Jump to content

22 posts in this topic

Posted

So a day ago I discovered that Windows Firewall was completely missing from my computer when trying to install Tinywall, for reasons completely unknown to me. I remember Firewall prompting me with new programs less than a few weeks ago. Nothing really occurred to me since it's rare unless I install a new game.


I get this when I try to enable it through control panel by hitting "Use Recommended Settings".
[img]http://localhostr.com/files/4S2rJos/Windows%20Firewall.png[/img]


I've googled around and everyone seems to suggest that I have a virus. I am 100% certain that I do [b]not[/b] have a virus. I am very mature in the way I use the internet, and all my software is constantly up to date. Java is version 7, Firefox is 9.0.1, etc. On top of it, I scanned with MSE (which I also have running real time protection), SuperAntiSpyware, and Malwarebytes. Each of them did a full scan and came up with nothing more than a few isolated false positive trojans in my downloads folder, which I went ahead and deleted anyway since I no longer needed them.

What I am thinking is that possibly TuneUp Utilities did this on accident, but trying to enable it through TuneUp yeilded similar results.

Moreover, the weirdest part is the WIndows Firewall service is [i]completely[/i] missing from services.msc.

I would very much like to have a firewall, but I do not want to reinstall Windows for that, as it may cause complications with my boot loader and reinstalling everything would take months of redownloading installers and such.

Can anyone tell me how I would go about reinstalling this Windows feature?

Share this post


Link to post
Share on other sites

Posted

I've seen that error several times recently on different machines. Usually after removing spyware/virus programs.
I think I diid the following in the command prompt one at a Time: (press enter to execute file) (Might have to run command prompt as admin(?))
regsvr32 wwapi.dll press 'enter' etc.
regsvr32 wuaueng.dll
regsvr32 wuaueng11.dll
regsvr32 wucltui.dll
regsvr32 wups.dll
regsvr32 wups2.dll
regsvr32 wuweb32.dll

Next time you might want to run "rkill'' to stop running processes before running malwarebytes.
1 person likes this

Share this post


Link to post
Share on other sites

Posted

I am not sure if you've tried this yet!

You can start the following services manually:

Windows Firewall (MpsSvc)
CNG Key Isolation (KeyIso)
Base Filtering Engine (BFE)
Firewall Client Agent (FwcAgent)

To do this, follow the steps below:
Click Start, type Notepad in the Start Search box (Windows Vista) or the Search programs and files box (Windows 7), and then click Notepad in the programs list.

Highlight the following text, right click the highlighted text, and then click Copy. Go to Notepad, right click anywhere in the Notepad window, and then click Paste.


[quote]
sc config MpsSvc start= auto

sc config KeyIso start= auto

sc config BFE start= auto

sc config FwcAgent start= auto

net stop MpsSvc

net start MpsSvc

net stop KeyIso

net start KeyIso

net stop BFE

net start BFE

net stop FwcAgent

net start FwcAgent[/quote]


Click File, click Save As, and then type Repair.bat in the File name box.

Click the Save as type dropdown, then click All Files (*.*).

In the left window pane, click Desktop, and then click Save.

On the File menu, click Exit.

From your Desktop, right click the Repair.bat file that you saved in step 5, and then click Run as administrator. This action starts the required services.
Note If you are prompted for confirmation, click Yes.

Try to start the Windows Firewall again. If you can start Windows Firewall, delete the Repair.bat file. To delete the Repair.bat file, right-click Repair.bat, click Delete, and then click Yes.
2 people like this

Share this post


Link to post
Share on other sites

Posted

You can also try this:

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]download [/size][/font][/color][url="http://download.bleepingcomputer.com/farbar/FSS.exe"][b]Farbar Service Scanner[/b][/url][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and run it on the computer with the issue.[/size][/font][/color][list]
[*]Make sure the following options are checked:
[list]
[*][b]Internet Services[/b]
[*][b]Windows Firewall[/b]
[*][b]System Restore[/b]
[*][b]Security Center[/b]
[/list][*]Press "[b]Scan[/b]".
[*]It will create a log (FSS.txt) in the same directory the tool is run.
[*]Then: Check your log file for missing entries.
[/list]
[color=red][font=arial, verdana, tahoma, sans-serif][size=3][b]Following steps involve registry editing. Please create new restore point before proceeding!!![/b][/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Download [/size][/font][/color][b]Seven.zip[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file from here: [/size][/font][/color][url="http://www.smartestcomputing.us.com/files/download/9-registry-network-keys/"]http://www.smartestc...y-network-keys/[/url]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Unzip the file.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]You'll find several files inside.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]As an example do the following:[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]bfe.reg[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file, click "Merge".[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Allow registry merge.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]mpssvc.reg[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file, click "Merge".[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Allow registry merge.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Restart computer.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click [/size][/font][/color][b]Start[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and in "Start search" type in:[/size][/font][/color]
[b]regedit[/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Press Enter.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Registry editor will open.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Navigate to:[/size][/font][/color]
[b]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\[color=red]BFE[/color][/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]BFE[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] key, click "Permissions"[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click on [/size][/font][/color][b]Add[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] button, type [/size][/font][/color][b]Everyone[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and click OK.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Now click once on [/size][/font][/color][b]Everyone[/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Below, in "Permissions" pane checkmark "Alow" in "Full control" row.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click OK.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]In a set of files you downloaded in previous step find [/size][/font][/color][b]start_services.bat[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3].[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Double click on it to run the fix.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Check on firewall issue and check new FSS log.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Hope that this helps![/size][/font][/color]
4 people like this

Share this post


Link to post
Share on other sites

Posted

Thanks for the replies. I am running into hitches with each of the solutions. Yes, my command prompt is admin.

[b][size=6]First reply:[/size][/b]

regsvr32 wwapi.dll
[code][Window Title]
RegSvr32

[Content]
The module "wwapi.dll" was loaded but the entry-point DllRegisterServer was not found.

Make sure that "wwapi.dll" is a valid DLL or OCX file and then try again.

[OK][/code]

regsvr32 wuaueng.dll > Registerred with no problems.

regsvr32 wuaueng11.dll
[code][Window Title]
RegSvr32

[Content]
The module "wuaueng11.dll" failed to load.

Make sure the binary is stored at the specified path or debug it to check for problems with the binary or dependent .DLL files.

The specified module could not be found.


[OK][/code]

regsvr32 wucltui.dll
[code]
[Window Title]
RegSvr32

[Content]
The module "wucltui.dll" failed to load.

Make sure the binary is stored at the specified path or debug it to check for problems with the binary or dependent .DLL files.

The specified module could not be found.


[OK][/code]

regsvr32 wups.dll > Registerred successfully.

regsvr32 wups2.dll > Registerred successfully.

regsvr32 wuweb32.dll > Registerred successfully.



[b][size=6]Second reply:[/size][/b]
Here's my output.
[code]C:\Windows\system32>C:\Users\Recon\Desktop\ba.bat

C:\Windows\system32>sc config MpsSvc start= auto
[SC] OpenService FAILED 1060:

The specified service does not exist as an installed service.


C:\Windows\system32>sc config KeyIso start= auto
[SC] ChangeServiceConfig SUCCESS

C:\Windows\system32>sc config BFE start= auto
[SC] OpenService FAILED 1060:

The specified service does not exist as an installed service.


C:\Windows\system32>sc config FwcAgent start= auto
[SC] OpenService FAILED 1060:

The specified service does not exist as an installed service.


C:\Windows\system32>net stop MpsSvc
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\Windows\system32>net start MpsSvc
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\Windows\system32>net stop KeyIso
The CNG Key Isolation service is stopping.
The CNG Key Isolation service was stopped successfully.


C:\Windows\system32>net start KeyIso
The CNG Key Isolation service is starting.
The CNG Key Isolation service was started successfully.


C:\Windows\system32>net stop BFE
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\Windows\system32>net start BFE
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\Windows\system32>net stop FwcAgent
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\Windows\system32>net start FwcAgent
The service name is invalid.

More help is available by typing NET HELPMSG 2185.[/code]


[b][size=6]Third reply:[/size][/b]
[code]Farbar Service Scanner
Ran by Recon (administrator) on 03-01-2012 at 18:16:05
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: Attention! Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is set to Auto. The default start type is 3.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****[/code]

Will try second suggestion in a moment.

Share this post


Link to post
Share on other sites

Posted

Did you go see if you could get the firewall going yet? I noticed also not all dll will re-register at times.
Your firewall is still in the machine it is just disabled.
I just repaired one for that problem yesterday.
I know that the 'regsvr32 wuaueng.dll' will cause the machine to get updates when the machine refuses.

Share this post


Link to post
Share on other sites

Posted

Farstrider confirmed for being genius. It worked!

And of course, thank you wahoospa for contributing as well :)

But one last problem. FSS seems to think System Restore is still offline, and I cannot repeat the steps that you laid out like I did with Security Center, because it says the keys are in use. I even tried doing the sdrsvc.reg in safemode, and it returned that message.

[quote]
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.[/quote]

Not that I've ever used System Restore, or feel like I will at any point. It would be nice to have, however.
1 person likes this

Share this post


Link to post
Share on other sites

Posted

Hello,

Typical behavior for a system infected with the ZeroAccess (a/k/a Win32/Sireref) rootkit. Since the rootkit takes control before the operating system loads it will deflect attempts to bypass/remove it.

Here are some write-ups discussing it: [url="http://www.eset.eu/encyclopaedia/win32-sirefef-a-trojan-dropper-pmax-a-horse-trojandropper"]ESET[/url], [url="http://blogs.mcafee.com/mcafee-labs/zeroaccess-rootkit-launched-by-signed-installers"]McAfee[/url], [url="http://www.symantec.com/security_response/writeup.jsp?docid=2011-071314-0410-99"]Symantec[/url] and [url="http://pxnow.prevx.com/content/blog/zeroaccess_analysis.pdf"]Webroot[/url] (Prevx).

Regards,

Aryeh Goretsky

Share this post


Link to post
Share on other sites

Posted

I would run MBAM to make sure that everything is clean! Also do a check for any root-kits:

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Also download [/size][/font][/color][b]GMER[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] from one of the following locations and save it to your desktop:[/size][/font][/color][list]
[*][url="http://www2.gmer.net/download.php"]Main Mirror[/url]
[i]This version will download a randomly named file (Recommended)[/i]
[*][url="http://www2.gmer.net/gmer.zip"]Zipped Mirror[/url]
[i]This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.[/i]
[/list][list]
[*]Disconnect from the Internet and close all running programs.
[*]Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
[*]Double-click on the [b]randomly named[/b] GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
[*][i][color=green]Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.[/color][/i]

[img]http://img.photobucket.com/albums/v666/sUBs/gmer_zip.gif[/img]
[*]GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. [i](do not use the computer while the scan is in progress)[/i]
[*]If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click [b]NO[/b].
[*]Now click the [b]Scan[/b] button. If you see a rootkit warning window, click OK.
[*]When the scan is finished, click the [b]Save...[/b] button to save the scan results to your Desktop. Save the file as [b]gmer.log[/b].
[*]Exit GMER and be sure to [b]re-enable[/b] your anti-virus, Firewall and any other security programs you had disabled.
[/list]
[u]IMPORTANT![/u][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] If for some reason GMER refuses to run, try again.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]If it still fails, try to UN-check "Devices" in right pane.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]If still no joy, try to run it from Safe Mode.[/size][/font][/color]

System restore is normally on by default is it not? I am not a windows user so I have to admit to not knowing this (Can't remember tbh!)

Navigate to the Start -> All Programs -> Accessories -> System Tools program group.

Click on the System Restore program icon.

Click Next > on the Restore system files and settings window.

[font=inherit][size=3][font=inherit]You will be able to see here if it's actually working or not don't run it obviously but you should be able to see if it's on or not! Also as far as I know that message that you got about VSS is normal![/font][/size][/font]


System Restore:
=============
[u]VSS Service is not running. Checking service configuration:[/u]

The start type of VSS service is OK.
The ImagePath of VSS service is OK.

Going to bed now, it's almost 4.30 am here, I will check later to see what your outcome is, cheers!
1 person likes this

Share this post


Link to post
Share on other sites

Posted

@goretsky: Thank you for the information. I checked for the files in your first link, and they were either missing, or not the same size. I do not wish to run the removal tool right now as I'm too lazy to restart my computer for a third time tonight.

@Farstrider
I did not complete the scan because I am running short on time, myself. My filesystem has lots of small files like game settings, Firefox cache files, and Windows Live Mail caches. It scanned what I think is about halfway, in half an hour. It scanned the registry as well. SPTD is a driver for Daemon Tools which I use to mount disk images.

[code]GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-03 19:57:59
Windows 6.1.7601 Service Pack 1
Running: ynummlu1.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x9B 0x71 0xD3 0x77 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA1 0xD7 0x85 0xEE ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x35 0x9B 0xFE 0x22 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x7B 0xE1 0xDC 0xD4 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x9B 0x71 0xD3 0x77 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA1 0xD7 0x85 0xEE ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x35 0x9B 0xFE 0x22 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x7B 0xE1 0xDC 0xD4 ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\KISS\

Share this post


Link to post
Share on other sites

Posted

Have you tried first running the System File Checker and/or the [url="http://www.thewindowsclub.com/diagnose-and-fix-windows-7-firewall-problems-automatically"]Windows Firewall Troubleshooter [/url]from Microsoft?

Share this post


Link to post
Share on other sites

Posted

[quote name='Farstrider' timestamp='1325639109' post='594560819']
You can also try this:

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]download [/size][/font][/color][url="http://download.bleepingcomputer.com/farbar/FSS.exe"][b]Farbar Service Scanner[/b][/url][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and run it on the computer with the issue.[/size][/font][/color][list]
[*]Make sure the following options are checked:
[list]
[*][b]Internet Services[/b]
[*][b]Windows Firewall[/b]
[*][b]System Restore[/b]
[*][b]Security Center[/b]
[/list][*]Press "[b]Scan[/b]".
[*]It will create a log (FSS.txt) in the same directory the tool is run.
[*]Then: Check your log file for missing entries.
[/list]
[color=red][font=arial, verdana, tahoma, sans-serif][size=3][b]Following steps involve registry editing. Please create new restore point before proceeding!!![/b][/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Download [/size][/font][/color][b]Seven.zip[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file from here: [/size][/font][/color][url="http://www.smartestcomputing.us.com/files/download/9-registry-network-keys/"]http://www.smartestc...y-network-keys/[/url]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Unzip the file.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]You'll find several files inside.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]As an example do the following:[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]bfe.reg[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file, click "Merge".[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Allow registry merge.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]mpssvc.reg[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file, click "Merge".[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Allow registry merge.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Restart computer.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click [/size][/font][/color][b]Start[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and in "Start search" type in:[/size][/font][/color]
[b]regedit[/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Press Enter.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Registry editor will open.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Navigate to:[/size][/font][/color]
[b]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\[color=red]BFE[/color][/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]BFE[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] key, click "Permissions"[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click on [/size][/font][/color][b]Add[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] button, type [/size][/font][/color][b]Everyone[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and click OK.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Now click once on [/size][/font][/color][b]Everyone[/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Below, in "Permissions" pane checkmark "Alow" in "Full control" row.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click OK.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]In a set of files you downloaded in previous step find [/size][/font][/color][b]start_services.bat[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3].[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Double click on it to run the fix.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Check on firewall issue and check new FSS log.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Hope that this helps![/size][/font][/color]
[/quote]

Thank you so much! I wasn't having the same exact issue as the thread starter but with Action Center instead. I tweaked a couple of steps slightly but managed to fix everything with the stuff you provided. Thanks much!

Damn Avast just decides to start destroying system files and registry keys and crashed my system on the next restart. It was a fresh install of Avast and I literally just finished reinstalling windows 7 five minutes before Avast started attacking my system. Anti-virus programs are the true viruses. I did a system restore but it didn't repair all the files it deleted. This was just what I needed!

Share this post


Link to post
Share on other sites

Posted

[quote name='Farstrider' timestamp='1325639109' post='594560819']
You can also try this:

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]download [/size][/font][/color][url="http://download.bleepingcomputer.com/farbar/FSS.exe"][b]Farbar Service Scanner[/b][/url][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and run it on the computer with the issue.[/size][/font][/color][list]
[*]Make sure the following options are checked:
[list]
[*][b]Internet Services[/b]
[*][b]Windows Firewall[/b]
[*][b]System Restore[/b]
[*][b]Security Center[/b]
[/list][*]Press "[b]Scan[/b]".
[*]It will create a log (FSS.txt) in the same directory the tool is run.
[*]Then: Check your log file for missing entries.
[/list]
[color=red][font=arial, verdana, tahoma, sans-serif][size=3][b]Following steps involve registry editing. Please create new restore point before proceeding!!![/b][/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Download [/size][/font][/color][b]Seven.zip[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file from here: [/size][/font][/color][url="http://www.smartestcomputing.us.com/files/download/9-registry-network-keys/"]http://www.smartestc...y-network-keys/[/url]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Unzip the file.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]You'll find several files inside.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]As an example do the following:[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]bfe.reg[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file, click "Merge".[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Allow registry merge.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]mpssvc.reg[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file, click "Merge".[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Allow registry merge.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Restart computer.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click [/size][/font][/color][b]Start[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and in "Start search" type in:[/size][/font][/color]
[b]regedit[/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Press Enter.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Registry editor will open.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Navigate to:[/size][/font][/color]
[b]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\[color=red]BFE[/color][/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]BFE[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] key, click "Permissions"[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click on [/size][/font][/color][b]Add[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] button, type [/size][/font][/color][b]Everyone[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and click OK.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Now click once on [/size][/font][/color][b]Everyone[/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Below, in "Permissions" pane checkmark "Alow" in "Full control" row.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click OK.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]In a set of files you downloaded in previous step find [/size][/font][/color][b]start_services.bat[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3].[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Double click on it to run the fix.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Check on firewall issue and check new FSS log.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Hope that this helps![/size][/font][/color]
[/quote]
@Farstrider thanks a million you are a God send. Microsoft as usual were no help and even cut me off a chat window, great customer service. My problem and solution went exactly like Reacon, we must have had the same virus. I knew I picked one up but I didnt realise the damage it had done. Keep up the good work. If it wasnt for people like yourself helping others along, then a lot of us would be completely stuck. 5 stars!

Share this post


Link to post
Share on other sites

Posted

[quote name='Farstrider' timestamp='1325638387' post='594560815']
I am not sure if you've tried this yet!

You can start the following services manually:

Windows Firewall (MpsSvc)
CNG Key Isolation (KeyIso)
Base Filtering Engine (BFE)
Firewall Client Agent (FwcAgent)

To do this, follow the steps below:
Click Start, type Notepad in the Start Search box (Windows Vista) or the Search programs and files box (Windows 7), and then click Notepad in the programs list.

Highlight the following text, right click the highlighted text, and then click Copy. Go to Notepad, right click anywhere in the Notepad window, and then click Paste.





Click File, click Save As, and then type Repair.bat in the File name box.

Click the Save as type dropdown, then click All Files (*.*).

In the left window pane, click Desktop, and then click Save.

On the File menu, click Exit.

From your Desktop, right click the Repair.bat file that you saved in step 5, and then click Run as administrator. This action starts the required services.
Note If you are prompted for confirmation, click Yes.

Try to start the Windows Firewall again. If you can start Windows Firewall, delete the Repair.bat file. To delete the Repair.bat file, right-click Repair.bat, click Delete, and then click Yes.
[/quote]


I had to register over here just to thank you.. so thanks a lot, it fixed my problem !

And also thanks to Reacon because his tips also were very helpfull!

Share this post


Link to post
Share on other sites

Posted

I know your issue is probably fixed. But I ran into a problem where the windows firewall service wouldn't start. It turned out a dependency service BFE couldn't start because the file bfe.dll.mui was missing from the c:\windows\system32\en-us folder. After copying that file from a windows installation inside a VM everything worked great.

Share this post


Link to post
Share on other sites

Posted

[quote name='Farstrider' timestamp='1325638387' post='594560815']
I am not sure if you've tried this yet!

You can start the following services manually:

Windows Firewall (MpsSvc)
CNG Key Isolation (KeyIso)
Base Filtering Engine (BFE)
Firewall Client Agent (FwcAgent)

To do this, follow the steps below:
Click Start, type Notepad in the Start Search box (Windows Vista) or the Search programs and files box (Windows 7), and then click Notepad in the programs list.

Highlight the following text, right click the highlighted text, and then click Copy. Go to Notepad, right click anywhere in the Notepad window, and then click Paste.





Click File, click Save As, and then type Repair.bat in the File name box.

Click the Save as type dropdown, then click All Files (*.*).

In the left window pane, click Desktop, and then click Save.

On the File menu, click Exit.

From your Desktop, right click the Repair.bat file that you saved in step 5, and then click Run as administrator. This action starts the required services.
Note If you are prompted for confirmation, click Yes.

Try to start the Windows Firewall again. If you can start Windows Firewall, delete the Repair.bat file. To delete the Repair.bat file, right-click Repair.bat, click Delete, and then click Yes.
[/quote]


Been going crazy trying to figure out how to turn back on this did the trick! THANKS!

Share this post


Link to post
Share on other sites

Posted

[quote name='Farstrider' timestamp='1325639109' post='594560819']
You can also try this:

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]download [/size][/font][/color][url="http://download.bleepingcomputer.com/farbar/FSS.exe"][b]Farbar Service Scanner[/b][/url][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and run it on the computer with the issue.[/size][/font][/color][list]
[*]Make sure the following options are checked:
[list]
[*][b]Internet Services[/b]
[*][b]Windows Firewall[/b]
[*][b]System Restore[/b]
[*][b]Security Center[/b]
[/list][*]Press "[b]Scan[/b]".
[*]It will create a log (FSS.txt) in the same directory the tool is run.
[*]Then: Check your log file for missing entries.
[/list]
[color=red][font=arial, verdana, tahoma, sans-serif][size=3][b]Following steps involve registry editing. Please create new restore point before proceeding!!![/b][/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Download [/size][/font][/color][b]Seven.zip[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file from here: [/size][/font][/color][url="http://www.smartestcomputing.us.com/files/download/9-registry-network-keys/"]http://www.smartestc...y-network-keys/[/url]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Unzip the file.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]You'll find several files inside.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]As an example do the following:[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]bfe.reg[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file, click "Merge".[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Allow registry merge.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]mpssvc.reg[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] file, click "Merge".[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Allow registry merge.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Restart computer.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click [/size][/font][/color][b]Start[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and in "Start search" type in:[/size][/font][/color]
[b]regedit[/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Press Enter.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Registry editor will open.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Navigate to:[/size][/font][/color]
[b]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\[color=red]BFE[/color][/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Right click on [/size][/font][/color][b]BFE[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] key, click "Permissions"[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click on [/size][/font][/color][b]Add[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] button, type [/size][/font][/color][b]Everyone[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3] and click OK.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Now click once on [/size][/font][/color][b]Everyone[/b]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Below, in "Permissions" pane checkmark "Alow" in "Full control" row.[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Click OK.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]In a set of files you downloaded in previous step find [/size][/font][/color][b]start_services.bat[/b][color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3].[/size][/font][/color]
[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Double click on it to run the fix.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Check on firewall issue and check new FSS log.[/size][/font][/color]

[color=#1C2837][font=arial, verdana, tahoma, sans-serif][size=3]Hope that this helps![/size][/font][/color]
[/quote]



hi
i applied the fix with the seven.zip but i still get the following log from fss:


[CODE]
Farbar Service Scanner Version: 09-06-2012
Ran by fuerchter (administrator) on 19-06-2012 at 00:04:08
Running from "C:\Users\fuerchter\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

Firewall Disabled Policy:
==================

System Restore:
============
System Restore Disabled Policy:
========================

Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.

Windows Update:
============
Windows Autoupdate Disabled Policy:
============================

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-18 23:38] - [2012-04-24 07:37] - 0184320 ____A (Microsoft Corporation) 4F5414602E2544A4554D95517948B705
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****
[/CODE]

upon pressing "use recommended settings" in the firewall settings absolutely nothing happens.
the service shows up now though (after it was completely invisible). when i try to start the service i get an error message referring my to the system event log and the advanced security window still shows error 0x6d9 :(

any help?

Share this post


Link to post
Share on other sites

Posted

i just ran the system file checker and apparently some files are corrupt

here's the log:

[CODE]
2012-06-19 12:27:54, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:27:54, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2012-06-19 12:27:54, Info CSI 0000000c [SR] Verify complete
2012-06-19 12:27:54, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:27:54, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2012-06-19 12:27:54, Info CSI 00000010 [SR] Verify complete
2012-06-19 12:27:55, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:27:55, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2012-06-19 12:27:55, Info CSI 00000014 [SR] Verify complete
2012-06-19 12:27:55, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:27:55, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2012-06-19 12:27:56, Info CSI 00000018 [SR] Verify complete
2012-06-19 12:27:56, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:27:56, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2012-06-19 12:27:56, Info CSI 0000001c [SR] Verify complete
2012-06-19 12:27:56, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:27:56, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2012-06-19 12:27:56, Info CSI 00000020 [SR] Verify complete
2012-06-19 12:27:56, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:27:56, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2012-06-19 12:27:57, Info CSI 00000024 [SR] Verify complete
2012-06-19 12:27:57, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:27:57, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2012-06-19 12:27:58, Info CSI 00000028 [SR] Verify complete
2012-06-19 12:27:58, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:27:58, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2012-06-19 12:27:58, Info CSI 0000002c [SR] Verify complete
2012-06-19 12:27:58, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:27:58, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2012-06-19 12:27:59, Info CSI 00000031 [SR] Verify complete
2012-06-19 12:27:59, Info CSI 00000032 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:27:59, Info CSI 00000033 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:00, Info CSI 00000037 [SR] Verify complete
2012-06-19 12:28:01, Info CSI 00000038 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:01, Info CSI 00000039 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:01, Info CSI 0000003b [SR] Verify complete
2012-06-19 12:28:01, Info CSI 0000003c [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:01, Info CSI 0000003d [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:02, Info CSI 00000041 [SR] Verify complete
2012-06-19 12:28:02, Info CSI 00000042 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:02, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:04, Info CSI 00000045 [SR] Verify complete
2012-06-19 12:28:04, Info CSI 00000046 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:04, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:06, Info CSI 00000069 [SR] Verify complete
2012-06-19 12:28:06, Info CSI 0000006a [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:06, Info CSI 0000006b [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:07, Info CSI 00000070 [SR] Verify complete
2012-06-19 12:28:07, Info CSI 00000071 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:07, Info CSI 00000072 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:09, Info CSI 00000074 [SR] Verify complete
2012-06-19 12:28:09, Info CSI 00000075 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:09, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:10, Info CSI 00000078 [SR] Verify complete
2012-06-19 12:28:10, Info CSI 00000079 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:10, Info CSI 0000007a [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:11, Info CSI 0000007c [SR] Verify complete
2012-06-19 12:28:11, Info CSI 0000007d [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:11, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:12, Info CSI 00000080 [SR] Verify complete
2012-06-19 12:28:12, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:12, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:15, Info CSI 00000086 [SR] Verify complete
2012-06-19 12:28:15, Info CSI 00000087 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:15, Info CSI 00000088 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:16, Info CSI 000000a9 [SR] Verify complete
2012-06-19 12:28:17, Info CSI 000000aa [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:17, Info CSI 000000ab [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:20, Info CSI 000000ad [SR] Verify complete
2012-06-19 12:28:20, Info CSI 000000ae [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:20, Info CSI 000000af [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:23, Info CSI 000000b3 [SR] Verify complete
2012-06-19 12:28:23, Info CSI 000000b4 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:23, Info CSI 000000b5 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:23, Info CSI 000000b7 [SR] Verify complete
2012-06-19 12:28:24, Info CSI 000000b8 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:24, Info CSI 000000b9 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:24, Info CSI 000000bb [SR] Verify complete
2012-06-19 12:28:24, Info CSI 000000bc [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:24, Info CSI 000000bd [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:24, Info CSI 000000bf [SR] Verify complete
2012-06-19 12:28:24, Info CSI 000000c0 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:24, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:27, Info CSI 000000ca [SR] Verify complete
2012-06-19 12:28:27, Info CSI 000000cb [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:27, Info CSI 000000cc [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:28, Info CSI 000000d8 [SR] Verify complete
2012-06-19 12:28:29, Info CSI 000000d9 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:29, Info CSI 000000da [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:29, Info CSI 000000dc [SR] Verify complete
2012-06-19 12:28:29, Info CSI 000000dd [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:29, Info CSI 000000de [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:30, Info CSI 000000e0 [SR] Verify complete
2012-06-19 12:28:30, Info CSI 000000e1 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:30, Info CSI 000000e2 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:30, Info CSI 000000e4 [SR] Verify complete
2012-06-19 12:28:30, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:30, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:31, Info CSI 000000e8 [SR] Verify complete
2012-06-19 12:28:31, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:31, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:33, Info CSI 000000ed [SR] Verify complete
2012-06-19 12:28:33, Info CSI 000000ee [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:33, Info CSI 000000ef [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:35, Info CSI 000000f2 [SR] Verify complete
2012-06-19 12:28:35, Info CSI 000000f3 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:35, Info CSI 000000f4 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:35, Info CSI 000000f6 [SR] Verify complete
2012-06-19 12:28:35, Info CSI 000000f7 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:35, Info CSI 000000f8 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:36, Info CSI 000000fa [SR] Verify complete
2012-06-19 12:28:36, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:36, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:37, Info CSI 000000fe [SR] Verify complete
2012-06-19 12:28:37, Info CSI 000000ff [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:37, Info CSI 00000100 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:38, Info CSI 00000102 [SR] Verify complete
2012-06-19 12:28:38, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:38, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:40, Info CSI 00000106 [SR] Verify complete
2012-06-19 12:28:40, Info CSI 00000107 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:40, Info CSI 00000108 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:43, Info CSI 00000120 [SR] Verify complete
2012-06-19 12:28:43, Info CSI 00000121 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:43, Info CSI 00000122 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:45, Info CSI 00000124 [SR] Verify complete
2012-06-19 12:28:45, Info CSI 00000125 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:45, Info CSI 00000126 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:51, Info CSI 00000128 [SR] Verify complete
2012-06-19 12:28:51, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:51, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:53, Info CSI 0000012c [SR] Verify complete
2012-06-19 12:28:53, Info CSI 0000012d [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:53, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:55, Info CSI 00000130 [SR] Verify complete
2012-06-19 12:28:55, Info CSI 00000131 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:55, Info CSI 00000132 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:56, Info CSI 00000134 [SR] Verify complete
2012-06-19 12:28:56, Info CSI 00000135 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:56, Info CSI 00000136 [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:57, Info CSI 00000138 [SR] Verify complete
2012-06-19 12:28:57, Info CSI 00000139 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:57, Info CSI 0000013a [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:58, Info CSI 0000013c [SR] Verify complete
2012-06-19 12:28:58, Info CSI 0000013d [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:58, Info CSI 0000013e [SR] Beginning Verify and Repair transaction
2012-06-19 12:28:59, Info CSI 00000142 [SR] Verify complete
2012-06-19 12:28:59, Info CSI 00000143 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:28:59, Info CSI 00000144 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:03, Info CSI 00000146 [SR] Verify complete
2012-06-19 12:29:03, Info CSI 00000147 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:03, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:04, Info CSI 0000014b [SR] Verify complete
2012-06-19 12:29:04, Info CSI 0000014c [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:04, Info CSI 0000014d [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:05, Info CSI 0000014f [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store
2012-06-19 12:29:05, Info CSI 00000151 [SR] Verify complete
2012-06-19 12:29:05, Info CSI 00000152 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:05, Info CSI 00000153 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:06, Info CSI 00000156 [SR] Verify complete
2012-06-19 12:29:07, Info CSI 00000157 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:07, Info CSI 00000158 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:09, Info CSI 0000015b [SR] Verify complete
2012-06-19 12:29:09, Info CSI 0000015c [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:09, Info CSI 0000015d [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:10, Info CSI 0000015f [SR] Verify complete
2012-06-19 12:29:10, Info CSI 00000160 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:10, Info CSI 00000161 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:11, Info CSI 00000163 [SR] Verify complete
2012-06-19 12:29:11, Info CSI 00000164 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:11, Info CSI 00000165 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:12, Info CSI 00000167 [SR] Verify complete
2012-06-19 12:29:12, Info CSI 00000168 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:12, Info CSI 00000169 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:13, Info CSI 0000016c [SR] Verify complete
2012-06-19 12:29:13, Info CSI 0000016d [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:13, Info CSI 0000016e [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:15, Info CSI 00000170 [SR] Verify complete
2012-06-19 12:29:15, Info CSI 00000171 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:15, Info CSI 00000172 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:16, Info CSI 00000174 [SR] Verify complete
2012-06-19 12:29:16, Info CSI 00000175 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:16, Info CSI 00000176 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:18, Info CSI 00000179 [SR] Verify complete
2012-06-19 12:29:18, Info CSI 0000017a [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:18, Info CSI 0000017b [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:19, Info CSI 0000017f [SR] Verify complete
2012-06-19 12:29:19, Info CSI 00000180 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:19, Info CSI 00000181 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:20, Info CSI 00000183 [SR] Verify complete
2012-06-19 12:29:20, Info CSI 00000184 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:20, Info CSI 00000185 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:22, Info CSI 00000187 [SR] Verify complete
2012-06-19 12:29:22, Info CSI 00000188 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:22, Info CSI 00000189 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:24, Info CSI 0000018c [SR] Verify complete
2012-06-19 12:29:24, Info CSI 0000018d [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:24, Info CSI 0000018e [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:24, Info CSI 00000190 [SR] Verify complete
2012-06-19 12:29:25, Info CSI 00000191 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:25, Info CSI 00000192 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:25, Info CSI 00000194 [SR] Verify complete
2012-06-19 12:29:25, Info CSI 00000195 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:25, Info CSI 00000196 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:26, Info CSI 00000198 [SR] Verify complete
2012-06-19 12:29:26, Info CSI 00000199 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:26, Info CSI 0000019a [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:27, Info CSI 0000019c [SR] Verify complete
2012-06-19 12:29:27, Info CSI 0000019d [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:27, Info CSI 0000019e [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:29, Info CSI 000001a0 [SR] Verify complete
2012-06-19 12:29:29, Info CSI 000001a1 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:29, Info CSI 000001a2 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:29, Info CSI 000001a4 [SR] Verify complete
2012-06-19 12:29:29, Info CSI 000001a5 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:29, Info CSI 000001a6 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:30, Info CSI 000001a8 [SR] Verify complete
2012-06-19 12:29:31, Info CSI 000001a9 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:31, Info CSI 000001aa [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:33, Info CSI 000001ac [SR] Verify complete
2012-06-19 12:29:33, Info CSI 000001ad [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:33, Info CSI 000001ae [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:36, Info CSI 000001b0 [SR] Verify complete
2012-06-19 12:29:36, Info CSI 000001b1 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:36, Info CSI 000001b2 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:37, Info CSI 000001b4 [SR] Verify complete
2012-06-19 12:29:37, Info CSI 000001b5 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:37, Info CSI 000001b6 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:38, Info CSI 000001b8 [SR] Verify complete
2012-06-19 12:29:38, Info CSI 000001b9 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:38, Info CSI 000001ba [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:38, Info CSI 000001bc [SR] Verify complete
2012-06-19 12:29:39, Info CSI 000001bd [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:39, Info CSI 000001be [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:39, Info CSI 000001c0 [SR] Verify complete
2012-06-19 12:29:39, Info CSI 000001c1 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:39, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:40, Info CSI 000001c4 [SR] Verify complete
2012-06-19 12:29:40, Info CSI 000001c5 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:40, Info CSI 000001c6 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:42, Info CSI 000001ce [SR] Verify complete
2012-06-19 12:29:42, Info CSI 000001cf [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:42, Info CSI 000001d0 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:43, Info CSI 000001d2 [SR] Verify complete
2012-06-19 12:29:43, Info CSI 000001d3 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:43, Info CSI 000001d4 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:43, Info CSI 000001d6 [SR] Verify complete
2012-06-19 12:29:43, Info CSI 000001d7 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:43, Info CSI 000001d8 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:44, Info CSI 000001da [SR] Verify complete
2012-06-19 12:29:44, Info CSI 000001db [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:44, Info CSI 000001dc [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:45, Info CSI 000001de [SR] Verify complete
2012-06-19 12:29:46, Info CSI 000001df [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:46, Info CSI 000001e0 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:48, Info CSI 000001e3 [SR] Verify complete
2012-06-19 12:29:48, Info CSI 000001e4 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:48, Info CSI 000001e5 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:48, Info CSI 000001e7 [SR] Verify complete
2012-06-19 12:29:48, Info CSI 000001e8 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:48, Info CSI 000001e9 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:49, Info CSI 000001eb [SR] Verify complete
2012-06-19 12:29:49, Info CSI 000001ec [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:49, Info CSI 000001ed [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:51, Info CSI 000001f0 [SR] Verify complete
2012-06-19 12:29:51, Info CSI 000001f1 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:51, Info CSI 000001f2 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:52, Info CSI 000001f3 [SR] Cannot repair member file [l:36{18}]"about_For.help.txt" of Microsoft-Windows-PowerShell-PreLoc.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2012-06-19 12:29:53, Info CSI 000001f6 [SR] Cannot repair member file [l:36{18}]"about_For.help.txt" of Microsoft-Windows-PowerShell-PreLoc.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2012-06-19 12:29:53, Info CSI 000001f7 [SR] This component was referenced by [l:266{133}]"Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Microsoft-Windows-Client-Features-Language-Pack"
2012-06-19 12:29:54, Info CSI 000001f9 [SR] Verify complete
2012-06-19 12:29:54, Info CSI 000001fa [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:54, Info CSI 000001fb [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:55, Info CSI 00000200 [SR] Verify complete
