytes [21:01 10/06/2009] [00:51 19/01/2010] D79575BE490A45AD09BDEDBCACB5B155
C:\WINDOWS\System32\tcpmonui.dll --a---- 73216 bytes [00:39 14/07/2009] [01:41 14/07/2009] 0E8FE619C8A5B7F78639C68B3D8BACB5
C:\WINDOWS\System32\en-US\TCPMON.dll.mui --a---- 3584 bytes [05:35 14/07/2009] [02:29 14/07/2009] 2D37E12E684974F8F01B8B9E19D641C6
C:\WINDOWS\System32\en-US\TCPMonUI.dll.mui --a---- 10752 bytes [05:35 14/07/2009] [02:25 14/07/2009] CDC1182259D64138A3F9EE89FD529AA5
C:\WINDOWS\SysWOW64\tcpmonui.dll --a---- 61440 bytes [19:36 29/06/2011] [01:16 14/07/2009] 4AA222561FEACF1DD52813D46180FD52
C:\WINDOWS\SysWOW64\en-US\TCPMonUI.dll.mui --a---- 10752 bytes [19:33 29/06/2011] [01:08 14/07/2009] BBECAC312F453FAD6DFCE2F0D1F36ADA
C:\WINDOWS\winsxs\amd64_microsoft-windows-p..rtmonitor-tcpmondll_31bf3856ad364e35_6.1.7600.16385_none_2ea18f01c0d42c35\tcpmon.dll --a---- 195072 bytes [00:39 14/07/2009] [01:41 14/07/2009] 32A3C8600AF124CBAAD845F13CFAE3CB
C:\WINDOWS\winsxs\amd64_microsoft-windows-p..rtmonitor-tcpmonini_31bf3856ad364e35_6.1.7600.16385_none_2e6dc451c0fa9db5\tcpmon.ini --a---- 60224 bytes [21:01 10/06/2009] [00:51 19/01/2010] D79575BE490A45AD09BDEDBCACB5B155
C:\WINDOWS\winsxs\amd64_microsoft-windows-p..rtmonitor.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b12fab6d36e5136e\TCPMonUI.dll.mui --a---- 10752 bytes [05:35 14/07/2009] [02:25 14/07/2009] CDC1182259D64138A3F9EE89FD529AA5
C:\WINDOWS\winsxs\amd64_microsoft-windows-p..standardportmonitor_31bf3856ad364e35_6.1.7600.16385_none_ffbb87eff2f3f869\tcpmonui.dll --a---- 73216 bytes [00:39 14/07/2009] [01:41 14/07/2009] 0E8FE619C8A5B7F78639C68B3D8BACB5
C:\WINDOWS\winsxs\amd64_microsoft-windows-p..tcpmondll.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7b0701c2a3d305ee\TCPMON.dll.mui --a---- 3584 bytes [05:35 14/07/2009] [02:29 14/07/2009] 2D37E12E684974F8F01B8B9E19D641C6
C:\WINDOWS\winsxs\Manifests\amd64_microsoft-windows-p..rtmonitor-tcpmondll_31bf3856ad364e35_6.1.7600.16385_none_2ea18f01c0d42c35.manifest --a---- 5984 bytes [02:33 14/07/2009] [02:18 14/07/2009] BC210F5F80BD7B54CA62A3507929AC1F
C:\WINDOWS\winsxs\Manifests\amd64_microsoft-windows-p..rtmonitor-tcpmonini_31bf3856ad364e35_6.1.7600.16385_none_2e6dc451c0fa9db5.manifest --a---- 2303 bytes [02:33 14/07/2009] [02:18 14/07/2009] B091ED39CAE2FE8813F744A1F979CB03
C:\WINDOWS\winsxs\Manifests\amd64_microsoft-windows-p..tcpmondll.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7b0701c2a3d305ee.manifest --a---- 2425 bytes [05:35 14/07/2009] [02:42 14/07/2009] D9CC84B62B985BBDFC3C8F1E5A7B28FA
C:\WINDOWS\winsxs\x86_microsoft-windows-p..rtmonitor.resources_31bf3856ad364e35_6.1.7600.16385_en-us_55110fe97e87a238\TCPMonUI.dll.mui --a---- 10752 bytes [19:33 29/06/2011] [01:08 14/07/2009] BBECAC312F453FAD6DFCE2F0D1F36ADA
C:\WINDOWS\winsxs\x86_microsoft-windows-p..standardportmonitor_31bf3856ad364e35_6.1.7600.16385_none_a39cec6c3a968733\tcpmonui.dll --a---- 61440 bytes [19:36 29/06/2011] [01:16 14/07/2009] 4AA222561FEACF1DD52813D46180FD52

