Sweetpotato Posted January 9, 2015 Author Share Posted January 9, 2015 It seems better except for I am still getting the Windows Error and not able to run anything in the control panel. My internet does come up slow, but faster than before Link to comment Share on other sites More sharing options...
Juliet Posted January 9, 2015 Share Posted January 9, 2015 Please download Farbar Service Scanner and run it on the computer. Make sure the following options are checked: Internet Services Windows Firewall System Restore Security Center Windows Update Press "Scan". It will create a log (FSS.txt) in the same directory the tool is run. Please copy and paste the log to your reply. Link to comment Share on other sites More sharing options...
Sweetpotato Posted January 9, 2015 Author Share Posted January 9, 2015 Should I run as administrator Link to comment Share on other sites More sharing options...
Juliet Posted January 9, 2015 Share Posted January 9, 2015 If it wont open by right click, select open, or by double clicking on it then right click on the exe and run as administrator Link to comment Share on other sites More sharing options...
Sweetpotato Posted January 9, 2015 Author Share Posted January 9, 2015 It did work. Farbar Service Scanner Version: 21-07-2014 Ran by Ginny (administrator) on 09-01-2015 at 16:42:29 Running from "C:\Users\Ginny\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= MpsSvc Service is not running. Checking service configuration: The start type of MpsSvc service is OK. The ImagePath of MpsSvc service is OK. The ServiceDll of MpsSvc service is OK. Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\dhcpcore.dll => File is digitally signed C:\Windows\System32\drivers\afd.sys => File is digitally signed C:\Windows\System32\drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\mpssvc.dll => File is digitally signed C:\Windows\System32\bfe.dll => File is digitally signed C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed C:\Windows\System32\SDRSVC.dll => File is digitally signed C:\Windows\System32\vssvc.exe => File is digitally signed C:\Windows\System32\wscsvc.dll => File is digitally signed C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed C:\Windows\System32\wuaueng.dll => File is digitally signed C:\Windows\System32\qmgr.dll => File is digitally signed C:\Windows\System32\es.dll => File is digitally signed C:\Windows\System32\cryptsvc.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log **** Link to comment Share on other sites More sharing options...
Juliet Posted January 9, 2015 Share Posted January 9, 2015 Where we're at right now is, the system is malware free. But, damage is done now that I can't fix. I think what we're looking at is either a repair install or a wipe completely and reinstall.. I've asked a friend here at the Pit to take a look and see what suggestions he can offer. Let's remove these tools and folders. DelFix Please download DelFix and save the file to your Desktop. Double-click DelFix.exe to run the programme. Place a checkmark next to the following items:Activate UAC Remove disinfection tools Create registry backup Purge system restore Reset system settings Click the Run button. -- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete). Link to comment Share on other sites More sharing options...
Juliet Posted January 9, 2015 Share Posted January 9, 2015 As a last resort let's try this Also please download Windows Repair (all in one) from here Install the program then go to step 4 and create a new system restore point and new registry backup. Go to Step 2 and allow it to run CheckDisk by clicking on Do It button: NEXT On the the Start Repairs tab => Click the Start Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default): Click on box next to the Restart System when Finished. Then click on Start. Link to comment Share on other sites More sharing options...
Sweetpotato Posted January 10, 2015 Author Share Posted January 10, 2015 Thank you. will do. Is this all related to the malware that I had on my computer? I feel so bad about that but am very thankful to have such a trusted place to go to for help.All of you guys and gals have been nothing but helpful to me and I truly appreciate it. I will let you know what happens after the scan is finished Link to comment Share on other sites More sharing options...
Sweetpotato Posted January 10, 2015 Author Share Posted January 10, 2015 I did get this one error while running the program. C:\Windows|SysWO|wbem|unsecapp.exe is not a valid Win32 application. I had to click ok then it finished running. There seemed to be a bit of errors that it fixed. I have started my computer and still can't open anything in the control panel. I did however have a few error messages in my action center. One major being that my firewall is turned off. could not turn it on. It wont let me. I got an error code of 0x6d9. Not sure what that is. Link to comment Share on other sites More sharing options...
