Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win7 Security service disabled


  • Please log in to reply
4 replies to this topic

#1 folk11

folk11

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 PM

Posted 28 April 2012 - 01:17 PM

At the moment I am unable to turn on windows security center service. I am unsure if this is due to a virus. I noticed this when Cisco NAC agent was unable to detect Microsoft security essentials on my PC. I noticed that the firewall was off a was unable to turn on. I got a quick reg fix for this from:

http://download.bleepingcomputer.com/win-services/7/MpsSvc.reg

http://download.bleepingcomputer.com/win-services/7/BFE.reg

This says it enabled the firewall, but I am unsure that it solved the problem. Then I found that windows security center service was disabled and could not be reenabled with the error message:

"The Windows security center service can't be started"

I checked services.msc and "security center" is missing from the list. I can't enable it. From this I somehow found myself running wmidiag.exe and got some errors (no idea how I got to this). Log says that I have a WMI provider CIM registration failure.

Log from wmidiag.exe
------------------------

23990 12:36:51 (0) ** WMIDiag v2.1 started on Saturday, April 28, 2012 at 12:31.
23991 12:36:51 (0) **
23992 12:36:51 (0) ** Copyright © Microsoft Corporation. All rights reserved - July 2007.
23993 12:36:51 (0) **
23994 12:36:51 (0) ** This script is not supported under any Microsoft standard support program or service.
23995 12:36:51 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all
23996 12:36:51 (0) ** implied warranties including, without limitation, any implied warranties of merchantability
23997 12:36:51 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance
23998 12:36:51 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors,
23999 12:36:51 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for
24000 12:36:51 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits,
24001 12:36:51 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of
24002 12:36:51 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised
24003 12:36:51 (0) ** of the possibility of such damages.
24004 12:36:51 (0) **
24005 12:36:51 (0) **
24006 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24007 12:36:51 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ----------------------------------------------------------
24008 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24009 12:36:51 (0) **
24010 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24011 12:36:51 (0) ** Windows 7 - Service Pack 1 - 64-bit (7601) - User 'AFOLK\ALEX FOLK' on computer 'AFOLK'.
24012 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24013 12:36:51 (0) ** INFO: Environment: .................................................................................................. 1 ITEM(S)!
24014 12:36:51 (0) ** INFO: => 9 possible incorrect shutdown(s) detected on:
24015 12:36:51 (0) ** - Shutdown on 09 March 2012 17:47:34 (GMT-0).
24016 12:36:51 (0) ** - Shutdown on 10 March 2012 20:49:51 (GMT-0).
24017 12:36:51 (0) ** - Shutdown on 14 March 2012 23:19:13 (GMT-0).
24018 12:36:51 (0) ** - Shutdown on 25 March 2012 15:03:51 (GMT-0).
24019 12:36:51 (0) ** - Shutdown on 15 April 2012 19:44:11 (GMT-0).
24020 12:36:51 (0) ** - Shutdown on 17 April 2012 19:21:43 (GMT-0).
24021 12:36:51 (0) ** - Shutdown on 19 April 2012 16:22:56 (GMT-0).
24022 12:36:51 (0) ** - Shutdown on 28 April 2012 00:20:57 (GMT-0).
24023 12:36:51 (0) ** - Shutdown on 28 April 2012 17:02:21 (GMT-0).
24024 12:36:51 (0) **
24025 12:36:51 (0) ** System drive: ....................................................................................................... C: (Disk #0 Partition #0).
24026 12:36:51 (0) ** Drive type: ......................................................................................................... IDE (ST9750420AS).
24027 12:36:51 (0) ** There are no missing WMI system files: .............................................................................. OK.
24028 12:36:51 (0) ** There are no missing WMI repository files: .......................................................................... OK.
24029 12:36:51 (0) ** WMI repository state: ............................................................................................... CONSISTENT.
24030 12:36:51 (0) ** AFTER running WMIDiag:
24031 12:36:51 (0) ** The WMI repository has a size of: ................................................................................... 53 MB.
24032 12:36:51 (0) ** - Disk free space on 'C:': .......................................................................................... 245953 MB.
24033 12:36:51 (0) ** - INDEX.BTR, 8536064 bytes, 4/28/2012 12:01:13 PM
24034 12:36:51 (0) ** - MAPPING1.MAP, 152284 bytes, 4/28/2012 11:50:36 AM
24035 12:36:51 (0) ** - MAPPING2.MAP, 152284 bytes, 4/28/2012 12:27:19 PM
24036 12:36:51 (0) ** - OBJECTS.DATA, 46505984 bytes, 4/28/2012 12:01:13 PM
24037 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24038 12:36:51 (2) !! WARNING: Windows Firewall: .......................................................................................... DISABLED.
24039 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24040 12:36:51 (0) ** DCOM Status: ........................................................................................................ OK.
24041 12:36:51 (0) ** WMI registry setup: ................................................................................................. OK.
24042 12:36:51 (0) ** INFO: WMI service has dependents: ................................................................................... 1 SERVICE(S)!
24043 12:36:51 (0) ** - Internet Connection Sharing (ICS) (SHAREDACCESS, StartMode='Automatic')
24044 12:36:51 (0) ** => If the WMI service is stopped, the listed service(s) will have to be stopped as well.
24045 12:36:51 (0) ** Note: If the service is marked with (*), it means that the service/application uses WMI but
24046 12:36:51 (0) ** there is no hard dependency on WMI. However, if the WMI service is stopped,
24047 12:36:51 (0) ** this can prevent the service/application to work as expected.
24048 12:36:51 (0) **
24049 12:36:51 (0) ** RPCSS service: ...................................................................................................... OK (Already started).
24050 12:36:51 (0) ** WINMGMT service: .................................................................................................... OK (Already started).
24051 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24052 12:36:51 (0) ** WMI service DCOM setup: ............................................................................................. OK.
24053 12:36:51 (0) ** WMI components DCOM registrations: .................................................................................. OK.
24054 12:36:51 (0) ** WMI ProgID registrations: ........................................................................................... OK.
24055 12:36:51 (0) ** WMI provider DCOM registrations: .................................................................................... OK.
24056 12:36:51 (0) ** WMI provider CIM registrations: ..................................................................................... OK.
24057 12:36:51 (0) ** WMI provider CLSIDs: ................................................................................................ OK.
24058 12:36:51 (0) ** WMI providers EXE/DLL availability: ................................................................................. OK.
24059 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24060 12:36:51 (0) ** INFO: User Account Control (UAC): ................................................................................... ENABLED.
24061 12:36:51 (0) ** => WMI tasks requiring Administrative privileges on this computer MUST run in an elevated context.
24062 12:36:51 (0) ** i.e. You can start your scripts or WMIC commands from an elevated command
24063 12:36:51 (0) ** prompt by right clicking on the 'Command Prompt' icon in the Start Menu and
24064 12:36:51 (0) ** selecting 'Run as Administrator'.
24065 12:36:51 (0) ** i.e. You can also execute the WMI scripts or WMIC commands as a task
24066 12:36:51 (0) ** in the Task Scheduler within the right security context.
24067 12:36:51 (0) **
24068 12:36:51 (0) ** INFO: Local Account Filtering: ...................................................................................... ENABLED.
24069 12:36:51 (0) ** => WMI tasks remotely accessing WMI information on this computer and requiring Administrative
24070 12:36:51 (0) ** privileges MUST use a DOMAIN account part of the Local Administrators group of this computer
24071 12:36:51 (0) ** to ensure that administrative privileges are granted. If a Local User account is used for remote
24072 12:36:51 (0) ** accesses, it will be reduced to a plain user (filtered token), even if it is part of the Local Administrators group.
24073 12:36:51 (0) **
24074 12:36:51 (0) ** Overall DCOM security status: ....................................................................................... OK.
24075 12:36:51 (0) ** Overall WMI security status: ........................................................................................ OK.
24076 12:36:51 (0) ** - Started at 'Root' --------------------------------------------------------------------------------------------------------------
24077 12:36:51 (0) ** INFO: WMI permanent SUBSCRIPTION(S): ................................................................................ 1.
24078 12:36:51 (0) ** - ROOT/SUBSCRIPTION, NTEventLogEventConsumer.Name="SCM Event Log Consumer".
24079 12:36:51 (0) ** 'select * from MSFT_SCMEventLogEvent'
24080 12:36:51 (0) **
24081 12:36:51 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE.
24082 12:36:51 (1) !! ERROR: WMI MONIKER CONNECTION errors occured for the following namespaces: .......................................... 6 ERROR(S)!
24083 12:36:51 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTTPM, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24084 12:36:51 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTVOLUMEENCRYPTION, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24085 12:36:51 (0) ** - ROOT/SECURITY, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24086 12:36:51 (0) ** - ROOT/RSOP/USER, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24087 12:36:51 (0) ** - ROOT/RSOP/COMPUTER, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24088 12:36:51 (0) ** - ROOT/SERVICEMODEL, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24089 12:36:51 (0) **
24090 12:36:51 (1) !! ERROR: WMI CONNECTION errors occured for the following namespaces: .................................................. 7 ERROR(S)!
24091 12:36:51 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTTPM, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24092 12:36:51 (0) ** - ROOT/CIMV2/SECURITY/MICROSOFTVOLUMEENCRYPTION, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24093 12:36:51 (0) ** - ROOT/SECURITY, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24094 12:36:51 (0) ** - ROOT/RSOP/USER, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24095 12:36:51 (0) ** - ROOT/RSOP/COMPUTER, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24096 12:36:51 (0) ** - ROOT/SERVICEMODEL, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24097 12:36:51 (0) ** - Root/SECURITY, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24098 12:36:51 (0) **
24099 12:36:51 (1) !! ERROR: WMI GET operation errors reported: ........................................................................... 57 ERROR(S)!
24100 12:36:51 (0) ** - Root, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24101 12:36:51 (0) ** MOF Registration: ''
24102 12:36:51 (0) ** - ROOT/SUBSCRIPTION, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24103 12:36:51 (0) ** MOF Registration: ''
24104 12:36:51 (0) ** - ROOT/DEFAULT, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24105 12:36:51 (0) ** MOF Registration: ''
24106 12:36:51 (0) ** - ROOT/CIMV2, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24107 12:36:51 (0) ** MOF Registration: ''
24108 12:36:51 (0) ** - ROOT/CIMV2/SECURITY, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24109 12:36:51 (0) ** MOF Registration: ''
24110 12:36:51 (0) ** - ROOT/CIMV2/POWER, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24111 12:36:51 (0) ** MOF Registration: ''
24112 12:36:51 (0) ** - ROOT/CIMV2/APPLICATIONS, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24113 12:36:51 (0) ** MOF Registration: ''
24114 12:36:51 (0) ** - ROOT/CIMV2/APPLICATIONS/WINDOWSPARENTALCONTROLS, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24115 12:36:51 (0) ** MOF Registration: ''
24116 12:36:51 (0) ** - ROOT/CIMV2/APPLICATIONS/GAMES, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24117 12:36:51 (0) ** MOF Registration: ''
24118 12:36:51 (0) ** - ROOT/CLI, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24119 12:36:51 (0) ** MOF Registration: ''
24120 12:36:51 (0) ** - ROOT/NAP, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24121 12:36:51 (0) ** MOF Registration: ''
24122 12:36:51 (0) ** - ROOT/SECURITYCENTER2, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24123 12:36:51 (0) ** MOF Registration: ''
24124 12:36:51 (0) ** - ROOT/RSOP, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24125 12:36:51 (0) ** MOF Registration: ''
24126 12:36:51 (0) ** - ROOT/WMI, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24127 12:36:51 (0) ** MOF Registration: ''
24128 12:36:51 (0) ** - ROOT/DIRECTORY, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24129 12:36:51 (0) ** MOF Registration: ''
24130 12:36:51 (0) ** - ROOT/DIRECTORY/LDAP, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24131 12:36:51 (0) ** MOF Registration: ''
24132 12:36:51 (0) ** - ROOT/INTEROP, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24133 12:36:51 (0) ** MOF Registration: ''
24134 12:36:51 (0) ** - ROOT/SECURITYCENTER, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24135 12:36:51 (0) ** MOF Registration: ''
24136 12:36:51 (0) ** - ROOT/MSAPPS12, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24137 12:36:51 (0) ** MOF Registration: ''
24138 12:36:51 (0) ** - ROOT/MICROSOFT, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24139 12:36:51 (0) ** MOF Registration: ''
24140 12:36:51 (0) ** - ROOT/MICROSOFT/HOMENET, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24141 12:36:51 (0) ** MOF Registration: ''
24142 12:36:51 (0) ** - ROOT/ASPNET, __SystemSecurity, 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24143 12:36:51 (0) ** MOF Registration: ''
24144 12:36:51 (0) ** - Root/CIMV2, MSFT_NetInvalidDriverDependency, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24145 12:36:51 (0) ** MOF Registration: ''
24146 12:36:51 (0) ** - Root/CIMV2, Win32_OsBaselineProvider, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24147 12:36:51 (0) ** MOF Registration: ''
24148 12:36:51 (0) ** - Root/CIMV2, Win32_OsBaseline, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24149 12:36:51 (0) ** MOF Registration: ''
24150 12:36:51 (0) ** - Root/CIMV2, Win32_DriverVXD, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24151 12:36:51 (0) ** MOF Registration: ''
24152 12:36:51 (0) ** - Root/CIMV2, Win32_PerfFormattedData_Counters_GenericIKEandAuthIP, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24153 12:36:51 (0) ** MOF Registration: ''
24154 12:36:51 (0) ** - Root/CIMV2, Win32_PerfRawData_Counters_GenericIKEandAuthIP, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24155 12:36:51 (0) ** MOF Registration: ''
24156 12:36:51 (0) ** - Root/CIMV2, Win32_PerfFormattedData_Counters_IPsecAuthIPv4, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24157 12:36:51 (0) ** MOF Registration: ''
24158 12:36:51 (0) ** - Root/CIMV2, Win32_PerfRawData_Counters_IPsecAuthIPv4, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24159 12:36:51 (0) ** MOF Registration: ''
24160 12:36:51 (0) ** - Root/CIMV2, Win32_PerfFormattedData_Counters_IPsecAuthIPv6, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24161 12:36:51 (0) ** MOF Registration: ''
24162 12:36:51 (0) ** - Root/CIMV2, Win32_PerfRawData_Counters_IPsecAuthIPv6, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24163 12:36:51 (0) ** MOF Registration: ''
24164 12:36:51 (0) ** - Root/CIMV2, Win32_PerfFormattedData_Counters_IPsecIKEv4, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24165 12:36:51 (0) ** MOF Registration: ''
24166 12:36:51 (0) ** - Root/CIMV2, Win32_PerfRawData_Counters_IPsecIKEv4, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24167 12:36:51 (0) ** MOF Registration: ''
24168 12:36:51 (0) ** - Root/CIMV2, Win32_PerfFormattedData_Counters_IPsecIKEv6, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24169 12:36:51 (0) ** MOF Registration: ''
24170 12:36:51 (0) ** - Root/CIMV2, Win32_PerfRawData_Counters_IPsecIKEv6, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24171 12:36:51 (0) ** MOF Registration: ''
24172 12:36:51 (0) ** - Root/CIMV2, Win32_PerfFormattedData_RemoteAccess_RASPort, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24173 12:36:51 (0) ** MOF Registration: ''
24174 12:36:51 (0) ** - Root/CIMV2, Win32_PerfRawData_RemoteAccess_RASPort, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24175 12:36:51 (0) ** MOF Registration: ''
24176 12:36:51 (0) ** - Root/CIMV2, Win32_PerfFormattedData_RemoteAccess_RASTotal, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24177 12:36:51 (0) ** MOF Registration: ''
24178 12:36:51 (0) ** - Root/CIMV2, Win32_PerfRawData_RemoteAccess_RASTotal, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24179 12:36:51 (0) ** MOF Registration: ''
24180 12:36:51 (0) ** - Root/CIMV2, Win32_PerfFormattedData_TermService_TerminalServices, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24181 12:36:51 (0) ** MOF Registration: ''
24182 12:36:51 (0) ** - Root/CIMV2, Win32_PerfRawData_TermService_TerminalServices, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24183 12:36:51 (0) ** MOF Registration: ''
24184 12:36:51 (0) ** - Root/CIMV2, Win32_Service='WSCSVC', 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24185 12:36:51 (0) ** MOF Registration: ''
24186 12:36:51 (0) ** - Root/WMI, ReserveDisjoinThread, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24187 12:36:51 (0) ** MOF Registration: ''
24188 12:36:51 (0) ** - Root/WMI, ReserveLateCount, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24189 12:36:51 (0) ** MOF Registration: ''
24190 12:36:51 (0) ** - Root/WMI, ReserveJoinThread, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24191 12:36:51 (0) ** MOF Registration: ''
24192 12:36:51 (0) ** - Root/WMI, ReserveDelete, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24193 12:36:51 (0) ** MOF Registration: ''
24194 12:36:51 (0) ** - Root/WMI, ReserveBandwidth, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24195 12:36:51 (0) ** MOF Registration: ''
24196 12:36:51 (0) ** - Root/WMI, ReserveCreate, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24197 12:36:51 (0) ** MOF Registration: ''
24198 12:36:51 (0) ** - Root/WMI, SystemConfig_PhyDisk, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24199 12:36:51 (0) ** MOF Registration: ''
24200 12:36:51 (0) ** - Root/WMI, SystemConfig_Video, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24201 12:36:51 (0) ** MOF Registration: ''
24202 12:36:51 (0) ** - Root/WMI, SystemConfig_IDEChannel, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24203 12:36:51 (0) ** MOF Registration: ''
24204 12:36:51 (0) ** - Root/WMI, SystemConfig_NIC, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24205 12:36:51 (0) ** MOF Registration: ''
24206 12:36:51 (0) ** - Root/WMI, SystemConfig_Network, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24207 12:36:51 (0) ** MOF Registration: ''
24208 12:36:51 (0) ** - Root/WMI, SystemConfig_CPU, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24209 12:36:51 (0) ** MOF Registration: ''
24210 12:36:51 (0) ** - Root/WMI, SystemConfig_LogDisk, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24211 12:36:51 (0) ** MOF Registration: ''
24212 12:36:51 (0) ** - Root/WMI, SystemConfig_Power, 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found.
24213 12:36:51 (0) ** MOF Registration: ''
24214 12:36:51 (0) ** => When a WMI performance class is missing (i.e. 'Win32_PerfRawData_TermService_TerminalServices'), it is generally due to
24215 12:36:51 (0) ** a lack of buffer refresh of the WMI class provider exposing the WMI performance counters.
24216 12:36:51 (0) ** You can refresh the WMI class provider buffer with the following command:
24217 12:36:51 (0) **
24218 12:36:51 (0) ** i.e. 'WINMGMT.EXE /SYNCPERF'
24219 12:36:51 (0) **
24220 12:36:51 (0) ** WMI MOF representations: ............................................................................................ OK.
24221 12:36:51 (0) ** WMI QUALIFIER access operations: .................................................................................... OK.
24222 12:36:51 (1) !! ERROR: WMI ENUMERATION operation errors reported: ................................................................... 1 ERROR(S)!
24223 12:36:51 (0) ** - ROOT/WMI, InstancesOfAsync, 'MSMouse', 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action.
24224 12:36:51 (0) ** MOF Registration: ''
24225 12:36:51 (0) **
24226 12:36:51 (0) ** WMI EXECQUERY operations: ........................................................................................... OK.
24227 12:36:51 (0) ** WMI GET VALUE operations: ........................................................................................... OK.
24228 12:36:51 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED.
24229 12:36:51 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED.
24230 12:36:51 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED.
24231 12:36:51 (0) ** WMI static instances retrieved: ..................................................................................... 1778.
24232 12:36:51 (0) ** WMI dynamic instances retrieved: .................................................................................... 0.
24233 12:36:51 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 1.