Searching for "*autochk*"
C:\WINDOWS\System32\autochk.exe --a---- 777728 bytes [19:36 29/06/2011] [13:24 20/11/2010] 1B102EA095F79B8AB90101D43FAD79DC
C:\WINDOWS\System32\en-US\autochk.exe.mui --a---- 229376 bytes [05:35 14/07/2009] [02:29 14/07/2009] F38B13EFBFC6DD907700AD740247EE2B
C:\WINDOWS\SysWOW64\autochk.exe --a---- 668160 bytes [19:35 29/06/2011] [12:16 20/11/2010] F88A52EB62019D6A62FDD9E08034DBD8
C:\WINDOWS\SysWOW64\en-US\autochk.exe.mui --a---- 229376 bytes [05:35 14/07/2009] [02:07 14/07/2009] D220BED087B6EB64EC5233CD3CE502E5
C:\WINDOWS\winsxs\amd64_microsoft-windows-autochk.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a582f9460b3fbc4f\autochk.exe.mui --a---- 229376 bytes [05:35 14/07/2009] [02:29 14/07/2009] F38B13EFBFC6DD907700AD740247EE2B
C:\WINDOWS\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe --a---- 777728 bytes [23:25 13/07/2009] [01:38 14/07/2009] EB300B5B336606ABEB20662A6D638A4C
C:\WINDOWS\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe --a---- 777728 bytes [19:36 29/06/2011] [13:24 20/11/2010] 1B102EA095F79B8AB90101D43FAD79DC
C:\WINDOWS\winsxs\Manifests\amd64_microsoft-windows-autochk.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a582f9460b3fbc4f.manifest --a---- 2172 bytes [05:35 14/07/2009] [02:43 14/07/2009] CC095CD5C67689B8EE1332CBC6C90F41
C:\WINDOWS\winsxs\Manifests\amd64_microsoft-windows-autochkconfigurator_31bf3856ad364e35_6.1.7600.16385_none_74b76d3fa1757c6f.manifest --a---- 2552 bytes [02:33 14/07/2009] [02:24 14/07/2009] 17E0D8EA1E52B997AC63DF56A99D6FC6
C:\WINDOWS\winsxs\Manifests\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996.manifest --a---- 3021 bytes [02:33 14/07/2009] [02:27 14/07/2009] 5404D6EF8F4943B160923124871A1BA3
C:\WINDOWS\winsxs\Manifests\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30.manifest ------- 3021 bytes [18:17 29/06/2011] [13:22 20/11/2010] 0784849C244D291A8E62A130299B4FD9
C:\WINDOWS\winsxs\Manifests\x86_microsoft-windows-autochk.resources_31bf3856ad364e35_6.1.7600.16385_en-us_49645dc252e24b19.manifest --a---- 2170 bytes [05:35 14/07/2009] [02:28 14/07/2009] A18DDA9361CEFD8CBD0EACE600AA698C
C:\WINDOWS\winsxs\Manifests\x86_microsoft-windows-autochkconfigurator_31bf3856ad364e35_6.1.7600.16385_none_1898d1bbe9180b39.manifest --a---- 2548 bytes [02:33 14/07/2009] [01:55 14/07/2009] E78A23DDED748515F426DCCD31A76523
C:\WINDOWS\winsxs\Manifests\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860.manifest --a---- 3017 bytes [02:33 14/07/2009] [01:57 14/07/2009] CA17CB4D20874916D23BF617CF4DA294
C:\WINDOWS\winsxs\Manifests\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa.manifest ------- 3017 bytes [18:17 29/06/2011] [12:10 20/11/2010] 6C3B3A49C0532387A28BC170717AC694
C:\WINDOWS\winsxs\x86_microsoft-windows-autochk.resources_31bf3856ad364e35_6.1.7600.16385_en-us_49645dc252e24b19\autochk.exe.mui --a---- 229376 bytes [05:35 14/07/2009] [02:07 14/07/2009] D220BED087B6EB64EC5233CD3CE502E5
C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe --a---- 668160 bytes [23:15 13/07/2009] [01:14 14/07/2009] 41E4C8EBA464E7D6A5BA5E8827732AEB
C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe --a---- 668160 bytes [19:35 29/06/2011] [12:16 20/11/2010] F88A52EB62019D6A62FDD9E08034DBD8

-= EOF =-


----------



## Mark1956 (May 7, 2011)

I am fairly confident this will fix the autochk.exe file but not too sure about the tcpmon.ini file asthe only available copy has the same hash number.

Please run sfc /scannow after completing the instructions below and rebooting the PC and we will see how it turns out.

Click on *Start* and type *cmd* into the search box, as the menu pops up right click on *cmd* at the top of the list and select *Run as administrator*.

Copy & Paste the following lines to the command prompt and hit the *Enter* key after each line is entered. *DO NOT* attempt to enter more than one line at a time. You will see confirmation after each line has been successfully processed. The third command for each of the files must be copied in one go not as separate lines.

takeown /f C:\windows\system32\tcpmon.ini

icacls C:\windows\system32\tcpmon.ini /grant administrators:F

copy C:\WINDOWS\winsxs\amd64_microsoft-windows-p..rtmonitor-tcpmonini_31bf3856ad364e35_6.1.7600.16385_none_2e6dc451c0fa9db5\tcpmon.ini C:\windows\system32\tcpmon.ini

takeown /f C:\WINDOWS\System32\autochk.exe

icacls C:\WINDOWS\System32\autochk.exe /grant administrators:F

copy C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe C:\WINDOWS\System32\autochk.exe


----------



## skyla07 (Nov 3, 2012)

After entering the first line, it said, "Error, the system cannot find the file specified". I didn't go any further than that.


----------



## Mark1956 (May 7, 2011)

Ah, I missed that, the file appears in the log above like this C:\WINDOWS\System32\tcpmon.ini.ini

Please locate the file in Windows Explorer and check the name, it should be tcpmon.ini not tcpmon.ini.ini


----------



## skyla07 (Nov 3, 2012)

I renamed it again to tcpmon.ini, and restarted the computer, and it still gives me the same error.


----------



## skyla07 (Nov 3, 2012)

Even though I renamed it to tcpmon.ini, I pasted the first line above but added a .ini to make it tcpmon.ini.ini to see if that would work, and it gave me this: Success, file is now owned by user. Was I correct to do that?


----------



## skyla07 (Nov 3, 2012)

okay, I realize the problem now. I was renaming it "tcpmon.ini" when in fact it was already adding the .ini extension. I switched it back and pasted the first line, and it worked. I will move on now


----------



## Mark1956 (May 7, 2011)

Ok, well done for figuring that out.


----------



## skyla07 (Nov 3, 2012)

After the third line, it is asking if I want to overwrite the file, yes/no/all?


----------



## Mark1956 (May 7, 2011)

Answer "yes"


----------



## skyla07 (Nov 3, 2012)

Okay, I said "yes" then it said that the process cannot access the file because it is being used by another process.


----------



## Mark1956 (May 7, 2011)

Ok, try doing this in Safe Mode.


----------



## skyla07 (Nov 3, 2012)

I went into safe mode with networking, and tried the first 3 lines again, and it said the same thing, that the process cannot access the file because it is being used by another process. I went ahead and did the next 3 lines for the autocheck.exe file, and it was successful. When I went to restart into regular mode, in automatically did the chkdsk. So should I try something else for the tcpmon.ini file? or should I just go ahead and do the scannow?


----------



## Mark1956 (May 7, 2011)

I was hoping to do this without having to install any tools, but obviously this isn't going to work for that file so we will have to use OTM. Once done go head and post the log and then continue with sfc /scannow and post the log from that also.

The further I investigate the tcpmon.ini file the more I find and there are a lot of threads describing the same problem with this specific file, so it is not uncommon and appears to be due to the way the System File Checker concludes if the file is good or not. The general opinion is that the file can be detected as corrupt when in fact it is ok. If this fix does not work I think we can safely leave it be.

Please download *OTM by OldTimer*. Save it to your desktop.

Double click *OTM.exe* to start the tool.


*Copy* the text in the code box below to the clipboard by highlighting *ALL* of them and *pressing CTRL + C* (or, after highlighting, right-click and choose *Copy*):


```
:Processes
explorer.exe

:Files
C:\windows\system32\tcpmon.ini | C:\WINDOWS\winsxs\amd64_microsoft-windows-p..rtmonitor-tcpmonini_31bf3856ad364e35_6.1.7600.16385_none_2e6dc451c0fa9db5\tcpmon.ini /replace
:Commands
[createrestorepoint]
[emptyflash]
[emptytemp]
[resethosts]
[reboot]
```

 Return to OTM, right click in the *"Paste Instructions for Items to be Moved"* window (under the yellow bar) and choose *Paste*.
Click the red *Moveit!* button.
All your desktop icons will dissapear as the scan begins. It should complete within a few minutes.
Once complete you may see a box appear asking you to Restart the system to complete the file removal, accept it and it will reboot.
Even if that box does not appear the system should reboot as the command is included in the script.
When the system has come back to the desktop a Notepad document will open, please copy and paste that into your next post.

-- Note: The logs are saved here: C:\_OTM\MovedFiles


----------



## skyla07 (Nov 3, 2012)

Here is the log from OTM, I'm going to do the scannow, now

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
Unable to replace file: C:\windows\system32\tcpmon.ini with C:\WINDOWS\winsxs\amd64_microsoft-windows-p..rtmonitor-tcpmonini_31bf3856ad364e35_6.1.7600.16385_none_2e6dc451c0fa9db5\tcpmon.ini without a reboot.
========== COMMANDS ==========
Restore point Set: OTM Restore Point

[EMPTYFLASH]

User: All Users

User: coocabarra2
->Flash cache emptied: 11109 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: coocabarra2
->Temp folder emptied: 3254477 bytes
->Temporary Internet Files folder emptied: 257019998 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 173266038 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 61244729 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 33976701 bytes

Total Files Cleaned = 504.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTM by OldTimer - Version 3.1.21.0 log created on 12122012_184026

Files moved on Reboot...
File C:\Users\coocabarra2\AppData\Local\Temp\etilqs_5Xq5I1Wi9S70N55 not found!
C:\Users\coocabarra2\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


----------



## skyla07 (Nov 3, 2012)

Here is the SFC log:

2012-12-12 21:09:26, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:09:26, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2012-12-12 21:09:31, Info CSI 0000000c [SR] Verify complete
2012-12-12 21:09:31, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:09:31, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2012-12-12 21:09:36, Info CSI 00000010 [SR] Verify complete
2012-12-12 21:09:36, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:09:36, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2012-12-12 21:09:41, Info CSI 00000014 [SR] Verify complete
2012-12-12 21:09:41, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:09:41, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2012-12-12 21:09:46, Info CSI 00000018 [SR] Verify complete
2012-12-12 21:09:46, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:09:46, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2012-12-12 21:09:54, Info CSI 0000001c [SR] Verify complete
2012-12-12 21:09:55, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:09:55, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2012-12-12 21:10:00, Info CSI 00000020 [SR] Verify complete
2012-12-12 21:10:01, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:10:01, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2012-12-12 21:10:07, Info CSI 00000024 [SR] Verify complete
2012-12-12 21:10:08, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:10:08, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2012-12-12 21:10:13, Info CSI 00000028 [SR] Verify complete
2012-12-12 21:10:13, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:10:13, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2012-12-12 21:10:19, Info CSI 0000002c [SR] Verify complete
2012-12-12 21:10:20, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:10:20, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2012-12-12 21:10:24, Info CSI 00000030 [SR] Verify complete
2012-12-12 21:10:24, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:10:24, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2012-12-12 21:10:26, Info CSI 00000034 [SR] Verify complete
2012-12-12 21:10:26, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:10:26, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2012-12-12 21:10:33, Info CSI 00000039 [SR] Verify complete
2012-12-12 21:10:34, Info CSI 0000003a [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:10:34, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2012-12-12 21:10:39, Info CSI 0000003d [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-12-12 21:10:43, Info CSI 00000040 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-12-12 21:10:43, Info CSI 00000041 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-12-12 21:10:43, Info CSI 00000044 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2012-12-12 21:10:44, Info CSI 00000046 [SR] Verify complete
2012-12-12 21:10:44, Info CSI 00000047 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:10:44, Info CSI 00000048 [SR] Beginning Verify and Repair transaction
2012-12-12 21:10:50, Info CSI 0000004c [SR] Verify complete
2012-12-12 21:10:51, Info CSI 0000004d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:10:51, Info CSI 0000004e [SR] Beginning Verify and Repair transaction
2012-12-12 21:10:58, Info CSI 00000051 [SR] Verify complete
2012-12-12 21:10:58, Info CSI 00000052 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:10:58, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2012-12-12 21:11:06, Info CSI 00000055 [SR] Verify complete
2012-12-12 21:11:07, Info CSI 00000056 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:11:07, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2012-12-12 21:11:18, Info CSI 00000079 [SR] Verify complete
2012-12-12 21:11:19, Info CSI 0000007a [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:11:19, Info CSI 0000007b [SR] Beginning Verify and Repair transaction
2012-12-12 21:11:27, Info CSI 00000080 [SR] Verify complete
2012-12-12 21:11:27, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:11:27, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2012-12-12 21:11:35, Info CSI 00000084 [SR] Verify complete
2012-12-12 21:11:35, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:11:35, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2012-12-12 21:11:45, Info CSI 00000088 [SR] Verify complete
2012-12-12 21:11:45, Info CSI 00000089 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:11:45, Info CSI 0000008a [SR] Beginning Verify and Repair transaction
2012-12-12 21:11:52, Info CSI 0000008c [SR] Verify complete
2012-12-12 21:11:52, Info CSI 0000008d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:11:52, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
2012-12-12 21:12:01, Info CSI 00000090 [SR] Verify complete
2012-12-12 21:12:02, Info CSI 00000091 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:12:02, Info CSI 00000092 [SR] Beginning Verify and Repair transaction
2012-12-12 21:12:17, Info CSI 000000b5 [SR] Verify complete
2012-12-12 21:12:17, Info CSI 000000b6 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:12:17, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction
2012-12-12 21:12:28, Info CSI 000000b9 [SR] Verify complete
2012-12-12 21:12:29, Info CSI 000000ba [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:12:29, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2012-12-12 21:12:50, Info CSI 000000bd [SR] Verify complete
2012-12-12 21:12:50, Info CSI 000000be [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:12:50, Info CSI 000000bf [SR] Beginning Verify and Repair transaction
2012-12-12 21:12:56, Info CSI 000000c3 [SR] Verify complete
2012-12-12 21:12:56, Info CSI 000000c4 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:12:56, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction
2012-12-12 21:13:00, Info CSI 000000c7 [SR] Verify complete
2012-12-12 21:13:00, Info CSI 000000c8 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:13:00, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
2012-12-12 21:13:05, Info CSI 000000cb [SR] Verify complete
2012-12-12 21:13:05, Info CSI 000000cc [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:13:05, Info CSI 000000cd [SR] Beginning Verify and Repair transaction
2012-12-12 21:13:16, Info CSI 000000de [SR] Verify complete
2012-12-12 21:13:17, Info CSI 000000df [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:13:17, Info CSI 000000e0 [SR] Beginning Verify and Repair transaction
2012-12-12 21:13:23, Info CSI 000000e4 [SR] Verify complete
2012-12-12 21:13:23, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:13:23, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2012-12-12 21:13:27, Info CSI 000000e8 [SR] Verify complete
2012-12-12 21:13:27, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:13:27, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2012-12-12 21:13:33, Info CSI 000000ec [SR] Verify complete
2012-12-12 21:13:34, Info CSI 000000ed [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:13:34, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
2012-12-12 21:13:42, Info CSI 000000f0 [SR] Verify complete
2012-12-12 21:13:42, Info CSI 000000f1 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:13:42, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction
2012-12-12 21:13:56, Info CSI 000000f6 [SR] Verify complete
2012-12-12 21:13:56, Info CSI 000000f7 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:13:56, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction
2012-12-12 21:14:05, Info CSI 000000fa [SR] Verify complete
2012-12-12 21:14:06, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:14:06, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2012-12-12 21:14:10, Info  CSI 000000fe [SR] Verify complete
2012-12-12 21:14:10, Info CSI 000000ff [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:14:10, Info CSI 00000100 [SR] Beginning Verify and Repair transaction
2012-12-12 21:14:27, Info CSI 00000102 [SR] Verify complete
2012-12-12 21:14:27, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:14:27, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2012-12-12 21:14:37, Info CSI 00000106 [SR] Verify complete
2012-12-12 21:14:37, Info CSI 00000107 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:14:37, Info CSI 00000108 [SR] Beginning Verify and Repair transaction
2012-12-12 21:14:46, Info CSI 0000010a [SR] Verify complete
2012-12-12 21:14:46, Info CSI 0000010b [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:14:46, Info CSI 0000010c [SR] Beginning Verify and Repair transaction
2012-12-12 21:15:01, Info CSI 00000118 [SR] Verify complete
2012-12-12 21:15:02, Info CSI 00000119 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:15:02, Info CSI 0000011a [SR] Beginning Verify and Repair transaction
2012-12-12 21:15:11, Info CSI 00000128 [SR] Verify complete
2012-12-12 21:15:12, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:15:12, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
2012-12-12 21:15:37, Info CSI 0000012c [SR] Verify complete
2012-12-12 21:15:38, Info CSI 0000012d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:15:38, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
2012-12-12 21:15:47, Info CSI 00000130 [SR] Verify complete
2012-12-12 21:15:47, Info CSI 00000131 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:15:47, Info CSI 00000132 [SR] Beginning Verify and Repair transaction
2012-12-12 21:16:06, Info CSI 00000135 [SR] Verify complete
2012-12-12 21:16:06, Info CSI 00000136 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:16:06, Info CSI 00000137 [SR] Beginning Verify and Repair transaction
2012-12-12 21:16:15, Info CSI 00000138 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2012-12-12 21:16:17, Info CSI 00000139 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2012-12-12 21:16:17, Info CSI 0000013a [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-12-12 21:16:17, Info CSI 0000013c [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2012-12-12 21:16:18, Info CSI 0000013e [SR] Verify complete
2012-12-12 21:16:18, Info CSI 0000013f [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:16:18, Info CSI 00000140 [SR] Beginning Verify and Repair transaction
2012-12-12 21:16:28, Info CSI 00000142 [SR] Verify complete
2012-12-12 21:16:28, Info CSI 00000143 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:16:28, Info CSI 00000144 [SR] Beginning Verify and Repair transaction
2012-12-12 21:16:35, Info CSI 00000146 [SR] Verify complete
2012-12-12 21:16:35, Info CSI 00000147 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:16:35, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
2012-12-12 21:16:43, Info CSI 0000014c [SR] Verify complete
2012-12-12 21:16:43, Info CSI 0000014d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:16:43, Info CSI 0000014e [SR] Beginning Verify and Repair transaction
2012-12-12 21:17:02, Info CSI 00000150 [SR] Verify complete
2012-12-12 21:17:03, Info CSI 00000151 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:17:03, Info CSI 00000152 [SR] Beginning Verify and Repair transaction
2012-12-12 21:17:13, Info CSI 00000155 [SR] Verify complete
2012-12-12 21:17:14, Info CSI 00000156 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:17:14, Info CSI 00000157 [SR] Beginning Verify and Repair transaction
2012-12-12 21:17:23, Info CSI 00000159 [SR] Verify complete
2012-12-12 21:17:23, Info CSI 0000015a [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:17:23, Info CSI 0000015b [SR] Beginning Verify and Repair transaction
2012-12-12 21:17:32, Info CSI 0000015e [SR] Verify complete
2012-12-12 21:17:33, Info CSI 0000015f [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:17:33, Info CSI 00000160 [SR] Beginning Verify and Repair transaction
2012-12-12 21:17:46, Info CSI 00000163 [SR] Verify complete
2012-12-12 21:17:47, Info CSI 00000164 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:17:47, Info CSI 00000165 [SR] Beginning Verify and Repair transaction
2012-12-12 21:17:55, Info CSI 00000167 [SR] Verify complete
2012-12-12 21:17:55, Info CSI 00000168 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:17:55, Info CSI 00000169 [SR] Beginning Verify and Repair transaction
2012-12-12 21:18:04, Info CSI 0000016b [SR] Verify complete
2012-12-12 21:18:05, Info CSI 0000016c [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:18:05, Info CSI 0000016d [SR] Beginning Verify and Repair transaction
2012-12-12 21:18:13, Info CSI 0000016f [SR] Verify complete
2012-12-12 21:18:13, Info CSI 00000170 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:18:13, Info CSI 00000171 [SR] Beginning Verify and Repair transaction
2012-12-12 21:18:26, Info CSI 00000174 [SR] Verify complete
2012-12-12 21:18:26, Info CSI 00000175 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:18:26, Info CSI 00000176 [SR] Beginning Verify and Repair transaction
2012-12-12 21:18:57, Info CSI 00000178 [SR] Verify complete
2012-12-12 21:18:57, Info CSI 00000179 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:18:57, Info CSI 0000017a [SR] Beginning Verify and Repair transaction
2012-12-12 21:19:08, Info CSI 0000017d [SR] Verify complete
2012-12-12 21:19:08, Info CSI 0000017e [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:19:08, Info CSI 0000017f [SR] Beginning Verify and Repair transaction
2012-12-12 21:19:17, Info CSI 00000182 [SR] Verify complete
2012-12-12 21:19:17, Info CSI 00000183 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:19:17, Info CSI 00000184 [SR] Beginning Verify and Repair transaction
2012-12-12 21:19:27, Info CSI 00000187 [SR] Verify complete
2012-12-12 21:19:27, Info CSI 00000188 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:19:27, Info CSI 00000189 [SR] Beginning Verify and Repair transaction
2012-12-12 21:19:37, Info CSI 0000018b [SR] Verify complete
2012-12-12 21:19:38, Info CSI 0000018c [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:19:38, Info CSI 0000018d [SR] Beginning Verify and Repair transaction
2012-12-12 21:19:47, Info CSI 00000190 [SR] Verify complete
2012-12-12 21:19:47, Info CSI 00000191 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:19:47, Info CSI 00000192 [SR] Beginning Verify and Repair transaction
2012-12-12 21:19:55, Info CSI 00000194 [SR] Verify complete
2012-12-12 21:19:55, Info CSI 00000195 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:19:55, Info CSI 00000196 [SR] Beginning Verify and Repair transaction
2012-12-12 21:19:59, Info CSI 00000198 [SR] Verify complete
2012-12-12 21:19:59, Info CSI 00000199 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:19:59, Info CSI 0000019a [SR] Beginning Verify and Repair transaction
2012-12-12 21:20:06, Info CSI 0000019c [SR] Verify complete
2012-12-12 21:20:07, Info CSI 0000019d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:20:07, Info CSI 0000019e [SR] Beginning Verify and Repair transaction
2012-12-12 21:20:14, Info CSI 000001a0 [SR] Verify complete
2012-12-12 21:20:14, Info CSI 000001a1 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:20:14, Info CSI 000001a2 [SR] Beginning Verify and Repair transaction
2012-12-12 21:20:23, Info CSI 000001a4 [SR] Verify complete
2012-12-12 21:20:24, Info CSI 000001a5 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:20:24, Info CSI 000001a6 [SR] Beginning Verify and Repair transaction
2012-12-12 21:20:28, Info CSI 000001a8 [SR] Verify complete
2012-12-12 21:20:29, Info CSI 000001a9 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:20:29, Info CSI 000001aa [SR] Beginning Verify and Repair transaction
2012-12-12 21:20:36, Info CSI 000001ac [SR] Verify complete
2012-12-12 21:20:36, Info CSI 000001ad [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:20:36, Info CSI 000001ae [SR] Beginning Verify and Repair transaction
2012-12-12 21:21:01, Info CSI 000001b0 [SR] Verify complete
2012-12-12 21:21:01, Info CSI 000001b1 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:21:01, Info CSI 000001b2 [SR] Beginning Verify and Repair transaction
2012-12-12 21:21:30, Info CSI 000001b4 [SR] Verify complete
2012-12-12 21:21:30, Info CSI 000001b5 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:21:30, Info CSI 000001b6 [SR] Beginning Verify and Repair transaction
2012-12-12 21:21:40, Info CSI 000001b8 [SR] Verify complete
2012-12-12 21:21:40, Info CSI 000001b9 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:21:40, Info CSI 000001ba [SR] Beginning Verify and Repair transaction
2012-12-12 21:21:45, Info CSI 000001bc [SR] Verify complete
2012-12-12 21:21:45, Info CSI 000001bd [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:21:45, Info CSI 000001be [SR] Beginning Verify and Repair transaction
2012-12-12 21:21:50, Info CSI 000001c0 [SR] Verify complete
2012-12-12 21:21:50, Info CSI 000001c1 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:21:50, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2012-12-12 21:21:55, Info CSI 000001c4 [SR] Verify complete
2012-12-12 21:21:56, Info CSI 000001c5 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:21:56, Info CSI 000001c6 [SR] Beginning Verify and Repair transaction
2012-12-12 21:22:07, Info CSI 000001c8 [SR] Verify complete
2012-12-12 21:22:07, Info CSI 000001c9 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:22:07, Info CSI 000001ca [SR] Beginning Verify and Repair transaction
2012-12-12 21:22:14, Info CSI 000001d2 [SR] Verify complete
2012-12-12 21:22:15, Info CSI 000001d3 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:22:15, Info CSI 000001d4 [SR] Beginning Verify and Repair transaction
2012-12-12 21:22:21, Info CSI 000001d6 [SR] Verify complete
2012-12-12 21:22:21, Info CSI 000001d7 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:22:21, Info CSI 000001d8 [SR] Beginning Verify and Repair transaction
2012-12-12 21:22:27, Info CSI 000001da [SR] Verify complete
2012-12-12 21:22:27, Info CSI 000001db [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:22:27, Info CSI 000001dc [SR] Beginning Verify and Repair transaction
2012-12-12 21:22:34, Info CSI 000001de [SR] Verify complete
2012-12-12 21:22:34, Info CSI 000001df [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:22:34, Info CSI 000001e0 [SR] Beginning Verify and Repair transaction
2012-12-12 21:22:45, Info CSI 000001e3 [SR] Verify complete
2012-12-12 21:22:45, Info CSI 000001e4 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:22:45, Info CSI 000001e5 [SR] Beginning Verify and Repair transaction
2012-12-12 21:22:53, Info CSI 000001e7 [SR] Verify complete
2012-12-12 21:22:53, Info CSI 000001e8 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:22:53, Info CSI 000001e9 [SR] Beginning Verify and Repair transaction
2012-12-12 21:22:57, Info CSI 000001eb [SR] Verify complete
2012-12-12 21:22:57, Info CSI 000001ec [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:22:57, Info CSI 000001ed [SR] Beginning Verify and Repair transaction
2012-12-12 21:23:06, Info CSI 000001ef [SR] Verify complete
2012-12-12 21:23:06, Info CSI 000001f0 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:23:06, Info CSI 000001f1 [SR] Beginning Verify and Repair transaction
2012-12-12 21:23:22, Info CSI 000001f6 [SR] Verify complete
2012-12-12 21:23:22, Info CSI 000001f7 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:23:22, Info CSI 000001f8 [SR] Beginning Verify and Repair transaction
2012-12-12 21:23:37, Info CSI 000001fd [SR] Verify complete
2012-12-12 21:23:37, Info CSI 000001fe [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:23:37, Info CSI 000001ff [SR] Beginning Verify and Repair transaction
2012-12-12 21:23:47, Info CSI 00000205 [SR] Verify complete
2012-12-12 21:23:48, Info CSI 00000206 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:23:48, Info CSI 00000207 [SR] Beginning Verify and Repair transaction
2012-12-12 21:23:59, Info CSI 00000210 [SR] Verify complete
2012-12-12 21:24:00, Info CSI 00000211 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:24:00, Info CSI 00000212 [SR] Beginning Verify and Repair transaction
2012-12-12 21:24:08, Info CSI 00000217 [SR] Verify complete
2012-12-12 21:24:08, Info CSI 00000218 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:24:08, Info CSI 00000219 [SR] Beginning Verify and Repair transaction
2012-12-12 21:24:15, Info CSI 0000021d [SR] Verify complete
2012-12-12 21:24:15, Info CSI 0000021e [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:24:15, Info CSI 0000021f [SR] Beginning Verify and Repair transaction
2012-12-12 21:24:21, Info CSI 00000221 [SR] Verify complete
2012-12-12 21:24:21, Info CSI 00000222 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:24:21, Info CSI 00000223 [SR] Beginning Verify and Repair transaction
2012-12-12 21:24:29, Info CSI 0000023e [SR] Verify complete
2012-12-12 21:24:30, Info CSI 0000023f [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:24:30, Info CSI 00000240 [SR] Beginning Verify and Repair transaction
2012-12-12 21:24:36, Info CSI 0000024c [SR] Verify complete
2012-12-12 21:24:37, Info CSI 0000024d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:24:37, Info CSI 0000024e [SR] Beginning Verify and Repair transaction
2012-12-12 21:24:43, Info CSI 00000250 [SR] Verify complete
2012-12-12 21:24:43, Info CSI 00000251 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:24:43, Info CSI 00000252 [SR] Beginning Verify and Repair transaction
2012-12-12 21:24:51, Info CSI 00000254 [SR] Verify complete
2012-12-12 21:24:51, Info CSI 00000255 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:24:51, Info CSI 00000256 [SR] Beginning Verify and Repair transaction
2012-12-12 21:24:57, Info CSI 00000264 [SR] Verify complete
2012-12-12 21:24:58, Info CSI 00000265 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:24:58, Info CSI 00000266 [SR] Beginning Verify and Repair transaction
2012-12-12 21:25:10, Info CSI 00000268 [SR] Verify complete
2012-12-12 21:25:10, Info CSI 00000269 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:25:10, Info CSI 0000026a [SR] Beginning Verify and Repair transaction
2012-12-12 21:25:19, Info CSI 00000278 [SR] Verify complete
2012-12-12 21:25:19, Info CSI 00000279 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:25:19, Info CSI 0000027a [SR] Beginning Verify and Repair transaction
2012-12-12 21:25:23, Info CSI 0000027c [SR] Verify complete
2012-12-12 21:25:24, Info CSI 0000027d [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:25:24, Info CSI 0000027e [SR] Beginning Verify and Repair transaction
2012-12-12 21:25:31, Info CSI 00000280 [SR] Verify complete
2012-12-12 21:25:31, Info CSI 00000281 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:25:31, Info CSI 00000282 [SR] Beginning Verify and Repair transaction
2012-12-12 21:25:38, Info CSI 00000285 [SR] Verify complete
2012-12-12 21:25:38, Info CSI 00000286 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:25:38, Info CSI 00000287 [SR] Beginning Verify and Repair transaction
2012-12-12 21:25:42, Info CSI 00000289 [SR] Verify complete
2012-12-12 21:25:42, Info CSI 0000028a [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:25:42, Info CSI 0000028b [SR] Beginning Verify and Repair transaction
2012-12-12 21:25:51, Info CSI 0000028d [SR] Verify complete
2012-12-12 21:25:52, Info CSI 0000028e [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:25:52, Info CSI 0000028f [SR] Beginning Verify and Repair transaction
2012-12-12 21:26:00, Info CSI 00000291 [SR] Verify complete
2012-12-12 21:26:01, Info CSI 00000292 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:26:01, Info CSI 00000293 [SR] Beginning Verify and Repair transaction
2012-12-12 21:26:10, Info CSI 0000029e [SR] Verify complete
2012-12-12 21:26:11, Info CSI 0000029f [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:26:11, Info CSI 000002a0 [SR] Beginning Verify and Repair transaction
2012-12-12 21:26:19, Info CSI 000002b1 [SR] Verify complete
2012-12-12 21:26:19, Info CSI 000002b2 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:26:19, Info CSI 000002b3 [SR] Beginning Verify and Repair transaction
2012-12-12 21:26:39, Info CSI 000002b5 [SR] Verify complete
2012-12-12 21:26:40, Info CSI 000002b6 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:26:40, Info CSI 000002b7 [SR] Beginning Verify and Repair transaction
2012-12-12 21:26:46, Info CSI 000002b9 [SR] Verify complete
2012-12-12 21:26:46, Info CSI 000002ba [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:26:46, Info CSI 000002bb [SR] Beginning Verify and Repair transaction
2012-12-12 21:26:51, Info CSI 000002be [SR] Verify complete
2012-12-12 21:26:52, Info CSI 000002bf [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:26:52, Info CSI 000002c0 [SR] Beginning Verify and Repair transaction
2012-12-12 21:26:56, Info CSI 000002c3 [SR] Verify complete
2012-12-12 21:26:57, Info CSI 000002c4 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:26:57, Info CSI 000002c5 [SR] Beginning Verify and Repair transaction
2012-12-12 21:27:04, Info CSI 000002c7 [SR] Verify complete
2012-12-12 21:27:04, Info CSI 000002c8 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:27:04, Info CSI 000002c9 [SR] Beginning Verify and Repair transaction
2012-12-12 21:27:10, Info CSI 000002cb [SR] Verify complete
2012-12-12 21:27:10, Info CSI 000002cc [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:27:10, Info CSI 000002cd [SR] Beginning Verify and Repair transaction
2012-12-12 21:27:17, Info CSI 000002d0 [SR] Verify complete
2012-12-12 21:27:17, Info CSI 000002d1 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:27:17, Info CSI 000002d2 [SR] Beginning Verify and Repair transaction
2012-12-12 21:27:22, Info CSI 000002d4 [SR] Verify complete
2012-12-12 21:27:23, Info CSI 000002d5 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:27:23, Info CSI 000002d6 [SR] Beginning Verify and Repair transaction
2012-12-12 21:27:28, Info CSI 000002d8 [SR] Verify complete
2012-12-12 21:27:29, Info CSI 000002d9 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:27:29, Info CSI 000002da [SR] Beginning Verify and Repair transaction
2012-12-12 21:27:36, Info CSI 000002dc [SR] Verify complete
2012-12-12 21:27:36, Info CSI 000002dd [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:27:36, Info CSI 000002de [SR] Beginning Verify and Repair transaction
2012-12-12 21:27:45, Info CSI 000002e1 [SR] Verify complete
2012-12-12 21:27:46, Info CSI 000002e2 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:27:46, Info CSI 000002e3 [SR] Beginning Verify and Repair transaction
2012-12-12 21:27:50, Info CSI 000002e5 [SR] Verify complete
2012-12-12 21:27:51, Info CSI 000002e6 [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:27:51, Info CSI 000002e7 [SR] Beginning Verify and Repair transaction
2012-12-12 21:27:58, Info CSI 000002e9 [SR] Verify complete
2012-12-12 21:27:58, Info CSI 000002ea [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:27:58, Info CSI 000002eb [SR] Beginning Verify and Repair transaction
2012-12-12 21:28:04, Info CSI 000002ed [SR] Verify complete
2012-12-12 21:28:05, Info CSI 000002ee [SR] Verifying 100 (0x0000000000000064) components
2012-12-12 21:28:05, Info CSI 000002ef [SR] Beginning Verify and Repair transaction
2012-12-12 21:28:12, Info CSI 000002f1 [SR] Verify complete
2012-12-12 21:28:12, Info CSI 000002f2 [SR] Verifying 24 (0x0000000000000018) components
2012-12-12 21:28:12, Info CSI 000002f3 [SR] Beginning Verify and Repair transaction
2012-12-12 21:28:13, Info CSI 000002f5 [SR] Verify complete
2012-12-12 21:28:13, Info CSI 000002f6 [SR] Repairing 2 components
2012-12-12 21:28:13, Info CSI 000002f7 [SR] Beginning Verify and Repair transaction
2012-12-12 21:28:13, Info CSI 000002f9 [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-12-12 21:28:13, Info CSI 000002fa [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2012-12-12 21:28:13, Info CSI 000002fc [SR] Cannot repair member file [l:22{11}]"autochk.exe" of Microsoft-Windows-Autochk, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-12-12 21:28:13, Info CSI 000002fd [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-12-12 21:28:13, Info CSI 00000300 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:22{11}]"autochk.exe"; source file in store is also corrupted
2012-12-12 21:28:13, Info CSI 00000301 [SR] Cannot repair member file [l:20{10}]"tcpmon.ini" of Microsoft-Windows-Printing-StandardPortMonitor-TCPMonINI, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2012-12-12 21:28:13, Info CSI 00000302 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2012-12-12 21:28:13, Info CSI 00000304 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:20{10}]"tcpmon.ini"; source file in store is also corrupted
2012-12-12 21:28:14, Info CSI 00000306 [SR] Repair complete
2012-12-12 21:28:14, Info CSI 00000307 [SR] Committing transaction
2012-12-12 21:28:14, Info CSI 0000030b [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired


----------



## Mark1956 (May 7, 2011)

Unfortunately the repair attempt on both those files has not worked and the system is still seeing them as corrupt.

The only way this is going to be fixed is to get your hands on the correct Windows 7 64bit DVD, or we may get somewhere if you can find the Recovery disc or get access to a PC running Windows 7 64bit so we can copy the files.

Do you see any warning flash up when you boot up the system that states that autochk is not working.


----------



## Mark1956 (May 7, 2011)

I have found a link for a legitimate official download to obtain a copy of Windows 7.

Windows 7 ISO downloads

This should enable us to solve the corrupt file problem. Click on the link above, scroll down the page a little and click on your version of Windows in the list: Windows 7 Home Premium (X64) under the list for English versions.

The download may take several hours to complete, I will put together some instructions to extract copies of the required files. Let me know when you have got it, save it to your desktop for ease of access.


----------