2012-06-19 12:29:55, Info CSI 00000201 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:55, Info CSI 00000202 [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:57, Info CSI 0000020a [SR] Verify complete
2012-06-19 12:29:57, Info CSI 0000020b [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:57, Info CSI 0000020c [SR] Beginning Verify and Repair transaction
2012-06-19 12:29:59, Info CSI 00000213 [SR] Verify complete
2012-06-19 12:29:59, Info CSI 00000214 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:29:59, Info CSI 00000215 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:00, Info CSI 0000021a [SR] Verify complete
2012-06-19 12:30:00, Info CSI 0000021b [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:00, Info CSI 0000021c [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:01, Info CSI 00000220 [SR] Verify complete
2012-06-19 12:30:01, Info CSI 00000221 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:01, Info CSI 00000222 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:02, Info CSI 00000224 [SR] Verify complete
2012-06-19 12:30:02, Info CSI 00000225 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:02, Info CSI 00000226 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:04, Info CSI 0000024b [SR] Verify complete
2012-06-19 12:30:04, Info CSI 0000024c [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:04, Info CSI 0000024d [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:05, Info CSI 0000024f [SR] Verify complete
2012-06-19 12:30:05, Info CSI 00000250 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:05, Info CSI 00000251 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:05, Info CSI 00000253 [SR] Verify complete
2012-06-19 12:30:05, Info CSI 00000254 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:05, Info CSI 00000255 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:06, Info CSI 00000257 [SR] Verify complete
2012-06-19 12:30:06, Info CSI 00000258 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:06, Info CSI 00000259 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:07, Info CSI 00000267 [SR] Verify complete
2012-06-19 12:30:07, Info CSI 00000268 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:07, Info CSI 00000269 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:08, Info CSI 0000026b [SR] Verify complete
2012-06-19 12:30:08, Info CSI 0000026c [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:08, Info CSI 0000026d [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:10, Info CSI 0000027b [SR] Verify complete
2012-06-19 12:30:10, Info CSI 0000027c [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:10, Info CSI 0000027d [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:11, Info CSI 0000027f [SR] Verify complete
2012-06-19 12:30:11, Info CSI 00000280 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:11, Info CSI 00000281 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:11, Info CSI 00000283 [SR] Verify complete
2012-06-19 12:30:11, Info CSI 00000284 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:11, Info CSI 00000285 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:12, Info CSI 00000287 [SR] Verify complete
2012-06-19 12:30:12, Info CSI 00000288 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:12, Info CSI 00000289 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:13, Info CSI 0000028c [SR] Verify complete
2012-06-19 12:30:13, Info CSI 0000028d [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:13, Info CSI 0000028e [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:13, Info CSI 00000290 [SR] Verify complete
2012-06-19 12:30:14, Info CSI 00000291 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:14, Info CSI 00000292 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:14, Info CSI 00000294 [SR] Verify complete
2012-06-19 12:30:14, Info CSI 00000295 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:14, Info CSI 00000296 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:15, Info CSI 00000298 [SR] Verify complete
2012-06-19 12:30:15, Info CSI 00000299 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:15, Info CSI 0000029a [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:17, Info CSI 000002a1 [SR] Verify complete
2012-06-19 12:30:17, Info CSI 000002a2 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:17, Info CSI 000002a3 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:19, Info CSI 000002b8 [SR] Verify complete
2012-06-19 12:30:19, Info CSI 000002b9 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:19, Info CSI 000002ba [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:24, Info CSI 000002bc [SR] Verify complete
2012-06-19 12:30:24, Info CSI 000002bd [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:24, Info CSI 000002be [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:25, Info CSI 000002c0 [SR] Verify complete
2012-06-19 12:30:25, Info CSI 000002c1 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:25, Info CSI 000002c2 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:26, Info CSI 000002c5 [SR] Verify complete
2012-06-19 12:30:26, Info CSI 000002c6 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:26, Info CSI 000002c7 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:26, Info CSI 000002ca [SR] Verify complete
2012-06-19 12:30:26, Info CSI 000002cb [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:26, Info CSI 000002cc [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:27, Info CSI 000002ce [SR] Verify complete
2012-06-19 12:30:27, Info CSI 000002cf [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:27, Info CSI 000002d0 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:28, Info CSI 000002d2 [SR] Verify complete
2012-06-19 12:30:28, Info CSI 000002d3 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:28, Info CSI 000002d4 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:29, Info CSI 000002d7 [SR] Verify complete
2012-06-19 12:30:29, Info CSI 000002d8 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:29, Info CSI 000002d9 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:30, Info CSI 000002db [SR] Verify complete
2012-06-19 12:30:30, Info CSI 000002dc [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:30, Info CSI 000002dd [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:31, Info CSI 000002df [SR] Verify complete
2012-06-19 12:30:31, Info CSI 000002e0 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:31, Info CSI 000002e1 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:32, Info CSI 000002e3 [SR] Verify complete
2012-06-19 12:30:32, Info CSI 000002e4 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:32, Info CSI 000002e5 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:33, Info CSI 000002e8 [SR] Verify complete
2012-06-19 12:30:33, Info CSI 000002e9 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:33, Info CSI 000002ea [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:33, Info CSI 000002ec [SR] Verify complete
2012-06-19 12:30:34, Info CSI 000002ed [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:34, Info CSI 000002ee [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:35, Info CSI 000002f0 [SR] Verify complete
2012-06-19 12:30:35, Info CSI 000002f1 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:35, Info CSI 000002f2 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:36, Info CSI 000002f4 [SR] Verify complete
2012-06-19 12:30:36, Info CSI 000002f5 [SR] Verifying 100 (0x0000000000000064) components
2012-06-19 12:30:36, Info CSI 000002f6 [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:37, Info CSI 000002f8 [SR] Verify complete
2012-06-19 12:30:37, Info CSI 000002f9 [SR] Verifying 62 (0x000000000000003e) components
2012-06-19 12:30:37, Info CSI 000002fa [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:37, Info CSI 000002fc [SR] Verify complete
2012-06-19 12:30:37, Info CSI 000002fd [SR] Repairing 2 components
2012-06-19 12:30:37, Info CSI 000002fe [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:37, Info CSI 000002ff [SR] Cannot repair member file [l:36{18}]"about_For.help.txt" of Microsoft-Windows-PowerShell-PreLoc.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2012-06-19 12:30:38, Info CSI 00000301 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store
2012-06-19 12:30:38, Info CSI 00000302 [SR] Cannot repair member file [l:36{18}]"about_For.help.txt" of Microsoft-Windows-PowerShell-PreLoc.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2012-06-19 12:30:38, Info CSI 00000303 [SR] This component was referenced by [l:266{133}]"Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Microsoft-Windows-Client-Features-Language-Pack"
2012-06-19 12:30:38, Info CSI 00000305 [SR] Repair complete
2012-06-19 12:30:38, Info CSI 00000306 [SR] Committing transaction
2012-06-19 12:30:38, Info CSI 0000030a [SR] Unable to complete Verify and Repair transaction because some of the files that need to be repaired are in use. A reboot is required to complete this operation.
2012-06-19 12:30:38, Info CSI 0000030b [SR] Repairing 2 components
2012-06-19 12:30:38, Info CSI 0000030c [SR] Beginning Verify and Repair transaction
2012-06-19 12:30:38, Info CSI 0000030d [SR] Cannot repair member file [l:36{18}]"about_For.help.txt" of Microsoft-Windows-PowerShell-PreLoc.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2012-06-19 12:30:38, Info CSI 0000030f [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store
2012-06-19 12:30:38, Info CSI 00000310 [SR] Cannot repair member file [l:36{18}]"about_For.help.txt" of Microsoft-Windows-PowerShell-PreLoc.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2012-06-19 12:30:38, Info CSI 00000311 [SR] This component was referenced by [l:266{133}]"Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Microsoft-Windows-Client-Features-Language-Pack"
2012-06-19 12:30:38, Info CSI 00000313 [SR] Repair complete
[/CODE]

