|
|
#41
28th May 2009, 04:24
|
||||||||||||
|
||||||||||||
|
Hi Bubba
I want you to run a different type of scan using HijackThis... Please click Here to download HijackThis to your desktop. Click the Download button. When the Trend Micro HJT install box appears, double click on the HJTInstall.exe. Click on Install. It will be installed by default here: -> C:\Program Files\Trend Micro\HijackThis A shortcut to the application will also be placed on your Desktop. The program will open automatically after installation. Click on the option Open the Misc Tools section Now select Open ADS Spy Uncheck and take the tick out of Quick Scan Click on Scan This may take some while to complete, once done select Save Log Post this back in your next reply
__________________
__________________
Proud member of ASAP & UNITE My System: Steves Rig
|
|
#42
28th May 2009, 12:21
|
|||
|
|||
|
That didn't take long at all, did I do something wrong lol? There is no header or anything on this log.
C:\ProgramData\TEMP : D1B5B4F1 (116 bytes) C:\ProgramData\TEMP : DFC5A2B2 (110 bytes) C:\ProgramData\TEMP : D1B5B4F1 (116 bytes) C:\ProgramData\TEMP : DFC5A2B2 (110 bytes) C:\Users\All Users\TEMP : D1B5B4F1 (116 bytes) C:\Users\All Users\TEMP : DFC5A2B2 (110 bytes) C:\Users\All Users\TEMP : D1B5B4F1 (116 bytes) C:\Users\All Users\TEMP : DFC5A2B2 (110 bytes) C:\Users\Shirley\AppData\Local\Microsoft\Windows Mail\Local Folders\Inbox\1CA95AC3-00000001.eml : OECustomProperty (916 bytes) C:\Users\Shirley\Documents\Message.eml : OECustomProperty (522 bytes) C:\Users\Shirley\Favorites\Links\Suggested Sites.url : favicon (25214 bytes) C:\Users\Shirley\Favorites\solved HELP! Unable to update Windows Code 80072EFD - Tech Support Guy Forums.url : favicon (1742 bytes) |
|
#43
28th May 2009, 15:50
|
|||
|
|||
|
Howdy there
Quote:
Open HijackThis Click on the option Open the Misc Tools section Now select Open ADS Spy Uncheck and take the tick out of Quick Scan Click on Scan Once the log is complete place a tick in the following check boxes at the left of the entries below and then press the Remove Selected button C:\ProgramData\TEMP : D1B5B4F1 (116 bytes) C:\ProgramData\TEMP : DFC5A2B2 (110 bytes) C:\ProgramData\TEMP : D1B5B4F1 (116 bytes) C:\ProgramData\TEMP : DFC5A2B2 (110 bytes) C:\Users\All Users\TEMP : D1B5B4F1 (116 bytes) C:\Users\All Users\TEMP : DFC5A2B2 (110 bytes) C:\Users\All Users\TEMP : D1B5B4F1 (116 bytes) C:\Users\All Users\TEMP : DFC5A2B2 (110 bytes) Reboot your computer and let me know how things are now
__________________
Proud member of ASAP & UNITE |
|
#44
28th May 2009, 18:54
|
|||
|
|||
|
Same.
|
|
#45
29th May 2009, 00:17
|
|||
|
|||
|
Hi Bubba
I think we have thrown everything at this one without success. I do not feel it is a malware problem although it is possible malware which you have removed prior to posting may have comtributed towards its initial cause. Lets try a system file check. You may need your original windows disc so have it next to you in case. Click on the Vista orb, select All Programs - Accessories, right click on the command prompt and select Run as administrator and ok any UAC prompts In the Command window type in the following sfc /scannow Notice the space between the sfc and / Let it run its course, reboot yoor system and retry updates
__________________
Proud member of ASAP & UNITE |
|
#46
29th May 2009, 10:42
|
|||
|
|||
|
Same.
I got the message fromscan: Windows Resource Protection found corrupt files but was unable to fix some of them. It directed me to a log (actually there were 2). i would post them, but they are HUGE. This system is an ACER running Vista Home Premium. I actually have an OEM copy of Home Premium. i was going to put it on my daughters computer when I built her one, but decided A: she has enough of a computer for a 6 year old (well she's 7 now) and B: when I did build her one I would put Win7 on it. ANyways, is there any reason I can't open the package, put the install disk in and use it for "Repair" and see what happens? Also, we disabled Windows firewall (in the last post on page three, the way I view the site), can we get it working again? I guess, after we get Firewall working, I get the DVD player working again, and I try to repair, (assuming you say it's OK to do so, if you have nothing else to try, I'll install SP2, tell him i can't help him lol and give it back. |
|
#47
29th May 2009, 15:46
|
|||
|
|||
|
Hi bubba
Quote:
Regarding the firewall, the fix in that particular post was not to turn off the firewall, but to reset the security settings to default. You should be able to turn it back on via the security centre again.
__________________
Proud member of ASAP & UNITE |
|
#48
29th May 2009, 17:33
|
|||
|
|||
|
Sorry about getting back to you so late, you are probably in bed now lol. I was researching the firewall thing.
Windows Firewall was working until we applied the following fix: Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess] "DependOnGroup"=hex(7):00,00 "DependOnService"=hex(7):4e,00,65,00,74,00,6d,00,6 1,00,6e,00,00,00,57,00,69,00,\ 6e,00,4d,00,67,00,6d,00,74,00,00,00,00,00 "Description"="Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network." "DisplayName"="Windows Firewall/Internet Connection Sharing (ICS)" "ErrorControl"=dword:00000001 "ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,6 5,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d ,00,33,00,32,00,5c,00,73,\ 00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00 ,78,00,65,00,20,00,2d,00,\ 6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73 ,00,00,00 "ObjectName"="LocalSystem" "Start"=dword:00000002 "Type"=dword:00000020 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Epoch] "Epoch"=dword:00002cd0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters] "ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00, 65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00 ,6d,00,33,00,32,00,5c,00,\ 69,00,70,00,6e,00,61,00,74,00,68,00,6c,00,70,00,2e ,00,64,00,6c,00,6c,00,00,\ 00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Setup] "ServiceUpgrade"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Setup\InterfacesUnfirewalledAtUpda te] "All"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Enum] "0"="Root\\LEGACY_SHAREDACCESS\\0000" "Count"=dword:00000001 "NextInstance"=dword:00000001 After that, she was deader than a hammer. The service won't even start. Anyway, thanks for all your help. I think we can be reasonably sure that computer is malware free. I messed up on the Vista Home Premium thing though, I have an OEM copy of Ultimate. I continue perusing the world wide web on an endless quest for answers to the 80072 efd................ |
|
#49
29th May 2009, 20:33
|
|||
|
|||
|
Hah, I fixed the firewall. Found the info here: http://support.microsoft.com/kb/943996
However, and I mentioned this earlier in the thread I think lol, in the security center, it is showing up as I have no Virus protection installed. Do you know how to fix that? EDIT: Still haven't figured out about the update failure lol. |
|
#50
30th May 2009, 00:07
|
|||
|
|||
|
Hi Bubba
Glad you got the firewall sorted. You can disable the AV alerts by setting the security centre as follows: How to Disable Antivirus Alerts When Security Center Does Not Detect Installed Antivirus Application
__________________
Proud member of ASAP & UNITE |
