Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

The group policy service client failed the logon. Access in denied


  • Please log in to reply
25 replies to this topic

#1 wes1584

wes1584

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 03 July 2013 - 05:56 PM

It seems I had some sort of Trojan/Virus at some point. Looks like I got rid of it for the most part considering Malwarebytes and Kapersky no longer pic up any sort of inefection. However it left some lasting damage in the form of that error message that I get when I try to log on my main user.

I can still access it in safe mode but that is it.  Only thing I was able to do so far was just create an entirely new user with admin rights and transfer everything from one to the other. However now with this new user I keep getting a counterfeit windows error that won't go away. So fixing my orignal one and regaining access to it would be nice. All attempts so far have failed so any help at all would be greatly appreciated.


Edited by hamluis, 03 July 2013 - 07:45 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:13 PM

Posted 03 July 2013 - 06:40 PM

Hi -

EDIT - Please click on Follow this topic at the top Right side, and select Instantly -

You can post these one at a time if it is easier for you -

 

:step1: Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

 

:step2: Please download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 Click Go and copy / paste the result (Result.txt).

 

 

:step3: Download Malwarebytes' Anti-Malware Free (aka MBAM)
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
Be sure to reboot the computer after you post the log.

 

 

 

:step4: Download SUPERAntiSpyware Free (aka SAS)
* Double-click SAS -setup.exe and follow the prompts to install the program.
* At the end, be sure to Check for Updates to be sure it is current
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

 

Be sure to reboot the computer after you post the log.

 

Thank You -


Edited by noknojon, 03 July 2013 - 06:44 PM.


#3 wes1584

wes1584
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 03 July 2013 - 07:04 PM

Okay here is SecurityCheck Log:

 Results of screen317's Security Check version 0.99.68  
 Windows 7  x64 (UAC is enabled)  
 Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java™ 6 Update 27  
 Java version out of Date!
 Adobe Flash Player 11.7.700.224  
 Adobe Reader XI  
 Mozilla Firefox (22.0)
 Google Chrome 22.0.1229.95  
 Google Chrome 27.0.1453.116  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


 



#4 wes1584

wes1584
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 03 July 2013 - 07:06 PM

MiniToolBox Log:

MiniToolBox by Farbar  Version: 16-06-2013
Ran by Wesley1 (administrator) on 03-07-2013 at 15:59:35
Running from "C:\Users\Wesley1\Desktop"
Windows 7 Home Premium  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost


127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)
Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 4 (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 5 (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 6 (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 7 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Wesley-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gci.net

Ethernet adapter Local Area Connection 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9 #5
   Physical Address. . . . . . . . . : 00-FF-E5-5A-9D-72
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9 #4
   Physical Address. . . . . . . . . : 00-FF-67-14-F4-B6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 5:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9 #3
   Physical Address. . . . . . . . . : 00-FF-A1-8A-9A-AC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 4:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9 #2
   Physical Address. . . . . . . . . : 00-FF-DA-4F-A0-14
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9
   Physical Address. . . . . . . . . : 00-FF-85-08-D9-77
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 70-F1-A1-53-95-28
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : gci.net
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 70-5A-B6-BE-CE-A0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1c7d:d07d:88ce:a9e7%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 65.74.102.143(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Lease Obtained. . . . . . . . . . : Wednesday, July 03, 2013 1:57:42 PM
   Lease Expires . . . . . . . . . . : Thursday, July 04, 2013 1:57:42 PM
   Default Gateway . . . . . . . . . : 65.74.100.1
   DHCP Server . . . . . . . . . . . : 209.165.131.55
   DHCPv6 IAID . . . . . . . . . . . : 242244278
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-67-E4-BC-70-5A-B6-BE-CE-A0
   DNS Servers . . . . . . . . . . . : 209.165.131.12
                                       209.165.131.13
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{6714F4B6-9179-431F-83E0-5346CAC2034A}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E55A9D72-2D0C-46C9-8CED-50EBA3A326BE}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #9
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #8
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A18A9AAC-9137-408C-86BC-8D57F5A66A17}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{DA4FA014-A228-40F1-9DFE-4102BD20527F}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8508D977-07D8-4296-89E7-50BD18F74C2F}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 27:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #21
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  vcns-1.gci.net
Address:  209.165.131.12

