Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Viruses and PUPs [Closed]


  • This topic is locked This topic is locked

#91
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Good. Now let's do the following again.

 

System File Checker
1. Click your Start Orb in the lower left of your computer and type cmd in the search box.
2. Once the cmd program is found, right-click on it with your mouse and select Run as administrator as shown below.
ElevateCommandPrompt.JPG

3. Answer Yes when asked to allow.
4. You should now have a black window open that you can type in to.
5. Type sfc /scannow and hit enter to start the scan. Please notice the space between sfc and /scannow.
6. Once the scan finishes please zip and attach the C:\Windows\Logs\CBS\CBS.log

Note: If the file is too large to attach here please upload to a service such as SendSpace or OneDrive or Dropbox and then provide the link.


  • 0

Advertisements


#92
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

C:\Windows\system32>sfc /scannow

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

C:\Windows\system32>

Attached Files

  • Attached File  CBS.zip   1.21MB   78 downloads

  • 0

#93
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Excellent. Everything has been repaired. Can you try going to Windows Update now to see if it works?


  • 0

#94
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

Windows Failed to update...

Attached Thumbnails

  • 2015-05-25.JPG

  • 0

#95
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Looks like a couple installed which is good. Please download Windows 7 SP1 from here. Since you have a 64 bit OS, please put a check next to windows6.1-KB976932-X64.exe and download to your desktop.

 

This could take 30 minutes or more to install if successful so plan accordingly. Go ahead and try to install.

 

Let me know how it goes. Thanks.


  • 0

#96
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

Here is what happened when I ran SP1

Attached Thumbnails

  • SP1.JPG

  • 0

#97
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thank you. Would you mind copying your C:\Windows\Logs\CBS\CBS.log file to your desktop and then zip/attach to this post?

 

If it's too big to attach you may upload to SendSpace and just provide the link.


  • 0

#98
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

CBS

Attached Files

  • Attached File  CBS.zip   105.79KB   33 downloads

  • 0

#99
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

It appears that the root cause is the following.
 

Line 8151: 2015-05-27 18:45:01, Error                 CBS    SPI: (CheckForPendingFlag:90)Failed to open component hive at C:\Windows\System32\config\components er=0x0

 
I'd like to get a copy of your hive to check it out. Please do the following when able.
 
Retrieve Components Hive

  • Please download the Freeware RegBak from here: Acelogix Software - Download products
    You will find it at the bottom of the page that the link brings you to.
  • Go ahead and install this program and accept all the defaults. After the last install screen the program should open.
  • Click the New Backup button. Accept the defaults and simply click Start.
  • When it says Finished successfully, click the Close button.
  • This will bring you back to the main screen of the program. You will see one entry in this list with the date that you did it. Right-click on this line-item and select Explore Backup...
  • This will bring you into the folder where the backup was made. You should see a Users folder and a Windows folder along with a couple other files. Double-click on the Windows folder to open it. Then open the System32 folder and then config folder. You should see around 6 files in here, one of which is named COMPONENTS.
  • Copy the COMPONENTS file to your Desktop. If the COMPONENTS file does not exist, please fetch it instead from C:\Windows\System32\config\COMPONENTS.
  • Now right click on the COMPONENTS file that is on your desktop and select Send to > Compressed (zipped) folder.
  • Then please upload the zip file (COMPONENTS.zip) to your favourite file sharing website (it will be too big to upload here). Examples of services to upload to are Dropbox or One Drive or SendSpace and then just provide the link in your reply.
  • You can close any open windows you have as well as the RegBack program now.

  • 0

#100
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

https://www.sendspace.com/file/9wga8e


  • 0

Advertisements


#101
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

That file was empty. Let's check your drive for that file. Please do the following.

 

 File Identification
1. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
2. Copy COMPONENTS and paste it into the Search box of the FRST window.
3. Click the Search Files button.
4. When the search is done it will open a notepad window with the results. Can you copy/paste the contents of this window into your next post?


  • 0

#102
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01
Ran by punjab at 2015-05-28 19:15:34
Running from C:\Users\punjab\Desktop
Boot Mode: Normal

================== Search Files: "COMPONENTS" =============

C:\Windows\System32\config\components
[2009-07-13 22:34][2015-05-28 09:41] 36700160 ____A () 36B519967804B92127A759772EFE26B5

C:\Windows\ERDNT\Hiv-backup\components
[2013-08-13 06:23][2013-08-13 06:23] 36544512 ____A () ACF9A3FFDDFD47220B4D20C2404CB4EF

C:\RegBackup\PUNJAB-PC\5.2.2015_11.59.25-PM\C\Windows\System32\Config\components
[2015-05-02 23:59][2015-05-02 23:59] 36544512 ____N ()

====== End of Search ======


  • 0

#103
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Sorry for the delay.

 

Your COMPONENTS hive is there which is good. Not sure why it was empty when you sent it. Let's try the following instead.

 

Navigate to C:\Windows\System32\Config and then copy your COMPONENTS hive and paste on to your desktop.

 

If you get a message that the file is in-use, simply reboot your machine and then immediately go to this location and try to copy again.

 

Once the file is on your desktop, zip it up and send along. Thank you.


  • 0

#104
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

https://www.sendspace.com/file/0j34h3


  • 0

#105
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

That looks much better. When you go to Windows Updates, are there any updates to install besides Service Pack 1?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP