Think I am infected - installed but cant run malwarebytes

[djmayes19]

Maniac,

Malware still doesnt run. I have deleted Java 6 and Adobe Reader- I was not going to install anything else until I heard back from you.

Do I need to get a new version of Windows 7 and do a complete re-install?

I am now worried about safety - like internet banking etc.

Deb

[Maniac]

• 
  
• Download and run mbam-clean.exe from here
  
• It will ask to restart your computer, please allow it to do so very important
  
• After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
  
  • 
    
  • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    
  • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
    Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.
    

[djmayes19]

I hadn't heard from you for awhile I logged a call with McAfee, (I have been a loyal customer - so wanted to get this fixed) who have fixed my slowness under the mcafee installation. There is an issue with the new system and IE, so I am now using google chrome, and have re-installed mcafee.

I have used the above two links - one to remove and then disabled mcafee. Malware does the same thing still - that is it looks like it installs, I get the files in the directory and I get the last screen where the 3 options, one being launch Malwares. I then get the thinking icon (spinning?) then the pointer. I see a setup icon on the taskbar - then nothing!

If I purchase the licence is there a gurantee that it will install? Can I run both mcafee and malwares?

Thanks

Deb

[djmayes19]

Ok so I have completely deleted all virus stuff.... Rebooted twice (just to be sure) and it still won't run. Is there some thing else I need to do?

[djmayes19]

Hi Maniac,

this is crazy - there is clearly a prob with the new mcafee system and errors. I still cannot load malwares (and my gut tells me to get this working).

There was a link on a mcafee page to this site http://malwaretips.com/Thread-How-to-completely-remove-ZeroAccess-Sirefef-rootkit-Removal-Guide

Are you aware of this site - do these steps work? I thought I would try them - but I can't even download the first file with mcafee installed = it quarantines the file! Is this a reputable site?

I really want to get Malwares to run - I do think there is something wrong with the laptop. Whether it is just files now corrupt and I need to reinstall?

|Thanks for your pateince and guidance

Deb

[djmayes19]

I also re-ran the MTV Health Check - and there are the following errors

Product Name : VirusScan - McAfee Total Protection Product Version : 16.1.144

Service 2 service(s) incorrect Expected Service State Incorrect

Expected : running

Existing : stopped

Service : McNaiAnn "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc Expected Service State Incorrect

Expected : running

Existing : stopped

Service : mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

Product Name : QuickClean and Shredder - McAfee Total Protection Product Version : 12.1.120

Process 1 process(s) incorrect Expected process not running

Expected : running

Existing : not running

C:\Program Files\mcafee\msc\mcapexe.exe Expected process running

C:\Program Files\Common Files\McAfee\Platform\mcsvchost\mcsvhost.exe

Expected process running

C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe

Product Name : SecurityCenter Product Version : 12.1.253

1 service(s) incorrect Expected Service State Incorrect

Expected : running

Existing : stopped

Service : McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe Expected Service Present

Service : McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe Expected Service Startup type Correct

Service : McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe

Product Name : AntiSpam - McAfee Total Protection Product Version : 13.1.115

Service 1 service(s) incorrect Expected Service State Incorrect

Expected : running

Existing : stopped

Service : MSK80Service "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc Expected Service Present

Service : MSK80Service "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc Expected Service Startup type Correct

Service : MSK80Service "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc

So I guess there are some services still not running - even though I have done a full uninstall and re-install. Could there be something in this that is impacting the Malware operating correctly?

[Maniac]

Please temporarily uninstall McAfee and restart your computer. Next, re-install Malwarebytes' Anti-Malware and check how is the situation without McAfee.

Also, I need a favor. Please upload somewhere, for example in www.rapidshare.com the dump file which was generated on the 5th january, when was run Malwarebytes Anti-Rootkit. The dump files are at C:\Windows\Minidump . Please send me a download link. Thanks in advance!

[djmayes19]

Sorry Maniac,

i have uninstalled Malwares (as I was just getting frustrated) and I think the files have also been removed. I ran a chkdsk - I had 4 bad sectors!! I have also run a sfc /scannow (instructed by Mcafee) and there are some corrupt files

Not sure if this is serious or not - here are the lines indicating the problems from that scan....

2013-01-10 19:19:55, Info CSI 000001db [sR] Verifying 100 (0x0000000000000064) components

2013-01-10 19:19:55, Info CSI 000001dc [sR] Beginning Verify and Repair transaction

2013-01-10 19:20:01, Info CSI 000001de [sR] Verify complete

2013-01-10 19:20:02, Info CSI 000001df [sR] Verifying 100 (0x0000000000000064) components

2013-01-10 19:20:02, Info CSI 000001e0 [sR] Beginning Verify and Repair transaction

2013-01-10 19:20:07, Info CSI 000001e2 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:20:11, Info CSI 000001e4 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:20:11, Info CSI 000001e5 [sR] This component was referenced by [l:224{112}]"Microsoft-Windows-MobilePC-Client-Sensors-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.MobilePC-Client-Sensors"

2013-01-10 19:20:12, Info CSI 000001e8 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:28{14}]"SensorsCpl.dll"; source file in store is also corrupted

2013-01-10 19:20:14, Info CSI 000001ed [sR] Verify complete

...............

2013-01-10 19:22:16, Info CSI 00000289 [sR] Verifying 100 (0x0000000000000064) components

2013-01-10 19:22:16, Info CSI 0000028a [sR] Beginning Verify and Repair transaction

2013-01-10 19:22:23, Info CSI 0000028e [sR] Verify complete

2013-01-10 19:22:23, Info CSI 0000028f [sR] Verifying 100 (0x0000000000000064) components

2013-01-10 19:22:23, Info CSI 00000290 [sR] Beginning Verify and Repair transaction

2013-01-10 19:22:27, Info CSI 00000292 [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:22:30, Info CSI 000002a7 [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:22:30, Info CSI 000002a8 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-10 19:22:30, Info CSI 000002ab [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:24{12}]"msvbvm60.dll"; source file in store is also corrupted

...........................

2013-01-10 19:24:03, Info CSI 000002f5 [sR] Repairing 2 components

2013-01-10 19:24:03, Info CSI 000002f6 [sR] Beginning Verify and Repair transaction

2013-01-10 19:24:03, Info CSI 000002f8 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:24:03, Info CSI 000002fa [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:24:03, Info CSI 000002fc [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:24:03, Info CSI 000002fd [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-10 19:24:03, Info CSI 00000300 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:24{12}]"msvbvm60.dll"; source file in store is also corrupted

2013-01-10 19:24:03, Info CSI 00000302 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:24:03, Info CSI 00000303 [sR] This component was referenced by [l:224{112}]"Microsoft-Windows-MobilePC-Client-Sensors-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.MobilePC-Client-Sensors"

2013-01-10 19:24:03, Info CSI 00000306 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:28{14}]"SensorsCpl.dll"; source file in store is also corrupted

2013-01-10 19:24:03, Info CSI 00000308 [sR] Repair complete

2013-01-10 19:24:03, Info CSI 00000309 [sR] Committing transaction

2013-01-10 19:24:03, Info CSI 0000030d [sR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired

2013-01-10 19:40:43, Info CSI 00000009 [sR] Verifying 100 (0x0000000000000064) components

.....................................