24234 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24235 12:36:51 (0) ** # of Event Log events BEFORE WMIDiag execution since the last 20 day(s):
24236 12:36:51 (0) ** DCOM: ............................................................................................................. 0.
24237 12:36:51 (0) ** WINMGMT: .......................................................................................................... 0.
24238 12:36:51 (0) ** WMIADAPTER: ....................................................................................................... 0.
24239 12:36:51 (0) **
24240 12:36:51 (0) ** # of additional Event Log events AFTER WMIDiag execution:
24241 12:36:51 (0) ** DCOM: ............................................................................................................. 0.
24242 12:36:51 (0) ** WINMGMT: .......................................................................................................... 0.
24243 12:36:51 (0) ** WMIADAPTER: ....................................................................................................... 0.
24244 12:36:51 (0) **
24245 12:36:51 (0) ** 36 error(s) 0x80041003 - (WBEM_E_ACCESS_DENIED) Current user does not have permission to perform the action
24246 12:36:51 (0) ** => This error is typically due to insufficient or restricted permissions in the examined system.
24247 12:36:51 (0) ** => ENSURE you are a Full Administrator of the examined system, if the WMI provider or the
24248 12:36:51 (0) ** WMI system security do not enforce any restrictions.
24249 12:36:51 (0) **
24250 12:36:51 (0) **
24251 12:36:51 (0) ** 35 error(s) 0x80041002 - (WBEM_E_NOT_FOUND) Object cannot be found
24252 12:36:51 (0) ** => This error is typically a WMI error. This WMI error is due to:
24253 12:36:51 (0) ** - a missing WMI class definition or object.
24254 12:36:51 (0) ** (See any GET, ENUMERATION, EXECQUERY and GET VALUE operation failures).
24255 12:36:51 (0) ** You can correct the missing class definitions by:
24256 12:36:51 (0) ** - Manually recompiling the MOF file(s) with the 'MOFCOMP <FileName.MOF>' command.
24257 12:36:51 (0) ** Note: You can build a list of classes in relation with their WMI provider and MOF file with WMIDiag.
24258 12:36:51 (0) ** (This list can be built on a similar and working WMI Windows installation)
24259 12:36:51 (0) ** The following command line must be used:
24260 12:36:51 (0) ** i.e. 'WMIDiag CorrelateClassAndProvider'
24261 12:36:51 (0) ** Note: When a WMI performance class is missing, you can manually resynchronize performance counters
24262 12:36:51 (0) ** with WMI by starting the ADAP process.
24263 12:36:51 (0) ** - a WMI repository corruption.
24264 12:36:51 (0) ** In such a case, you must rerun WMIDiag with 'WriteInRepository' parameter
24265 12:36:51 (0) ** to validate the WMI repository operations.
24266 12:36:51 (0) ** Note: ENSURE you are an administrator with FULL access to WMI EVERY namespaces of the computer before
24267 12:36:51 (0) ** executing the WriteInRepository command. To write temporary data from the Root namespace, use:
24268 12:36:51 (0) ** i.e. 'WMIDiag WriteInRepository=Root'
24269 12:36:51 (0) ** - If the WriteInRepository command fails, while being an Administrator with ALL accesses to ALL namespaces
24270 12:36:51 (0) ** the WMI repository must be reconstructed.
24271 12:36:51 (0) ** Note: The WMI repository reconstruction requires to locate all MOF files needed to rebuild the repository,
24272 12:36:51 (0) ** otherwise some applications may fail after the reconstruction.
24273 12:36:51 (0) ** This can be achieved with the following command:
24274 12:36:51 (0) ** i.e. 'WMIDiag ShowMOFErrors'
24275 12:36:51 (0) ** Note: The repository reconstruction must be a LAST RESORT solution and ONLY after executing
24276 12:36:51 (0) ** ALL fixes previously mentioned.
24277 12:36:51 (2) !! WARNING: Static information stored by external applications in the repository will be LOST! (i.e. SMS Inventory)
24278 12:36:51 (0) **
24279 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24280 12:36:51 (0) ** Unexpected, wrong or missing registry key values: ................................................................... 1 KEY(S)!
24281 12:36:51 (0) ** INFO: Unexpected registry key value:
24282 12:36:51 (0) ** - Current: HKLM\SOFTWARE\Microsoft\WBEM\CIMOM\Logging (REG_SZ) -> 0
24283 12:36:51 (0) ** - Expected: HKLM\SOFTWARE\Microsoft\WBEM\CIMOM\Logging (REG_SZ) -> 1
24284 12:36:51 (0) ** From the command line, the registry configuration can be corrected with the following command:
24285 12:36:51 (0) ** i.e. 'REG.EXE Add "HKLM\SOFTWARE\Microsoft\WBEM\CIMOM" /v "Logging" /t "REG_SZ" /d "1" /f'
24286 12:36:51 (0) **
24287 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24288 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24289 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24290 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24291 12:36:51 (0) **
24292 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24293 12:36:51 (0) ** ------------------------------------------------------ WMI REPORT: END -----------------------------------------------------------
24294 12:36:51 (0) ** ----------------------------------------------------------------------------------------------------------------------------------
24295 12:36:51 (0) **
24296 12:36:51 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\USERS\ALEX FOLK\APPDATA\LOCAL\TEMP\WMIDIAG-V2.1_WIN7_.CLI.SP1.64_AFOLK_2012.04.28_12.31.07.LOG' for details.
24297 12:36:51 (0) **
24298 12:36:51 (0) ** WMIDiag v2.1 ended on Saturday, April 28, 2012 at 12:36 (W:56 E:78 S:1).

-------------------------


This log says the firewall is still down so I don't think my fix worked. PC is showing no signs of popups or any obvious virus, atm.

A fix would be very appreciated as I am stumped as to fixing this.

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 PM

Posted 28 April 2012 - 02:05 PM

You will need to right Click and run as Admin for both programs.

Please download Farbar Service Scanner and run it on the computer with the issue.
•Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
•Press "Scan".
•It will create a log (FSS.txt) in the same directory the tool is run.
•Please copy and paste the log to your reply.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Edited by InadequateInfirmity, 28 April 2012 - 02:06 PM.


#3 folk11

folk11
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 PM

Posted 28 April 2012 - 02:14 PM

Farbar Service Scanner Version: 24-04-2012
Ran by Alex Folk (administrator) on 28-04-2012 at 14:08:44
Running from "C:\Users\Alex Folk\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open WinDefend registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

-----------------------------------------------------------------------------------------------------------

MiniToolBox by Farbar Version: 18-01-2012
Ran by Alex Folk (administrator) on 28-04-2012 at 14:11:06
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15218 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Hardware not present)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Hardware not present)
Atheros AR9002WB-1NG Wireless Network Adapter = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=5.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="VMware Network Adapter VMnet1" address=192.168.80.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.201.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : afolk
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : resnet.uah.edu

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : resnet.uah.edu
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F4-6D-04-17-E8-1B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2c01:86e1:ec54:1a49%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.1.181.26(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Lease Obtained. . . . . . . . . . : Saturday, April 28, 2012 1:34:30 PM
Lease Expires . . . . . . . . . . : Saturday, April 28, 2012 7:36:09 PM
Default Gateway . . . . . . . . . : fe80::288f:867d:5be1:bad1%11
fe80::f4f3:c895:528:a3df%11
10.1.191.254
DHCP Server . . . . . . . . . . . : 10.1.104.250
DHCPv6 IAID . . . . . . . . . . . : 351563012
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-32-BB-B9-E0-B9-A5-48-07-8F
DNS Servers . . . . . . . . . . . : 146.229.56.2
146.229.1.200
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9002WB-1NG Wireless Network Adapter
Physical Address. . . . . . . . . : E0-B9-A5-48-07-8F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Hamachi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-05-45-30-BE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2620:9b::545:30be(Preferred)
Link-local IPv6 Address . . . . . : fe80::b978:2ca4:f0ba:425b%22(Preferred)
IPv4 Address. . . . . . . . . . . : 5.69.48.190(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : Saturday, April 28, 2012 1:34:17 PM
Lease Expires . . . . . . . . . . : Saturday, April 28, 2012 2:16:38 PM
Default Gateway . . . . . . . . . : 5.0.0.1
DHCP Server . . . . . . . . . . . : 5.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 528120093
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-32-BB-B9-E0-B9-A5-48-07-8F
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{13A20033-2470-463B-AF83-B1CEE591D721}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{89477218-E58D-4021-B7AB-4CBBA0321DF7}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: ns2.uah.edu
Address: 146.229.56.2

Name: google.com
Addresses: 173.194.37.32
173.194.37.33
173.194.37.34
173.194.37.35
173.194.37.36
173.194.37.37
173.194.37.38
173.194.37.39
173.194.37.40
173.194.37.41
173.194.37.46


Pinging google.com [173.194.37.46] with 32 bytes of data:
Reply from 173.194.37.46: bytes=32 time=8ms TTL=58
Reply from 173.194.37.46: bytes=32 time=8ms TTL=58

Ping statistics for 173.194.37.46:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 8ms, Maximum = 8ms, Average = 8ms
Server: ns2.uah.edu
Address: 146.229.56.2

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=29ms TTL=55
Reply from 209.191.122.70: bytes=32 time=29ms TTL=55

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 29ms, Average = 29ms
Server: ns2.uah.edu
Address: 146.229.56.2

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...f4 6d 04 17 e8 1b ......Realtek PCIe GBE Family Controller
10...e0 b9 a5 48 07 8f ......Atheros AR9002WB-1NG Wireless Network Adapter
22...7a 79 05 45 30 be ......Hamachi Network Interface
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 5.0.0.1 5.69.48.190 9256
0.0.0.0 0.0.0.0 10.1.191.254 10.1.181.26 30
5.0.0.0 255.0.0.0 On-link 5.69.48.190 9256
5.69.48.190 255.255.255.255 On-link 5.69.48.190 9256
5.255.255.255 255.255.255.255 On-link 5.69.48.190 9256
10.1.176.0 255.255.240.0 On-link 10.1.181.26 286
10.1.181.26 255.255.255.255 On-link 10.1.181.26 286
10.1.191.255 255.255.255.255 On-link 10.1.181.26 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.1.181.26 286
224.0.0.0 240.0.0.0 On-link 5.69.48.190 9256
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.1.181.26 286
255.255.255.255 255.255.255.255 On-link 5.69.48.190 9256
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 5.0.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 286 ::/0 fe80::288f:867d:5be1:bad1
11 286 ::/0 fe80::f4f3:c895:528:a3df
1 306 ::1/128 On-link
22 276 2620:9b::/64 On-link
22 276 2620:9b::/96 On-link
22 276 2620:9b::545:30be/128 On-link
11 286 fe80::/64 On-link
22 276 fe80::/64 On-link
11 286 fe80::2c01:86e1:ec54:1a49/128
On-link
22 276 fe80::b978:2ca4:f0ba:425b/128
On-link
1 306 ff00::/8 On-link
11 286 ff00::/8 On-link
22 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
===========================================================================

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/28/2012 01:34:47 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/28/2012 01:34:47 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/28/2012 01:34:47 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/28/2012 01:34:47 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (04/28/2012 01:34:45 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/28/2012 01:34:45 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (04/28/2012 01:34:45 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/28/2012 01:34:45 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/28/2012 01:34:45 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (04/28/2012 01:34:45 PM) (Source: ESENT) (User: )
Description: Windows (3776) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0008F.log.


System errors:
=============
Error: (04/28/2012 01:34:58 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/28/2012 01:34:54 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (04/28/2012 01:34:54 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (04/28/2012 01:34:54 PM) (Source: DCOM) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (04/28/2012 01:34:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (04/28/2012 01:34:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (04/28/2012 01:34:44 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Error: (04/28/2012 01:34:35 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (04/28/2012 01:34:35 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

Error: (04/28/2012 00:26:19 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{67C4CD4C-1729-42A9-80F6-19545F405DAB}.
The backup browser is stopping.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Ace of Spades (Version: 0.70.017)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.233)
Apple Application Support (Version: 2.0.1)
Apple Software Update (Version: 2.1.3.127)
Assassin's Creed
Assassin's Creed II
ASUS AI Recovery (Version: 1.0.13)
ASUS LifeFrame3 (Version: 3.0.21)
ASUS Live Update (Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.42)
ASUS SmartLogon (Version: 1.0.0011)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0031)
ASUS Virtual Camera (Version: 1.0.21)
Asus_GSeries_Screensaver (Version: 1.0.0001)
AsusVibe2.0 (Version: 2.0.5.103)
Atheros WLAN and Bluetooth Client Installation Program (Version: 9.0)
ATK Package (Version: 1.0.0007)
Bastion
BioShock
BioShock 2
Bluetooth Win7 Suite (64) (Version: 7.2.0.45)
Borderlands
CCleaner (Version: 3.12)
Cisco Connect (Version: 1.4.11200.0)
Cisco NAC Agent (Version: 4.7.4.2)
Complemento Messenger (Version: 15.4.3502.0922)
Complément Messenger (Version: 15.4.3502.0922)
Cooking Dash
Crystal Reports Basic for Visual Studio 2008 (Version: 10.5.0.0)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (Version: 10.5.0.0)
CyberLink LabelPrint (Version: 2.5.1908)
CyberLink Power2Go (Version: 6.1.3602c)
D3DX10 (Version: 15.4.2368.0902)
Dead Space
Dead Space 2
Dev-C++ 5 beta 9 release (4.9.9.2)
DirectX 9 Runtime (Version: 1.00.0000)
Dungeons of Dredmor
ExpressGate Cloud (Version: 2.1.91.412)
F.E.A.R. 2: Project Origin
Fall Further 051
Fresco Logic USB3.0 Host Controller (Version: 3.0.116.3)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 18.0.1025.162)
Google Update Helper (Version: 1.2.183.13)
Half-Life
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Turbo Boost Technology Monitor (Version: 1.0.400.4)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 3 (64-bit) (Version: 7.0.30)
Junk Mail filter update (Version: 15.4.3502.0922)
Left 4 Dead 2
LogMeIn Hamachi (Version: 2.1.0.124)
Magicka
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Messenger ???? (Version: 15.4.3502.0922)
Messenger ????? (Version: 15.4.3502.0922)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Compact Framework 2.0 SP2 (Version: 2.0.7045)
Microsoft .NET Compact Framework 3.5 (Version: 3.5.7283)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Device Emulator (64 bit) version 3.0 - ENU (Version: 9.0.21022)
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008 (Version: 9.0.21022)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066)
Microsoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 Management Objects (Version: 10.0.1600.22)
Microsoft SQL Server Compact 3.5 Design Tools ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 for Devices ENU (Version: 3.5.5386.0)
Microsoft SQL Server Database Publishing Wizard 1.2 (Version: 1.2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio 2008 Professional Edition - ENU (Version: 9.0.21022)
Microsoft Visual Studio 2008 Remote Debugger - ENU
Microsoft Visual Studio 2008 Remote Debugger - ENU (Version: 9.0.21022)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (Version: 1)
Microsoft Visual Studio Web Authoring Component (Version: 12.0.4518.1066)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (Version: 3.5.21022)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011)
Microsoft Windows SDK for Visual Studio 2008 Tools (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (Version: 6.1.5288.17011)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSDN Library for Visual Studio 2008 - ENU (Version: 9.0)
MSDN Library for Visual Studio 2008 - ENU (Version: 9.0.21022)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Notepad++ (Version: 5.9.3)
Nuance PDF Reader (Version: 6.00.0041)
NVIDIA 3D Vision Controller Driver (Version: 266.19)
NVIDIA 3D Vision Driver 266.86 (Version: 266.86)
NVIDIA Control Panel 266.86 (Version: 266.86)
NVIDIA Graphics Driver 266.86 (Version: 266.86)
NVIDIA HD Audio Driver 1.1.13.1 (Version: 1.1.13.1)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA PhysX (Version: 9.10.0513)
NVIDIA PhysX v8.10.29 (Version: 8.10.29)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6686)
Orcs Must Die!
Portal
Psychonauts
QuickTime (Version: 7.70.80.34)
Realtek Ethernet Controller Driver (Version: 7.37.1229.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6273)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10001)
Sid Meier's Civilization 4 - Beyond the Sword (Version: 3.19)
Sid Meier's Civilization 4 - Warlords (Version: 2.13)
Sid Meier's Civilization 4 (Version: 1.09)
Sid Meier's Civilization 4 (Version: 1.74)
Sid Meier's Civilization V
Sizer 3.33 (Version: 1.0.0.0)
Skype™ 5.5 (Version: 5.5.124)
Spybot - Search & Destroy (Version: 1.6.2)
SQL Server System CLR Types (Version: 10.0.1600.22)
SSH Secure Shell
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 15.1.8.0)
Terraria
The Elder Scrolls V: Skyrim
THX TruStudio (Version: 1.03.00)
tools-linux (Version: 8.4.6.16648)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221) (Version: 1)
VC Runtimes MSI (Version: 9.0.21022)
Visual Studio .NET Prerequisites - English (Version: 9.0.21022)
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022)
VMware Player (Version: 3.1.4.16648)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile 5.0 SDK R2 for Pocket PC (Version: 5.00.1700.5.14343.06)
Windows Mobile 5.0 SDK R2 for Smartphone (Version: 5.00.1700.5.14343.06)
WinFlash (Version: 2.31.1)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
Wireless Console 3 (Version: 3.0.19)
Xming 6.9.0.31 (Version: 6.9.0.31)

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 8169.16 MB
Available physical RAM: 6166.02 MB
Total Pagefile: 16336.51 MB
Available Pagefile: 14207.24 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.87 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:463.87 GB) (Free:240.16 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:234.77 GB) (Free:134.42 GB) NTFS

========================= Users: ========================================

User accounts for \\AFOLK

__vmware_user__ Administrator Alex Folk
Guest

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 PM

Posted 28 April 2012 - 04:47 PM

Please Do the following.

Open Notepad and copy the text below into it and save it to your desktop call it SecurityCenter.reg then right click it and select merge Reboot your machine
and then,go here and set your services back to default select your correct os and download and unzip the file to your desktop Right click and select Merge
Reboot your machine.
http://www.blackviper.com/2010/12/16/windows-7-service-pack-1-services-registry-files-2/


run sfc /scannow
http://www.vistax64.com/crashes-debugging/293687-sfc-scannow.html then reboot your machine and visit windows update.
http://www.update.microsoft.com/windowsupdate/v6/thanks.aspx?ln=en&&thankspage=5

Please create a restore point prior to doing this,standard for any registry adjustments, :)
http://www.vistax64.com/tutorials/76332-system-restore-point-create.html


Please Go here and set your Hosts Files Back to default.Run the Microsoft fix it.
http://support.microsoft.com/kb/972034

Disable indexing on your machine.

http://www.addictivetips.com/windows-tips/disable-search-indexing-in-windows-7/

After the registry fix has been run the please do the following.


Download Windows Repair (all in one) from this site
http://majorgeeks.com/Tweaking.com_-_Windows_Repair_d7141.html

Install the programme then run

Go to step 2 and allow it to run Disc check


Once that is done then go to step 3 and allow it to run SFC



On the start repairs tab select Custom mode and then only uncheck the following prior to starting.


Repair cd/dvd not working
repair side bar gadget

Now run the tool and reboot your machine when finished,



Start copying below the line.

_________________________________________________________________


Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\wscsvc]
"DisplayName"="@%SystemRoot%\\System32\\wscsvc.dll,-200"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,52,00,65,00,73,00,74,00,\
72,00,69,00,63,00,74,00,65,00,64,00,00,00
"Start"=dword:00000002
"Type"=dword:00000020
"Description"="@%SystemRoot%\\System32\\wscsvc.dll,-201"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,77,00,69,00,6e,00,\
6d,00,67,00,6d,00,74,00,00,00,00,00
"ObjectName"="NT AUTHORITY\\LocalService"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,00,00
"DelayedAutoStart"=dword:00000001
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\wscsvc\Enum]
"0"="Root\\LEGACY_WSCSVC\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\wscsvc\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,59,00,53,00,54,00,45,00,4d,00,52,00,4f,00,4f,\
00,54,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
77,00,73,00,63,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\wscsvc\Security]
"Security"=hex:01,00,14,80,c8,00,00,00,d4,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,98,00,06,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\
00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,14,00,00,01,\
00,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,28,00,15,00,00,00,01,06,00,\
00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,\
7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,\
00,00,00

Edited by InadequateInfirmity, 28 April 2012 - 04:49 PM.


#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 PM

Posted 28 April 2012 - 05:27 PM

Also uninstall spybot search and destroy.
Spybot - Search & Destroy (Version: 1.6.2) (useless)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users