Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

poweliks!gm help


  • Please log in to reply
13 replies to this topic

#1 edkarner

edkarner

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 12 November 2014 - 01:43 PM

Hello,

  The system that is having a problem runs Window8 64bit.  I notice several com surrogate processes running in task manager.  I am not sure what other information is needed, but I am ready to help anyone help me.



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 12 November 2014 - 09:44 PM

Hello and welcome ... I moved this to the Am I Infected forum from win 8...


newtool3_zpsae6d2122.png

Please download Powelikscleaner (by ESET) and save it to your Desktop.

1. Double-click on ESETPoweliksCleaner.exe to start the tool.

2. Read the terms of the End-user license agreement and click Agree.

3. The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.

newtool1_zpsa1caa06e.png

4. If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.

newtool2_zps0e6d39b1.png

The tool will produce a log in the same directory the tool was run from.

Please copy and paste the log in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 edkarner

edkarner
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 13 November 2014 - 07:23 AM

Thanks for the help!  Here is the contents of the log file:

 

-----

-----

[2014.11.13 07:19:23.669] - Begin
[2014.11.13 07:19:23.669] -
[2014.11.13 07:19:23.673] -     ....................................
[2014.11.13 07:19:23.673] -   ..::::::::::::::::::....................
[2014.11.13 07:19:23.673] -   .::EEEEEE:::SSSSSS::..EEEEEE..TTTTTTTT..    Win32/Poweliks
[2014.11.13 07:19:23.673] -  .::EE::::EE:SS:::::::.EE....EE....TT......   Version: 1.0.0.1
[2014.11.13 07:19:23.673] -  .::EEEEEEEE::SSSSSS::.EEEEEEEE....TT......   Built: Oct 15 2014
[2014.11.13 07:19:23.673] -  .::EE:::::::::::::SS:.EE..........TT......
[2014.11.13 07:19:23.677] -   .::EEEEEE:::SSSSSS::..EEEEEE.....TT.....    Copyright © ESET, spol. s r.o.
[2014.11.13 07:19:23.677] -   ..::::::::::::::::::....................    1992-2013. All rights reserved.
[2014.11.13 07:19:23.677] -     ....................................
[2014.11.13 07:19:23.677] -
[2014.11.13 07:19:23.677] - --------------------------------------------------------------------------------
[2014.11.13 07:19:23.677] -
[2014.11.13 07:19:23.677] - INFO: OS: 6.2.9200 SP0
[2014.11.13 07:19:23.677] - INFO: Product Type: Workstation
[2014.11.13 07:19:23.677] - INFO: WoW64: True
[2014.11.13 07:19:23.677] - INFO: Machine guid: C0801CF6-31CC-43D9-982B-9F211EFFF45B
[2014.11.13 07:19:23.677] -
[2014.11.13 07:19:27.189] - INFO: Scanning for system infection...
[2014.11.13 07:19:27.189] - --------------------------------------------------------------------------------
[2014.11.13 07:19:27.189] -
[2014.11.13 07:19:27.189] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.13 07:19:27.189] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.13 07:19:27.193] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.13 07:19:27.193] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.13 07:19:27.193] - INFO: Processing classes...
[2014.11.13 07:19:27.193] - INFO: Processing clsid [\Registry\User\S-1-5-21-1907023060-3807388090-1964440699-1001\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.13 07:19:27.193] - WARNING: Found suspicous classid [\Registry\User\S-1-5-21-1907023060-3807388090-1964440699-1001\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.13 07:19:27.193] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.13 07:19:27.193] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.13 07:19:27.193] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.13 07:19:27.193] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.13 07:19:27.193] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.13 07:19:27.193] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.13 07:19:27.193] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.13 07:19:27.193] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.13 07:19:27.193] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.13 07:19:27.193] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.13 07:19:27.193] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.13 07:19:27.193] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.13 07:19:27.193] - INFO: Win32/Poweliks found
[2014.11.13 07:19:33.485] - INFO: process: dllhost.exe, pid 2816, parent 3992
[2014.11.13 07:19:33.485] - INFO: Terminated process pid = 2816
[2014.11.13 07:19:33.485] - INFO: process: dllhost.exe, pid 3224, parent 2816
[2014.11.13 07:19:33.485] - INFO: Terminated process pid = 3224
[2014.11.13 07:19:33.485] - INFO: process: dllhost.exe, pid 4160, parent 3224
[2014.11.13 07:19:33.485] - INFO: Terminated process pid = 4160
[2014.11.13 07:19:33.489] - INFO: process: dllhost.exe, pid 4336, parent 3224
[2014.11.13 07:19:33.489] - INFO: Terminated process pid = 4336
[2014.11.13 07:19:33.489] - INFO: process: dllhost.exe, pid 4368, parent 3224
[2014.11.13 07:19:33.489] - INFO: Terminated process pid = 4368
[2014.11.13 07:19:33.489] - INFO: process: dllhost.exe, pid 4424, parent 3224
[2014.11.13 07:19:33.493] - INFO: Terminated process pid = 4424
[2014.11.13 07:19:33.493] - INFO: process: dllhost.exe, pid 4476, parent 3224
[2014.11.13 07:19:33.497] - ERROR: Failed to terminate process pid = 4476
[2014.11.13 07:19:33.497] - INFO: process: dllhost.exe, pid 5928, parent 3224
[2014.11.13 07:19:33.497] - ERROR: Failed to terminate process pid = 5928
[2014.11.13 07:19:33.497] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.13 07:19:33.497] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]...
[2014.11.13 07:19:33.501] - INFO: Processing [HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.13 07:19:33.501] - INFO: Processing [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]...
[2014.11.13 07:19:33.501] - INFO: Processing classes...
[2014.11.13 07:19:33.501] - INFO: Processing clsid [\Registry\User\S-1-5-21-1907023060-3807388090-1964440699-1001\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.13 07:19:33.501] - INFO: Deleted classid [\Registry\User\S-1-5-21-1907023060-3807388090-1964440699-1001\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]
[2014.11.13 07:19:33.501] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.13 07:19:33.501] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.13 07:19:33.501] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.13 07:19:33.501] - INFO: Processing invalid values in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.13 07:19:33.501] - INFO: Processing value [] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.13 07:19:33.501] - INFO: Processing value [ServerExecutable] = [%systemroot%\sysWOW64\wbem\wmiprvse.exe]
[2014.11.13 07:19:33.501] - INFO: Processing value [] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.13 07:19:33.501] - INFO: Processing value [ServerExecutable] = [%systemroot%\system32\wbem\wmiprvse.exe]
[2014.11.13 07:19:33.501] - INFO: Processing invalid subkeys in [HKLM\SOFTWARE\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32]...
[2014.11.13 07:19:33.501] - INFO: Processing [HKLM\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}]...
[2014.11.13 07:19:33.501] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.13 07:19:33.501] - INFO: Processing subkey [\Registry\Machine\SOFTWARE\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\InprocServer32]
[2014.11.13 07:19:33.501] - INFO: Cleaning status: 0
[2014.11.13 07:19:39.321] - End
 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 13 November 2014 - 11:00 AM