2013-01-10 19:48:35, Info CSI 000001db [sR] Verifying 100 (0x0000000000000064) components

2013-01-10 19:48:35, Info CSI 000001dc [sR] Beginning Verify and Repair transaction

2013-01-10 19:48:41, Info CSI 000001de [sR] Verify complete

2013-01-10 19:48:41, Info CSI 000001df [sR] Verifying 100 (0x0000000000000064) components

2013-01-10 19:48:41, Info CSI 000001e0 [sR] Beginning Verify and Repair transaction

2013-01-10 19:48:46, Info CSI 000001e2 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:48:50, Info CSI 000001e4 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:48:50, Info CSI 000001e5 [sR] This component was referenced by [l:224{112}]"Microsoft-Windows-MobilePC-Client-Sensors-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.MobilePC-Client-Sensors"

2013-01-10 19:48:50, Info CSI 000001e8 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:28{14}]"SensorsCpl.dll"; source file in store is also corrupted

2013-01-10 19:48:53, Info CSI 000001ed [sR] Verify complete

................................................

2013-01-10 19:50:52, Info CSI 00000290 [sR] Beginning Verify and Repair transaction

2013-01-10 19:50:55, Info CSI 00000292 [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:50:59, Info CSI 000002a7 [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:50:59, Info CSI 000002a8 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-10 19:50:59, Info CSI 000002ab [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:24{12}]"msvbvm60.dll"; source file in store is also corrupted

................................................

2013-01-10 19:52:18, Info CSI 000002f1 [sR] Verifying 29 (0x000000000000001d) components

2013-01-10 19:52:18, Info CSI 000002f2 [sR] Beginning Verify and Repair transaction

2013-01-10 19:52:19, Info CSI 000002f4 [sR] Verify complete

2013-01-10 19:52:19, Info CSI 000002f5 [sR] Repairing 2 components

2013-01-10 19:52:19, Info CSI 000002f6 [sR] Beginning Verify and Repair transaction

2013-01-10 19:52:19, Info CSI 000002f8 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:52:19, Info CSI 000002fa [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:52:19, Info CSI 000002fc [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:52:19, Info CSI 000002fd [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-10 19:52:19, Info CSI 00000300 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:24{12}]"msvbvm60.dll"; source file in store is also corrupted

2013-01-10 19:52:19, Info CSI 00000302 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 19:52:19, Info CSI 00000303 [sR] This component was referenced by [l:224{112}]"Microsoft-Windows-MobilePC-Client-Sensors-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.MobilePC-Client-Sensors"

2013-01-10 19:52:19, Info CSI 00000306 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:28{14}]"SensorsCpl.dll"; source file in store is also corrupted

2013-01-10 19:52:19, Info CSI 00000308 [sR] Repair complete

2013-01-10 19:52:19, Info CSI 00000309 [sR] Committing transaction

2013-01-10 19:52:19, Info CSI 0000030d [sR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired

2013-01-10 20:04:57, Info CSI 00000009 [sR] Verifying 100 (0x0000000000000064) components

2013-01-10 20:04:57, Info CSI 0000000a [sR] Beginning Verify and Repair transaction

....................................

2013-01-10 20:13:41, Info CSI 000001df [sR] Verifying 100 (0x0000000000000064) components

2013-01-10 20:13:41, Info CSI 000001e0 [sR] Beginning Verify and Repair transaction

2013-01-10 20:13:45, Info CSI 000001e2 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 20:13:49, Info CSI 000001e4 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 20:13:49, Info CSI 000001e5 [sR] This component was referenced by [l:224{112}]"Microsoft-Windows-MobilePC-Client-Sensors-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.MobilePC-Client-Sensors"

2013-01-10 20:13:49, Info CSI 000001e8 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:28{14}]"SensorsCpl.dll"; source file in store is also corrupted

.........................................

2013-01-10 20:15:45, Info CSI 0000028f [sR] Verifying 100 (0x0000000000000064) components

2013-01-10 20:15:45, Info CSI 00000290 [sR] Beginning Verify and Repair transaction

2013-01-10 20:15:48, Info CSI 00000292 [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 20:15:51, Info CSI 000002a7 [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 20:15:51, Info CSI 000002a8 [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-10 20:15:51, Info CSI 000002ab [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:24{12}]"msvbvm60.dll"; source file in store is also corrupted

..................................................................