Name:    google.com
Addresses:  2607:f8b0:400a:800::1000
      173.194.33.4
      173.194.33.5
      173.194.33.6
      173.194.33.7
      173.194.33.8
      173.194.33.9
      173.194.33.14
      173.194.33.0
      173.194.33.1
      173.194.33.2
      173.194.33.3


Pinging google.com [173.194.33.5] with 32 bytes of data:
Reply from 173.194.33.5: bytes=32 time=46ms TTL=53
Reply from 173.194.33.5: bytes=32 time=45ms TTL=53

Ping statistics for 173.194.33.5:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 45ms, Maximum = 46ms, Average = 45ms
Server:  vcns-1.gci.net
Address:  209.165.131.12

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=115ms TTL=47
Reply from 98.139.183.24: bytes=32 time=118ms TTL=47

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 115ms, Maximum = 118ms, Average = 116ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 44...00 ff e5 5a 9d 72 ......TAP-Win32 Adapter V9 #5
 39...00 ff 67 14 f4 b6 ......TAP-Win32 Adapter V9 #4
 37...00 ff a1 8a 9a ac ......TAP-Win32 Adapter V9 #3
 36...00 ff da 4f a0 14 ......TAP-Win32 Adapter V9 #2
 20...00 ff 85 08 d9 77 ......TAP-Win32 Adapter V9
 13...70 f1 a1 53 95 28 ......Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
 11...70 5a b6 be ce a0 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
 25...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #9
 29...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #8
 31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
 33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
 41...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
 49...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #21
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      65.74.100.1    65.74.102.143     20
      65.74.100.0    255.255.252.0         On-link     65.74.102.143    276
    65.74.102.143  255.255.255.255         On-link     65.74.102.143    276
    65.74.103.255  255.255.255.255         On-link     65.74.102.143    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     65.74.102.143    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     65.74.102.143    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::1c7d:d07d:88ce:a9e7/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/03/2013 02:06:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc4b0
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec4b137
Exception code: 0xc0000005
Fault offset: 0x000000000003a262
Faulting process id: 0x132c
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3

Error: (07/03/2013 02:01:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc4b0
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec4b137
Exception code: 0xc0000005
Fault offset: 0x000000000003a262
Faulting process id: 0xfd4
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3

Error: (07/03/2013 01:58:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc4b0
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec4b137
Exception code: 0xc0000005
Fault offset: 0x000000000003a262
Faulting process id: 0x478
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3

Error: (07/03/2013 00:19:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc4b0
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec4b137
Exception code: 0xc0000005
Fault offset: 0x000000000003a262
Faulting process id: 0x339ec
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3

Error: (07/03/2013 00:14:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc4b0
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec4b137
Exception code: 0xc0000005
Fault offset: 0x000000000003a262
Faulting process id: 0x34298
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3

Error: (07/03/2013 00:10:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc4b0
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec4b137
Exception code: 0xc0000005
Fault offset: 0x000000000003a262
Faulting process id: 0x34278
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3

Error: (07/03/2013 08:00:47 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = c:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" ; Description = StopZILLA! Restore Point.; Error = 0x80042319).

Error: (07/03/2013 08:00:41 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary 3526837drv.

System Error:
The system cannot find the file specified.
.

Error: (07/03/2013 08:00:41 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary 09512090.

System Error:
The system cannot find the file specified.
.

Error: (07/03/2013 07:11:40 AM) (Source: Application Error) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc4b0
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec4b137
Exception code: 0xc0000005
Fault offset: 0x000000000003a262
Faulting process id: 0x2d1a4
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3


System errors:
=============
Error: (07/03/2013 02:06:27 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 3 time(s).

Error: (07/03/2013 02:01:16 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.

Error: (07/03/2013 02:00:49 PM) (Source: Service Control Manager) (User: )
Description: The Software Protection service failed to start due to the following error:
%%1053

Error: (07/03/2013 02:00:49 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.

Error: (07/03/2013 01:59:54 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/03/2013 01:59:54 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/03/2013 01:58:39 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (07/03/2013 01:58:13 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/03/2013 01:58:09 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
is3srv
SRTSP

Error: (07/03/2013 01:57:42 PM) (Source: Service Control Manager) (User: )
Description: The Lavasoft Ad-Aware Service service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-01-31 21:01:14.169
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-12-31 17:02:35.150
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RTKVHD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-12-07 20:03:48.755
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-12-05 20:10:59.360
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\PEAuth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-12-05 20:10:40.213
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ndiswan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-29 17:37:12.244
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ntdll.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-28 20:47:53.994
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-16 15:14:52.809
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-16 15:14:52.700
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\nvlddmkm.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-11-15 19:32:18.509
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\rtl8192se.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe PDF ePub DRM Removal 4.7.1 (Version: 4.7.1)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Alganon (Version: 2.3.1.2373)
Any Video Converter 3.0.7
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Assassin's Creed Brotherhood (Version: 1.00)
Audition (Version: 1.00.0000)
BearShare (Version: 9.0.0.94309)
Best Buy Software Installer (Version: 2.3.0.1)
BitTorrent (Version: 7.6.1)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.28)
Combined Community Codec Pack 2010-10-10 (Version: 2010.10.10.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.4518.1014)
Crysis® 2 (Version: 1.0.0.0)
CyberGhost VPN
Diablo III (Version: 1.0.7.15295)
DivX Setup (Version: 1.0.2.23)
Dragon Age II (Version: 1.00)
Dragon Age: Origins (Version: 1.04)
Fable - The Lost Chapters (Version: 1.00.0000)
Google Chrome (Version: 27.0.1453.116)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.145)
Grand Theft Auto IV (Version: 1.00.0000)
HTC Driver Installer (Version: 4.0.0.007)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.5.7.1002)
IPTInstaller (Version: 4.0.4)
iTunes (Version: 11.0.2.26)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 27 (Version: 6.0.270)
JMicron Flash Media Controller Driver (Version: 1.0.34.2)
Junk Mail filter update (Version: 14.0.8089.726)
Label@Once 1.0 (Version: 1.0)
League of Legends (Version: 1.3)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MediaWidget 6.0
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.672.0)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MobileMe Control Panel (Version: 3.1.5.0)
Morrowind
MotoConnect 1.1.31 (Version: 1.1.31)
Motorola Mobile Drivers Installation 4.7.1 (Version: 4.7.1)
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Neverwinter Nights 2 (Version: 1.00.0000)
Norton Internet Security (Version: 17.5.0.127)
NVIDIA Control Panel 320.18 (Version: 320.18)
NVIDIA GeForce Experience 1.5 (Version: 1.5)
NVIDIA Graphics Driver 320.18 (Version: 320.18)
NVIDIA HD Audio Driver 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
NVIDIA Updatus (Version: 1.0.3)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PunkBuster Services (Version: 0.990)
QuickTime (Version: 7.73.80.64)
QuickTime Alternative 1.81 (Version: 1.81)
RealDownloader (Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.2)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.13.112.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6069)
Realtek WLAN Driver (Version: 2.00.0013)
RealUpgrade 1.1 (Version: 1.1.0)
Safari (Version: 5.34.57.2)
SecurityKISS Tunnel v0.2.1
SHIFT 2 UNLEASHED™ (Version: 1.0.0.0)
Skype™ 6.5 (Version: 6.5.158)
Spark
STOPzilla AntiMalware 6.0 (Version: 6.1.5.9)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
The Sims Medieval (Version: 1.0.0)
The Sims™ 3 (Version: 1.0.631)
The Witcher Enhanced Edition (Version: 1.00.0000)
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 3.00.11)
TOSHIBA Bulletin Board (Version: 1.6.07.64)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA DVD PLAYER (Version: 3.01.2.07-A)
TOSHIBA eco Utility (Version: 1.2.11.64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Flash Cards Support Utility (Version: 1.63.0.6C)
TOSHIBA Hardware Setup (Version: 1.63.0.22C)
TOSHIBA HDD Protection (Version: 2.2.0.4)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
TOSHIBA Media Controller (Version: 1.0.80.3.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.5.10)
TOSHIBA PC Health Monitor (Version: 1.6.0.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.6.06.64)
TOSHIBA Service Station (Version: 2.1.40)
TOSHIBA Sleep Utility (Version: 1.4.1.1)
TOSHIBA Supervisor Password (Version: 1.63.0.9C)
TOSHIBA Value Added Package (Version: 1.3.4.64)
TOSHIBA Web Camera Application (Version: 1.1.1.15)
ToshibaRegistration (Version: 1.0.4)
TrueCrypt (Version: 7.1)
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office Word 2007 (KB974631)
Utility Common Driver (Version: 1.0.52.1C)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WD SmartWare (Version: 1.2.0.8)
Winamp (Version: 5.601 )
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
WinRAR 4.00 beta 1 (64-bit) (Version: 4.00.1)

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 8122.67 MB
Available physical RAM: 6169.61 MB
Total Pagefile: 16243.49 MB
Available Pagefile: 14127.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.89 MB

========================= Partitions: =====================================

1 Drive c: (TI105835W0G) (Fixed) (Total:584.24 GB) (Free:40.68 GB) NTFS

========================= Users: ========================================

User accounts for \\WESLEY-PC

Administrator            Guest                    UpdatusUser              
Wesley                   Wesley1                  

========================= Minidump Files ==================================

No minidump file found


**** End of log ****



#5 wes1584

wes1584
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 03 July 2013 - 07:25 PM

Will reboot and scan/post last log after this.
Malwarebytes log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.03.10

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Wesley1 :: WESLEY-PC [administrator]

7/3/2013 4:16:02 PM
mbam-log-2013-07-03 (16-16-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 298676
Time elapsed: 7 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Wesley1\AppData\Local\Temp\dpqprom (Malware.Packer.D4Gen) -> Quarantined and deleted successfully.

(end)



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:13 PM

Posted 03 July 2013 - 08:10 PM

SAS scan also please - Item #4


Edited by noknojon, 03 July 2013 - 08:11 PM.


#7 wes1584

wes1584
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 03 July 2013 - 08:31 PM

SuperAntiSpyware:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/03/2013 at 05:29 PM

Application Version : 5.6.1020

Core Rules Database Version : 10586
Trace Rules Database Version: 8398

Scan type       : Quick Scan
Total Scan Time : 00:25:10

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned      : 546
Memory threats detected   : 0
Registry items scanned    : 64524
Registry threats detected : 0
File items scanned        : 15453
File threats detected     : 0
 



#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:13 PM

Posted 03 July 2013 - 09:00 PM

This may have been the problem - Malware.Packer.D4Gen

 

 

Please download AdwCleaner by Xplode onto your desktop.

*Close all open programs and internet browsers.
*Double click on adwcleaner.exe to run the tool.
*Click on Delete.
*Confirm each time with Ok.
*Your computer will be rebooted automatically. A text file will open after the restart.

*Please post the contents of that logfile with your next reply.
*You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 IMPORTANT - Windows 7  x64 (UAC is enabled)   Out of date service pack!!
Follow the link to update to SP1 and then check for Windows Updates -

 

 

Please download Junkware Removal Tool by thisisu to your desktop
Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Thank You -



#9 wes1584

wes1584
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 04 July 2013 - 01:00 PM

# AdwCleaner v2.304 - Logfile created 07/04/2013 at 09:53:52
# Updated 03/07/2013 by Xplode
# Operating system : Windows 7 Home Premium  (64 bits)
# User : Wesley1 - WESLEY-PC
# Boot Mode : Normal
# Running from : C:\Users\Wesley1\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\fbphotozoom
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Wesley\AppData\Local\PackageAware
Folder Deleted : C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\rt5djvid.default\jetpack

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{0974BA1E-64EC-11DE-B2A5-E43756D89593}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.17006

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\Wesley\AppData\Roaming\Mozilla\Firefox\Profiles\rt5djvid.default\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "BearShare Web Search");
Deleted : user_pref("browser.search.order.1", "BearShare Web Search");
Deleted : user_pref("browser.search.selectedEngine", "BearShare Web Search");
Deleted : user_pref("keyword.URL", "hxxp://search.bearshare.com/web?src=ffb&systemid=2&q=");

File : C:\Users\Wesley1\AppData\Roaming\Mozilla\Firefox\Profiles\su4zk6hf.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.116