Looks good please run..

ADW Cleaner

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .


    How is it now?

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 edkarner

edkarner
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 13 November 2014 - 12:52 PM

Here are the scan results:

 

adwcleaner:

# AdwCleaner v4.101 - Report created 13/11/2014 at 12:27:18
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Windows 8  (64 bits)
# Username : glenndunham - GLENN
# Running from : C:\Users\glenndunham\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\glenndunham\Documents\Updater
[x] Not Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Description
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\yourtango.com

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

*************************

AdwCleaner[R0].txt - [923 octets] - [13/11/2014 12:23:11]
AdwCleaner[S0].txt - [856 octets] - [13/11/2014 12:27:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [915 octets] ##########

 

Junkware Removal Tool:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 8 x64
Ran by glenndunham on Thu 11/13/2014 at 12:36:37.53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/13/2014 at 12:45:13.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

The computer seems to be running without a problem. but without sitting at it for a while, I cannot be absolutely sure.



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 13 November 2014 - 12:59 PM

We'll keep this open so you can check...
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 edkarner

edkarner
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 13 November 2014 - 01:12 PM

After running for a while everything seemed to be working properly.  I ran a check for windows updates and rec'd the error Code 80070BC9.  I a not sure if this is a new problem or if it is somehow related to the previous infection.  I receive the error when I tell Windows update to "check for updates" from control panel.  I I check for updates again at this point, I get a message to "Restart your PC to finish installing updates" with a "restart now" button.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 13 November 2014 - 01:17 PM

Probably related..
The error code is related to Window update component files are missing or if they are corrupted.