2013-01-10 20:17:11, Info CSI 000002f2 [sR] Beginning Verify and Repair transaction

2013-01-10 20:17:12, Info CSI 000002f4 [sR] Verify complete

2013-01-10 20:17:12, Info CSI 000002f5 [sR] Repairing 2 components

2013-01-10 20:17:12, Info CSI 000002f6 [sR] Beginning Verify and Repair transaction

2013-01-10 20:17:12, Info CSI 000002f8 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 20:17:12, Info CSI 000002fa [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 20:17:12, Info CSI 000002fc [sR] Cannot repair member file [l:24{12}]"msvbvm60.dll" of Microsoft-Windows-MSVBVM60, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 20:17:12, Info CSI 000002fd [sR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"

2013-01-10 20:17:12, Info CSI 00000300 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:24{12}]"msvbvm60.dll"; source file in store is also corrupted

2013-01-10 20:17:12, Info CSI 00000302 [sR] Cannot repair member file [l:28{14}]"SensorsCpl.dll" of Microsoft-Windows-MobilePC-Sensors-CPL, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch

2013-01-10 20:17:12, Info CSI 00000303 [sR] This component was referenced by [l:224{112}]"Microsoft-Windows-MobilePC-Client-Sensors-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.MobilePC-Client-Sensors"

2013-01-10 20:17:12, Info CSI 00000306 [sR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\windows\SysWOW64"\[l:28{14}]"SensorsCpl.dll"; source file in store is also corrupted

2013-01-10 20:17:12, Info CSI 00000308 [sR] Repair complete

2013-01-10 20:17:12, Info CSI 00000309 [sR] Committing transaction

2013-01-10 20:17:12, Info CSI 0000030d [sR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired

What are your thoughts? Hope my laptop isn't dying

Just so you know - remember how the scan programs were all hanging - these are the file names they would all stick on! So that means something - doesnt it?

Deb

[Maniac]

Please download Farbar Service Scanner and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
    
  • Windows Firewall
    
  • System Restore
    
  • Security Center
    
  • Windows Update

  [*]Press "Scan".

  [*]It will create a log (FSS.txt) in the same directory the tool is run.

  [*]Please copy and paste the log to your reply.

[djmayes19]

Farbar Service Scanner Version: 16-01-2013

Ran by Mayes (administrator) on 20-01-2013 at 16:26:46

Running from "C:\Users\Mayes\Downloads"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Attempt to access Google IP returned error. Google IP is offline

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Thanks Deb

[Maniac]

1. Download

Complete Internet Repair and run it.
Extract it on your desktop.
Double click on CIntRep.exe
Click on OK button for any security responses.
Put a checkmarks on all boxes.
Click on the GO button
Restart the computer

Generate and post a new fresh Farbar Service Scanner log.

[djmayes19]

Here is the FSS after the Complete Internet Repair (I have uninstalled Windows LIve Messenger - as it is turning off soon)

Farbar Service Scanner Version: 16-01-2013

Ran by Mayes (administrator) on 23-01-2013 at 07:51:29

Running from "C:\Users\Mayes\Downloads"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Attempt to access Google IP returned error. Google IP is offline

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

[djmayes19]

I also tried to reinstall malwares - it just doesnt run!!!!!!

Have you ever seen this before ??

[djmayes19]

I also ran Chameleon in Safe Mode - this time it worked!!! Well, the Dos window showed progress and it had a lot of "Done!" -- however after a reboot I could not get malwares to run

Will wait for the next step! I dont have the laptop on much - as I am worried I open to hackers/viruses etc!

[Maniac]

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named)

Click the cog in the upper right

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

Allow AVP to delete all infections found

Once it has finished select report tab (last tab)

Select Detected threads report from the left and press Save button

Save it to your desktop and post it in your next reply.

[djmayes19]

Ran AVP - no threats found. The test took over 9 hours to run as well - is that normal???

[Maniac]

Yes, sometimes it happen.

Please contact the help desk at Consumer Support. Send them a link to this thread.

[Maurice Naggar]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.