Share this post


Link to post
Share on other sites

Posted

[quote name='HappyAndyK' timestamp='1325943287' post='594567787']
Have you tried first running the System File Checker and/or the [url="http://www.thewindowsclub.com/diagnose-and-fix-windows-7-firewall-problems-automatically"]Windows Firewall Troubleshooter [/url]from Microsoft?
[/quote]

That is what I did (Windows Firewall Troubleshooter) when I received the same error as the OP. Was actually a little shocked when it worked.
[url="http://support.microsoft.com/mats/windows_firewall_diagnostic/"]http://support.micro...all_diagnostic/[/url]

Share this post


Link to post
Share on other sites

Posted

I unfortunately tried every possible solution given on this thread and to no avail,
my firewall still won't come on, neither will windows defender. I was only able to restart base filtering, any more suggestion... Anyone ?
I'm starting to consider reinstalling window's, if I backup my files is there any danger the virus will copy itself on my backup drive?

I don't think it's still present I ran AVG, security essential and defender offline they all said that my PC was clean any thoughts.

Share this post


Link to post
Share on other sites

Posted

https://sites.google.com/a/obxcompguy.com/foolish-it/d7

Download D7 and go to Windows Repair > Repair Windows Firewall, done. After that open up Firewall.cpl and you should be able to click on Recommended settings and be set.

This tool is specifically designed to fix the damage done by 0.access.

Share this post


Link to post
Share on other sites

Posted

Wow it worked! Thank you very much Cougar Dan

At first it didin't but I restarted D7 with administrative rights and then went in service to start the firewall

tested my firewall at [url="http://www.grc.com"]www.grc.com[/url] with shield's up it's a computer security site I found 6 or 7 years ago
now every thing is in the green

And again thank you all for helping me out

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.