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk, then restart your computer.

1406373241-3-o.png


Once the above is done, go to Step 4 and allow it to run System File Check by clicking on the Do It button.

1406373250-4-o.png


Go to Step 5 and under"System Restore" click on Create button.

1406373259-5-o.png


Go to Start Repairs tab and click the Start button.

1406373267-start1-o.png


Leave the check marks as they are.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start Repairs button.

1406373275-start2-o.png


After the repair finished, you may be prompted to restart the computer. Please allow it to do so.

Please post the Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 edkarner

edkarner
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 13 November 2014 - 02:00 PM

After completing step (System File Check) Errors were found that could not be fixed.  The tool directed me to restart the system after the checker completed.  I did not know if I should do so before continuing to step 5 or not.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 13 November 2014 - 02:55 PM

OK Yes create the restore Point we can make new one again later.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 edkarner

edkarner
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 13 November 2014 - 02:57 PM

_windows_Repair_Log.txt:

 

Tweaking.com - Windows Repair v2.10.2
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 8
OS Architecture: 64-bit
OS Version: 6.2.9200
OS Service Pack:
Computer Name: GLENN
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\glenndunham
Current Profile SID: S-1-5-21-1907023060-3807388090-1964440699-1001
Current Profile Classes: S-1-5-21-1907023060-3807388090-1964440699-1001_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\glenndunham\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:04:29

Process Count: 62
Commit Total: 1.52 GB
Commit Limit: 15.87 GB
Commit Peak: 2.41 GB
Handle Count: 20471
Kernel Total: 346.88 MB
Kernel Paged: 244.82 MB
Kernel Non Paged: 102.06 MB
System Cache: 1.40 GB
Thread Count: 793
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.87 GB
Memory Used: 1.48 GB(18.8127%)
Memory Avail.: 6.39 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.87 GB
Memory Used: 1.25 GB(15.818%)
Memory Avail.: 6.63 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Started at (11/13/2014 2:09:31 PM)

Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 63
 
01 - Reset Registry Permissions
   Restore Windows 8 Default Registry Permissions
   Start (11/13/2014 2:09:34 PM)

Decompressing & Updating Windows 8 Permission File hkud.txt
Done,  0.2 seconds.

Decompressing & Updating Windows 8 Permission File hkcu.txt
Done,  0.23 seconds.

Decompressing & Updating Windows 8 Permission File hkcr.txt
Done,  0.63 seconds.

Decompressing & Updating Windows 8 Permission File hklm.txt
Done,  1.2 seconds.

   Running Repair Under System Account
   Running Repair Under Current User Account
   Done (11/13/2014 2:12:33 PM)

03 - Reset Service Permissions
   Start (11/13/2014 2:12:33 PM)
   Running Repair Under System Account
   Done (11/13/2014 2:12:36 PM)

04 - Register System Files
   Start (11/13/2014 2:12:36 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:13:13 PM)

05 - Repair WMI
   Start (11/13/2014 2:13:13 PM)

   Starting Security Center So We Can Export The Security Info.

   Exporting Antivirus Info...
   Windows Defender Exported.
   Norton 360 Exported.

   Exporting AntiSpyware Info...
   Norton 360 Exported.
   Windows Defender Exported.

   Exporting 3rd Party Firewall Info...
   Norton 360 Exported.

   Running Repair Under Current User Account
   Done (11/13/2014 2:25:34 PM)

06 - Repair Windows Firewall
   Start (11/13/2014 2:25:34 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:26:03 PM)

07 - Repair Internet Explorer
   Start (11/13/2014 2:26:03 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:26:22 PM)

08 - Repair MDAC/MS Jet
   Start (11/13/2014 2:26:22 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:26:28 PM)

09 - Repair Hosts File
   Start (11/13/2014 2:26:28 PM)
   Running Repair Under System Account
   Done (11/13/2014 2:26:29 PM)

10 - Remove Policies Set By Infections
   Start (11/13/2014 2:26:29 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:26:31 PM)