Juliet Posted January 10, 2015 Share Posted January 10, 2015 please click Start - All Programs -- Accessories -- Command Prompt Right-click - Command Prompt and select: Run As Administrator At the Command Prompt, type the following lines, one at a time, and press Enter after each. sc config MpsSvc start= auto Net start MpsSvc exit May require a reboot By chance were the other errors for windows updates? ````````` if that doesn't work try the below Download this regfile to desktop http://download.bleepingcomputer.com/win-services/7/MpsSvc.reg Right click on MpsSvc.reg file, click "Merge". Allow registry merge. Restart computer. Link to comment Share on other sites More sharing options...
Juliet Posted January 10, 2015 Share Posted January 10, 2015 Thank you. will do. Is this all related to the malware that I had on my computer? I feel so bad about that but am very thankful to have such a trusted place to go to for help.All of you guys and gals have been nothing but helpful to me and I truly appreciate it. I will let you know what happens after the scan is finishedIt's very possible that malware did this. And to let you know that we enjoy helping people which in a way makes me feel bad that I haven't eradicated the all the problems on your machine, but still trying. Link to comment Share on other sites More sharing options...
Sweetpotato Posted January 10, 2015 Author Share Posted January 10, 2015 (edited) Ok, did that one. Also, the other errors were for windows backup. There were two. Should I try to get a different firewall set up for the time being? On a different note, about a month or maybe two at the most, I noticed that my wireless connection has a new number added to it. Would this happen because of my phone feeds off of it?Just trying to think of all the things, that in hindsight I should of had big bells going off. Edited January 10, 2015 by Sweetpotato Link to comment Share on other sites More sharing options...
Juliet Posted January 10, 2015 Share Posted January 10, 2015 You can try to setup a free firewall, but in the back of my mind Kaspersky internet security turned it off (all security suite do this) and is the reason it was turned off. But with the amount of windows errors you have I don't know if this would be successful. Link to comment Share on other sites More sharing options...
Juliet Posted January 10, 2015 Share Posted January 10, 2015 it's late here, will check back tomorrow. Link to comment Share on other sites More sharing options...
Juliet Posted January 11, 2015 Share Posted January 11, 2015 How's it go today? Link to comment Share on other sites More sharing options...
Sweetpotato Posted January 11, 2015 Author Share Posted January 11, 2015 Not so bad. Is there anything else that I can do to fix the problems with not being able to open my control panel, turn on my firewall and updates? Link to comment Share on other sites More sharing options...
Juliet Posted January 11, 2015 Share Posted January 11, 2015 Please download Farbar Service Scanner and run it on the computer. Make sure the following options are checked: Internet Services Windows Firewall System Restore Security Center Windows Update Press "Scan". It will create a log (FSS.txt) in the same directory the tool is run. Please copy and paste the log to your reply. Was going to try and have you create a new User profile but, if you can't get into the control panel it wont work. Link to comment Share on other sites More sharing options...
Sweetpotato Posted January 11, 2015 Author Share Posted January 11, 2015 Farbar Service Scanner Version: 21-07-2014 Ran by Ginny (administrator) on 11-01-2015 at 08:11:31 Running from "C:\Users\Ginny\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= MpsSvc Service is not running. Checking service configuration: The start type of MpsSvc service is OK. The ImagePath of MpsSvc service is OK. The ServiceDll of MpsSvc service is OK. Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\dhcpcore.dll => File is digitally signed C:\Windows\System32\drivers\afd.sys => File is digitally signed C:\Windows\System32\drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\mpssvc.dll => File is digitally signed C:\Windows\System32\bfe.dll => File is digitally signed C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed C:\Windows\System32\SDRSVC.dll => File is digitally signed C:\Windows\System32\vssvc.exe => File is digitally signed C:\Windows\System32\wscsvc.dll => File is digitally signed C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed C:\Windows\System32\wuaueng.dll => File is digitally signed C:\Windows\System32\qmgr.dll => File is digitally signed C:\Windows\System32\es.dll => File is digitally signed C:\Windows\System32\cryptsvc.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log **** Link to comment Share on other sites More sharing options...
Juliet Posted January 11, 2015 Share Posted January 11, 2015 Following steps involve registry editing. Please create new restore point before proceeding. How to: XP - http://support.microsoft.com/kb/948247 Vista and Seven - http://www.howtogeek.com/howto/windows-vista/create-a-restore-point-for-windows-vistas-system-restore/ Download Seven.zip file from here: http://www.smartestcomputing.us.com/files/download/9-registry-network-keys/ Unzip the file. You'll find several files inside. Double click on wscsvc.reg file and confirm the prompt. Double click on mpssvc.reg file and confirm the prompt. Double click on bfe.reg file and confirm the prompt. Restart computer. Post new FSS log. ~~~~~~~~~~~` Please download MiniToolBox http://www.bleepingcomputer.com/download/minitoolbox/ save it to your desktop and run it. Checkmark the following check-boxes: List last 10 Event Viewer log List Installed Programs List Devices List Users, Partitions and Memory size. List Minidump Files Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Link to comment Share on other sites More sharing options...
Juliet Posted January 11, 2015 Share Posted January 11, 2015 I want you to run this again, this time Right Click and Run as Administrator all the way through to the last segment. As a last resort let's try this Also please download Windows Repair (all in one) from here Install the program then go to step 4 and create a new system restore point and new registry backup. Go to Step 2 and allow it to run CheckDisk by clicking on Do It button: NEXT On the the Start Repairs tab => Click the Start Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default): Click on box next to the Restart System when Finished. Then click on Start. Link to comment Share on other sites More sharing options...
Sweetpotato Posted January 11, 2015 Author Share Posted January 11, 2015 I did the first step and all went well until I clicked on the bfe.reg. It said all data, was not successfully written to registry. Some keys are open by the system or other processes Should I continue with the second step with the mini toolbox? Link to comment Share on other sites More sharing options...
Juliet Posted January 11, 2015 Share Posted January 11, 2015 (edited) yes, and then please try the Windows AL In One again. then give me an update Edited January 11, 2015 by Juliet Link to comment Share on other sites More sharing options...
Sweetpotato Posted January 11, 2015 Author Share Posted January 11, 2015 Here is the one. MiniToolBox by Farbar Version: 30-11-2014 Ran by Ginny (administrator) on 11-01-2015 at 14:53:09 Running from "C:\Users\Ginny\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal *************************************************************************** ========================= Event log errors: =============================== Application errors: ================== Error: (01/11/2015 02:31:12 PM) (Source: Application Error) (User: ) Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000003cbc8 Faulting process id: 0x1318 Faulting application start time: 0xexplorer.exe0 Faulting application path: explorer.exe1 Faulting module path: explorer.exe2 Report Id: explorer.exe3 Error: (01/11/2015 02:30:54 PM) (Source: Application Error) (User: ) Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000003cbc8 Faulting process id: 0x5c4 Faulting application start time: 0xExplorer.EXE0 Faulting application path: Explorer.EXE1 Faulting module path: Explorer.EXE2 Report Id: Explorer.EXE3 Error: (01/11/2015 02:30:34 PM) (Source: Application Error) (User: ) Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000003cbc8 Faulting process id: 0x8e0 Faulting application start time: 0xExplorer.EXE0 Faulting application path: Explorer.EXE1 Faulting module path: Explorer.EXE2 Report Id: Explorer.EXE3 Error: (01/11/2015 02:30:20 PM) (Source: Application Error) (User: ) Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000003cbc8 Faulting process id: 0x524 Faulting application start time: 0xExplorer.EXE0 Faulting application path: Explorer.EXE1 Faulting module path: Explorer.EXE2 Report Id: Explorer.EXE3 Error: (01/11/2015 09:55:27 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (01/11/2015 09:55:26 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/11/2015 09:31:07 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (01/11/2015 09:31:05 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/10/2015 07:18:14 PM) (Source: Application Error) (User: ) Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000005 Fault offset: 0x000000000003cbc8 Faulting process id: 0x7d8 Faulting application start time: 0xExplorer.EXE0 Faulting application path: Explorer.EXE1 Faulting module path: Explorer.EXE2 Report Id: Explorer.EXE3 Error: (01/10/2015 08:40:54 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. System errors: ============= Error: (01/11/2015 02:51:55 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (01/11/2015 02:41:55 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (01/11/2015 02:31:55 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (01/11/2015 02:21:55 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (01/11/2015 02:11:55 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (01/11/2015 02:01:55 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (01/11/2015 01:51:55 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (01/11/2015 01:41:55 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (01/11/2015 01:31:55 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (01/11/2015 01:21:55 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Microsoft Office Sessions: ========================= Error: (01/11/2015 02:31:12 PM) (Source: Application Error)(User: ) Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000003cbc8131801d02ddd84737434C:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dllc7bb88b2-99d0-11e4-bde5-b8ac6f6cfeb8 Error: (01/11/2015 02:30:54 PM) (Source: Application Error)(User: ) Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000003cbc85c401d02ddd79cefe6fC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllbd68686e-99d0-11e4-bde5-b8ac6f6cfeb8 Error: (01/11/2015 02:30:34 PM) (Source: Application Error)(User: ) Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000003cbc88e001d02ddd718a0560C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllb15a4b3e-99d0-11e4-bde5-b8ac6f6cfeb8 Error: (01/11/2015 02:30:20 PM) (Source: Application Error)(User: ) Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000003cbc852401d02db9281fbb61C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dlla92027c7-99d0-11e4-bde5-b8ac6f6cfeb8 Error: (01/11/2015 09:55:27 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe Error: (01/11/2015 09:55:26 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (01/11/2015 09:31:07 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe Error: (01/11/2015 09:31:05 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (01/10/2015 07:18:14 PM) (Source: Application Error)(User: ) Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000003cbc87d801d02d3abc53689fC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllb66666a5-992f-11e4-abff-b8ac6f6cfeb8 Error: (01/10/2015 08:40:54 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe CodeIntegrity Errors: =================================== Date: 2015-01-05 16:32:35.731 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Gotcha\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-05 16:32:35.669 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Gotcha\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. =========================== Installed Programs ============================ Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit) Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.23 - Atheros Communications Inc.) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd) Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc) Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.) DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.18 - Dell Inc.) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) f.lux (HKCU\...\Flux) (Version: - ) FrostWire 5.7.7 (HKLM-x32\...\FrostWire 5) (Version: 5.7.7.2 - FrostWire LLC) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard) HP Support Solutions Framework (HKLM-x32\...\{D2F04839-0AD0-4F06-A6B5-6DFF05E27B67}) (Version: 11.50.0019 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard) Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2097 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation) Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass) Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd) Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.1 - Dell Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6622 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30098 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.15.0 - Synaptics Incorporated) Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com) WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation) WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy) ========================= Devices: ================================ Name: Klwtp Description: Klwtp Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Klwtp Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ========================= Memory info: =================================== Percentage of memory in use: 43% Total physical RAM: 5940.52 MB Available physical RAM: 3356.12 MB Total Pagefile: 11879.23 MB Available Pagefile: 8849.09 MB Total Virtual: 4095.88 MB Available Virtual: 3983.27 MB ========================= Partitions: ===================================== 1 Drive c: () (Fixed) (Total:465.66 GB) (Free:375.38 GB) NTFS ========================= Users: ======================================== User accounts for \\GINNY-PC Administrator Ginny Guest ========================= Minidump Files ================================== **** End of log **** Link to comment Share on other sites More sharing options...
Sweetpotato Posted January 11, 2015 Author Share Posted January 11, 2015 (edited) Did the windows all in one, still the same. On the first try, it will let me open up the control panel, but when I click on my programs, I get the Windows error message,it shuts down, and then I can't reopen the control panel at all without that error. Also, It says that I have no antivirus on my computer even though avast is running, it says its not Edited January 11, 2015 by Sweetpotato Link to comment Share on other sites More sharing options...
Juliet Posted January 11, 2015 Share Posted January 11, 2015 Let's see if we can run the KIS uninstall tool once more I can see a driver it listed http://support.kaspersky.com/us/common/service#block5 ~~~~~~~~~~~ So far everything points to explorer being bonkers. What I'm listing now is for diagnostics and hopefully answers. ~~~~~~~~~~~~~~~ Please run chkdsk /r Chkdsk /r checks for bad sectors on the hdd and recovers any readable information. Click on the Start orb and type in cmd in the Search programs and files box. When cmd is seen in Programs above the Search box right click on it, then click on Run as administrator. You will see a screen similar to the one below. Type in chkdsk c:/r then press Enter. Please notice the space between the chkdsk and the /r. You will receieve the message "CHKDSK cannot be run because it is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts? <Y/N>". Type in Y and press Enter. Restart your computer to start the scan. This will take a while to run, please be patient and allow it to complete the scan. ~~~~~~~~~~~~~~~~~ SFC /SCANNOW Command - System File Checker running http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html Link to comment Share on other sites More sharing options...
.png.9d4b89b15b2cd5e65edd93a0e6823dce.png)
Recommended Posts