File : C:\Users\Wesley1\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [5020 octets] - [04/07/2013 09:53:52]

########## EOF - C:\AdwCleaner[S1].txt - [5080 octets] ##########



#10 wes1584

wes1584
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 04 July 2013 - 01:16 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Wesley1 on Thu 07/04/2013 at 10:05:50.34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders



~~~ FireFox

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\bearsharewebsearch.xml"
Emptied folder: C:\Users\Wesley1\AppData\Roaming\mozilla\firefox\profiles\su4zk6hf.default\minidumps [8 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 07/04/2013 at 10:10:36.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#11 wes1584

wes1584
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 04 July 2013 - 01:17 PM

Note: Tried ding windows update like you said but it seems there is something preventimg me from updating it. This is what I get when I search for
updates.


An error occured while checking for new updates for your computer.

Error(s) found:

Code 80080005 Windows encountered an unknown error.

I clicked "Get help with this error" but it didn't provide any help (big surprise)

 

 



#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:13 PM

Posted 04 July 2013 - 05:41 PM

http://support.microsoft.com/kb/971058
This is from M/soft and has often been given as a resolution to your error Code 80080005

Now Reboot -

 As a Administrator open a Command Prompt and type sfc /scannow then hit Enter (note the space between c and /
The command should complete successfully and if any errors were found, they should be corrected.

This will take (on average) 15 minutes to run.

 

Reboot again when this is done, and try for any Windows Updates.
 

Post back the results -



#13 wes1584

wes1584
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 04 July 2013 - 07:08 PM

Ran MS FixIt. It said it did not detect any problems therfore no fixes were applied. *sigh*

Ran other Windows update automated troublshooter and this is what I got:

- Some security settings are missing or have been changed - Not Fixed
- Service registration is missing or corrupt - Not fixed
- Windows update error 0x80080005 (2013-7-04-T-03_59_19P) -Not Fixed
- Problems installing recent updates - Not Fixed
- Check for missing or corrupt files - Detected
- Problems installing recent updates - Fixed ( Don't get this since it just said they wern't fixed)

 

 

Also, when I reboot and I get to windows screen it says something like "Configuring Windows Update" Then it will go to "Failed to Configure Windows Update Reverting Changes" then it will allow me to input password and logon. I'm asuming this is just the same as me trying to manually search for updates but my computer is trying to do it on it's own at startup and failing there as well.


As for the cmd prompt you wanted me to do I got this back after I rebooted and tried it.
 

"Windows Resource Protection could not start the repair service"

*sigh*



#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:13 PM

Posted 04 July 2013 - 07:32 PM

OK -

We will try a "private" Fix It -

 

Update .bat file
If there are still problems, run this recommended repair batch file (as given) since it seemed the best non-M/soft fix I found.
•Please copy and paste the following text in the Code box exactly as written into notepad (not wordpad or any other text editor):
 

net stop wuauserv
cd %systemroot%\SoftwareDistribution
ren Download Download.old
net start wuauserv
net stop bits
net start bits
net stop cryptsvc
cd %systemroot%\system32
ren catroot2 catroot2old
net start cryptsvc
•Once you've done that click on File and select Save As...
•In the Save dialogue box click on the drop down menu next to Save as type and select All Files
•Name the file UPDATE Fix.bat (the .bat extension is very important)
•Save the file to your desktop and double click it to run it on XP. For Vista / Win7 right click on it and choose Run As Admin
A black box with writing in it will show for a few seconds, and then go. You can then delete the desktop item if you wish.

 

See if this will help at all - Also I am VERY concerned that No Antivirus is listed .........



#15 wes1584

wes1584
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:08:13 AM

Posted 04 July 2013 - 07:42 PM

 

See if this will help at all - Also I am VERY concerned that No Antivirus is listed .........

Listed where? Also I have Stopzilla, that catches malware stuff sometimes usually from popups or cookies and stuff. I also use that free Kapersky Virus Removal Tool. I always thought it was pretty good but I'm beginning to think I don't know much at all.

Ok I did everything you said, when it was finished I searched for updates again and got the same old error... This is frustrating, I don't get why they have a fix for this but it isn't working for me.
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users