11 - Repair Start Menu Icons Removed By Infections
   Start (11/13/2014 2:26:31 PM)
   Running Repair Under System Account
   Done (11/13/2014 2:26:33 PM)

12 - Repair Icons
   Start (11/13/2014 2:26:33 PM)
   Running Repair Under Current User Account
   Done (11/13/2014 2:26:34 PM)

13 - Repair Winsock & DNS Cache
   Start (11/13/2014 2:26:34 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:26:42 PM)

15 - Repair Proxy Settings
   Start (11/13/2014 2:26:42 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:26:44 PM)

17 - Repair Windows Updates
   Start (11/13/2014 2:26:44 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (11/13/2014 2:27:09 PM)

18 - Repair CD/DVD Missing/Not Working
   Start (11/13/2014 2:27:09 PM)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (11/13/2014 2:27:09 PM)

19 - Repair Volume Shadow Copy Service
   Start (11/13/2014 2:27:09 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:27:29 PM)

21 - Repair MSI (Windows Installer)
   Start (11/13/2014 2:27:29 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:27:40 PM)

23.01 - Repair bat Association
   Start (11/13/2014 2:27:40 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:27:42 PM)

23.02 - Repair cmd Association
   Start (11/13/2014 2:27:42 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:27:44 PM)

23.03 - Repair com Association
   Start (11/13/2014 2:27:44 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:27:46 PM)

23.04 - Repair Directory Association
   Start (11/13/2014 2:27:46 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:27:48 PM)

23.05 - Repair Drive Association
   Start (11/13/2014 2:27:48 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:27:50 PM)

23.06 - Repair exe Association
   Start (11/13/2014 2:27:50 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:27:52 PM)

23.07 - Repair Folder Association
   Start (11/13/2014 2:27:52 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:27:54 PM)

23.08 - Repair inf Association
   Start (11/13/2014 2:27:54 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:27:56 PM)

23.09 - Repair lnk (Shortcuts) Association
   Start (11/13/2014 2:27:56 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:27:58 PM)

23.10 - Repair msc Association
   Start (11/13/2014 2:27:58 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:28:00 PM)

23.11 - Repair reg Association
   Start (11/13/2014 2:28:00 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:28:02 PM)

23.12 - Repair scr Association
   Start (11/13/2014 2:28:02 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:28:05 PM)

24 - Repair Windows Safe Mode
   Start (11/13/2014 2:28:05 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:28:07 PM)

25 - Repair Print Spooler
   Start (11/13/2014 2:28:07 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:28:21 PM)

26 - Restore Important Windows Services
   Start (11/13/2014 2:28:21 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:28:29 PM)

27 - Set Windows Services To Default Startup
   Start (11/13/2014 2:28:29 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:28:33 PM)

28 - Repair Windows 8 App Store
   Start (11/13/2014 2:28:33 PM)

Decompressing & Updating Windows 8 Permission File hkcu.txt
Done,  0.19 seconds.

   Running Repair Under Current User Account
   Done (11/13/2014 2:29:21 PM)

29 - Repair Windows 8 Component Store
   Start (11/13/2014 2:29:21 PM)
   Running Repair Under Current User Account
   Done (11/13/2014 2:47:53 PM)

30 - Restore Windows 8 COM+ Unmarshalers
   Start (11/13/2014 2:47:53 PM)
   Running Repair Under System Account
Processing ACL of: <classes_root\Unmarshalers>

SetACL finished with error(s):
SetACL error message: The call to SetNamedSecurityInfo () failed
Operating system error message: Access is denied.

   Done (11/13/2014 2:47:54 PM)

31 - Repair Windows 'New' Submenu
   Start (11/13/2014 2:47:54 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (11/13/2014 2:47:56 PM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done at (11/13/2014 2:47:56 PM)
   Total Repair Time: 00:38:27

...YOU MUST RESTART YOUR SYSTEM...



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 13 November 2014 - 03:35 PM

Restart the system and see how it is.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 edkarner

edkarner
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 14 November 2014 - 07:41 AM

Everything seems to be working as new.  Thanks for all of your help!



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 14 November 2014 - 02:02 PM

Excellent !!
 
Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
You're quite welcome !
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users