Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

The X5XSEx_Pr143 service failed to start due to the following error: T


  • This topic is locked This topic is locked

#16
TomHalstead

TomHalstead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Oh I forgot to tell you, X5XSEx_Pr143 is not bothering me anymore, and with the Microsoft.NET 4 I'm not sure whether or not that's working or not, I just can't see any items in "Turn on or off Windows programs" that's the problem.
  • 0

Advertisements


#17
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi TomHalstead,

Proceed with the fix and let me know if that's still the case. Or have you already?
  • 0

#18
TomHalstead

TomHalstead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I have already done what you requested.
  • 0

#19
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi TomHalstead,

I have done research on this and apparently the entry it appears as is Microsoft .NET Framework 3.5.1 in Windows Features. I also have an installation of the .NET Framework (version 4.5, actually) and this appears to be my case:

Posted Image

Do you see the same thing? If so, you should be good. If you are unconvinced, I can send you a very simple application that requires the .NET Framework to run in order to verify it is working correctly. Please let me know if you would like this. :)
  • 0

#20
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi TomHalstead,

To test your installation, please download the attached file, unzip it, and run it. If you do not encounter any errors while attempting to do so, you have successfully installed a working copy of the .NET Framework.

Attached File  FrameworkTester.zip   3.81KB   75 downloads

In addition, kindly complete the following steps.

  • Step 1
Run a free 'ESET Online Scan by ESET' by firstly saving the file to your desktop.

  • Double-click esetsmartinstaller_enu.exe. Accept the Terms of Use then click on Start.
  • Ensure the following settings are followed before clicking Start (you may or may not see the software warning at the very bottom):

    Posted Image

  • The virus signature database will begin to download. Wait for the scan to end--it may take several hours.
  • Upon completion, use Notepad to open and save C:\Program Files\ESET\EsetOnlineScanner\log.txt to your desktop.
  • Select Uninstall application on close and click Finish.
  • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the log back here.
  • Step 2
    Download the free version of 'Malwarebytes Anti-Malware by Malwarebytes Corporation' and save it to your desktop.

    • Double-click mbam-setup-*.exe and proceed to installing the program.
    • Accept the License Agreement.
    • At the end, ensure a check mark is both placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
    • In case you don't get a chance to do so, you may also find the log in the program's Logs tab.
  • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the log back here.
  • Step 3
You are now required to uninstall ComboFix as a part of the final clean-up process.

  • Rename ComboFix.exe into Uninstall.exe and double-click to run it.
  • Wait for it to finish. A prompt will pop-up informing you so.
  • Step 4
You currently have the following outdated program(s) installed. I highly recommend that you perform an update. You will find the download link(s) for the new version(s) below.

  • Adobe Reader 10.1.7 -- Update (Please untick Free! McAfee Security Scan Plus before downloading it.)
Uninstall the previous version(s) before installing the updated one(s). If you run into any errors, let me know.
  • Logs to Post
In summary of the above, I will need you to post the following log(s):

  • log.txt (ESET Online Scan)
  • mbam-log-*.txt (Malwarebytes' Anti-Malware)
Please let me know how it goes, as if it works, we'll wrap this up with final reminders and procedures so you will not get re-infected.
  • 0

#21
TomHalstead

TomHalstead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Her is Malwarbytes logs:

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.04.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Owner :: OWNER-PC [administrator]

Protection: Disabled

8/4/2013 4:27:55 PM
mbam-log-2013-08-04 (16-27-55).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214273
Time elapsed: 3 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end

And here is ESET logs:

[email protected] as downloader log:
all ok
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f1c607c1fa5cdb4e84e85ed08fc78df1
# engine=14647
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-08-04 10:21:57
# local_time=2013-08-04 04:21:57 (-0700, Mountain Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 1259943 127198367 0 0
# scanned=261129
# found=11
# cleaned=11
# scan_time=17364
sh=E6CBDE1DBBB05EFF2FAE69047FA613D061676F8E ft=0 fh=0000000000000000 vn="a variant of Java/JShrink.A application (cleaned by deleting - quarantined)" ac=C fn="C:\insidiaXV8cache\JFrame\WorldMap\WorldMap.jar"
sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js"
sh=FE0DA3EB0E67D4B3069F1C53C38FADD29B7A79B8 ft=1 fh=fadc98a27da1e2f7 vn="Win32/InstallCore.CD application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Owner\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe"
sh=11664A975E7C31E25DA3F1CAF7A3FD08433B97E0 ft=1 fh=e6f7bc67c0af21c3 vn="a variant of Win32/InstallCore.T application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Owner\Downloads\ADLSoft_UnCompressor_v2.exe"
sh=365CAC91356CE7C19E8C9BB9CDE636E11C8CF939 ft=1 fh=51b7c83372c2731d vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Owner\Downloads\Driver_Fusion_1.7.0.exe"
sh=CE7E1C44F8B1C2B91E96F7F34374E328DA3B0D53 ft=1 fh=0b49b0e5c5a31b6d vn="Win32/Toolbar.Inbox.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Owner\Downloads\MapsSetup.exe"
sh=D337EE2A70E6F626D2F20A45F319B68BC250C281 ft=1 fh=3184551533f89551 vn="a variant of Win32/Adware.iBryte.G application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Owner\Downloads\Setup (4).exe"
sh=749D0A78AA9511BD429909C43BD381AC2DF38B2F ft=1 fh=200e15aebadc5f02 vn="a variant of Win32/Adware.iBryte.G application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Owner\Downloads\Setup (5).exe"
sh=78EA28DD9756A37066E675514A4ECCC9E04ABEE8 ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.AK trojan (deleted - quarantined)" ac=C fn="C:\Users\Owner\Downloads\SuperOneClickv1.8-ShortFuse.zip"
sh=EAFB46D14E5DD34BF93276D48B054FC80BC6AA2E ft=1 fh=445c5fd447c3f602 vn="a variant of Win32/OpenInstall application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Owner\Downloads\WinZip175.exe"
sh=FE0DA3EB0E67D4B3069F1C53C38FADD29B7A79B8 ft=1 fh=fadc98a27da1e2f7 vn="Win32/InstallCore.CD application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Owner\Downloads\ZipOpenerSetup.exe"



And with the Microsoft.NET thing, Microsoft.NET is working fine, but the whole entire "Turn on or off Microsoft programs" is completely blank there is no options to un-check anything, So the whole entire window is completely blank except for the words at the top.
  • 0

#22
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi TomHalstead,

Thank you for posting the logs. Both are clean except for the files in your Downloads folder (now removed), which are bundled with adware. As for you issue, I see. Let us try the following steps.

  • Step 1
    Press the Windows button and the R button at the same time.

    • Type services.msc and press OK.
    • Locate the following services:

      Desktop Window Manager Session Manager
      Themes
      Windows Modules Installer
  • Right-click on each service and choose Properties. Change the Startup type to Automatic.
  • Press Apply > OK.
  • Close all windows and reboot your system.
  • Step 2
Download http://www.microsoft....aspx?id=20858' class='bbc_url' title='External link' rel='nofollow external'>'System Update Readiness Tool by Microsoft' and save it to your desktop.

  • Ensure all programs and windows are closed before proceeding.
  • Simply double-click the program icon to run it. It will ask for administrator privileges.
  • Follow the on-screen instructions to install the program.
  • The process will take some time to complete--please allow it to finish.
  • Once done, click Close and reboot your computer.
  • Test Windows Features and see whether a list populates.
As usual, let me know how it goes. :)
  • 0

#23
TomHalstead

TomHalstead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
When I try to put them all on Automatic they were all there except Windows Modules Installer, and when I did try to change it to automatic it gave me the error: The delayed auto-start flag could not be set error 87: The Parameter is incorrect. Also nothing happened when I ran that System Update Readiness tool by Microsoft all it said was "Installation Complete"
  • 0

#24
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi TomHalstead,

Just to clarify--when you attempted to run the tool, it just gave you that message immediately? I am safe to assume Windows Features still does not display a list?
  • 0

#25
TomHalstead

TomHalstead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Yeah Windows Features does not show a list still and yeah it gave me that message immediately.
  • 0

Advertisements


#26
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi TomHalstead,

I see. Could you attach C:\Windows\Logs\CBS\CheckSUR.log for me, please? It will let me know what went wrong.
  • 0

#27
TomHalstead

TomHalstead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Hey, sorry it took me so long to reply, I went out of town for a few days. But here is that log for you.


=================================
Checking System Update Readiness.
Binary Version 6.1.7601.21645
Package Version 19.0
2013-08-06 01:20

Checking Windows Servicing Packages

Checking Package Manifests and Catalogs
(f) CBS MUM Corrupt 0x00000000 servicing\Packages\Microsoft-Windows-IE-Hyphenation-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.mum Expected file name Microsoft-Windows-IE-Hyphenation-Parent-Package-English~31bf3856ad364e35~neutral~~10.2.9200.16437.mum does not match the actual file name
(f) CBS MUM Corrupt 0x00000000 servicing\Packages\Microsoft-Windows-IE-Spelling-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.mum Expected file name Microsoft-Windows-IE-Spelling-Parent-Package-English~31bf3856ad364e35~neutral~~10.2.9200.16437.mum does not match the actual file name
(f) CBS Catalog Corrupt 0x800B0100 servicing\Packages\Package_1_for_KB2675157~31bf3856ad364e35~amd64~~9.4.1.0.cat
(f) CBS Catalog Corrupt 0x800B0100 servicing\Packages\Package_2_for_KB2799926~31bf3856ad364e35~amd64~~6.1.1.0.cat
(f) CBS MUM Corrupt 0x800F0900 servicing\Packages\Package_for_KB2656373_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum Line 268: publiGIF89aŕ[÷$

Checking Package Watchlist

Checking Component Watchlist

Checking Packages

Checking Component Store
(f) CSI Manifest Zero Length 0x00000000 winsxs\Manifests\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_9.4.8112.20546_none_cddbb8ff0a399327.manifest x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_9.4.8112.20546_none_cddbb8ff0a399327
(f) CSI Manifest and S256H Do Not Match 0x00000000 winsxs\Manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.manifest x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128
(f) CSI Manifest Failed Catalog Check 0x00000000 winsxs\Manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada
(f) CSI Manifest Failed Catalog Check 0x00000000 winsxs\Manifests\amd64_microsoft-windows-ie-htmlediting_31bf3856ad364e35_9.4.8112.20554_none_bd33558e2f3bc741.manifest amd64_microsoft-windows-ie-htmlediting_31bf3856ad364e35_9.4.8112.20554_none_bd33558e2f3bc741
(f) CSI Manifest Failed Catalog Check 0x00000000 winsxs\Manifests\amd64_microsoft-windows-ie-ieproxy_31bf3856ad364e35_9.4.8112.16448_none_04be84cf1d3e4853.manifest amd64_microsoft-windows-ie-ieproxy_31bf3856ad364e35_9.4.8112.16448_none_04be84cf1d3e4853
(f) CSI Manifest Failed Catalog Check 0x00000000 winsxs\Manifests\wow64_microsoft-windows-ieframe_31bf3856ad364e35_10.2.9200.20681_none_d5fe3bba6c9d7cb7.manifest wow64_microsoft-windows-ieframe_31bf3856ad364e35_10.2.9200.20681_none_d5fe3bba6c9d7cb7
(f) CSI Manifest Failed Catalog Check 0x00000000 winsxs\Manifests\amd64_microsoft-windows-ieframe_31bf3856ad364e35_9.4.8112.20546_none_d9b9a94699ec2253.manifest amd64_microsoft-windows-ieframe_31bf3856ad364e35_9.4.8112.20546_none_d9b9a94699ec2253
(f) CSI Manifest Zero Length 0x00000000 winsxs\Manifests\x86_microsoft-windows-ie-extcompat_31bf3856ad364e35_10.2.9200.20681_none_47983547a85a4657.manifest x86_microsoft-windows-ie-extcompat_31bf3856ad364e35_10.2.9200.20681_none_47983547a85a4657
(f) CSI Manifest Failed Catalog Check 0x00000000 winsxs\Manifests\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20681_none_0cd17cc273935223.manifest x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20681_none_0cd17cc273935223

Summary:
Seconds executed: 814
Found 14 errors
CSI Manifest Zero Length Total count: 2
CSI Manifest and S256H Do Not Match Total count: 1
CSI Manifest Failed Catalog Check Total count: 6
CBS MUM Corrupt Total count: 3
CBS Catalog Corrupt Total count: 2

Unavailable repair files:
winsxs\manifests\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_9.4.8112.20546_none_cddbb8ff0a399327.manifest
winsxs\manifests\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.manifest
winsxs\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest
winsxs\manifests\amd64_microsoft-windows-ie-htmlediting_31bf3856ad364e35_9.4.8112.20554_none_bd33558e2f3bc741.manifest
winsxs\manifests\amd64_microsoft-windows-ie-ieproxy_31bf3856ad364e35_9.4.8112.16448_none_04be84cf1d3e4853.manifest
winsxs\manifests\wow64_microsoft-windows-ieframe_31bf3856ad364e35_10.2.9200.20681_none_d5fe3bba6c9d7cb7.manifest
winsxs\manifests\amd64_microsoft-windows-ieframe_31bf3856ad364e35_9.4.8112.20546_none_d9b9a94699ec2253.manifest
winsxs\manifests\x86_microsoft-windows-ie-extcompat_31bf3856ad364e35_10.2.9200.20681_none_47983547a85a4657.manifest
winsxs\manifests\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20681_none_0cd17cc273935223.manifest
servicing\packages\Microsoft-Windows-IE-Hyphenation-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.mum
servicing\packages\Microsoft-Windows-IE-Spelling-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.mum
servicing\packages\Package_1_for_KB2675157~31bf3856ad364e35~amd64~~9.4.1.0.mum
servicing\packages\Package_2_for_KB2799926~31bf3856ad364e35~amd64~~6.1.1.0.mum
servicing\packages\Package_for_KB2656373_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum
servicing\packages\Microsoft-Windows-IE-Hyphenation-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.cat
servicing\packages\Microsoft-Windows-IE-Spelling-Parent-Package-English~31bf3856ad364e35~~~10.2.9200.16437.cat
servicing\packages\Package_1_for_KB2675157~31bf3856ad364e35~amd64~~9.4.1.0.cat
servicing\packages\Package_2_for_KB2799926~31bf3856ad364e35~amd64~~6.1.1.0.cat
servicing\packages\Package_for_KB2656373_SP1~31bf3856ad364e35~amd64~~6.1.1.0.cat
  • 0

#28
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hi TomHalstead,

No problem. :) That log is saying it was unable to fix some items. Do you happen to still have your Windows disc with you?
  • 0

#29
TomHalstead

TomHalstead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I'll have to check for it in my CD carriers. I'll get back to you asap.
  • 0

#30
TomHalstead

TomHalstead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Once again, sorry it took me so long to reply, I did a lot of looking I even went to my storage to see if it was there but I just could not find it. I appreciate all your help thus far.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP