Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Viruses and PUPs [Closed]


  • This topic is locked This topic is locked

#121
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

When i try to stop the process, this is what i get...

Attached Thumbnails

  • Adm.JPG

  • 0

Advertisements


#122
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

I would say to reboot your computer, download a new copy of ProcMon.exe and try again.


  • 0

#123
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

After you have performed the previous step, please do the following. If you try the previous step and still get the "Requires Administrators Group Membership" error, please still do the following step.

 

Attempt to Uninstall Package
1. Click your Start button and type cmd in the Search box.
2. Right-click on cmd.exe that shows up in the search results and choose Run as administrator. Allow if prompted.
3. You will now be at a black command-prompt screen.
4. Copy/Paste the following into the command-prompt window and hit enter. Note: To paste, right-click in the command-prompt window and choose paste.
dism /online /remove-package /packagename:Package_for_KB976932~31bf3856ad364e35~amd64~~6.1.1.17514

5. Let me know the results of this command.


  • 0

#124
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

before I do that last step here are the logs you requested.  Let me know if you still want me to do the last step.

 

https://www.sendspace.com/file/2m8koj

Attached Files

  • Attached File  CBS.zip   558.47KB   77 downloads

  • 0

#125
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Please do!


  • 0

#126
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

Microsoft Windows [Version 6.1.7600]
Copyright © 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>dism /online /remove-package /packagename:Package_for_KB9769
32~31bf3856ad364e35~amd64~~6.1.1.17514

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Image Version: 6.1.7600.16385

Processing 1 of 1 -
An error occurred - Package_for_KB976932 Error: 0x800f0905

Error: 0x800f0905

DISM failed. No operation was performed.
For more information, review the log file.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32>


  • 0

#127
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

I was able to read both your log files this time so thank you. If we look at the error from your CBS log

 

2015-06-09 19:51:25, Error                 CBS    SPI: (SPIRegQueryDWORDValue:413)Failed to query registry value: ComponentsRemoved er=0x2

 

 

And then see exactly where it's looking for this from your Procmon log we see it is within the Component Based Servicing key. This along with all the other ones I researched tell me that SP1 is partially installed and the installer is now looking for pieces of that install.

 

Capture.JPG

 

 

So I think the uninstall is our best bet....actually I see you just posted that and it didn't work. At this point, I believe a repair install is your only option and I can walk you through this process. It would be great to have your machine updated to SP1 with all updates and since we fixed those nasty corruptions I think the chances are much higher that it will succeed. I know you said that you didn't have a Windows 7 x64 DVD. Do you happen to have any friends or co-workers that may have one that you can borrow to do the repair? You want to make sure it is a Windows 7 x64 DVD (without SP1).

 

Please let me know. Thanks.


  • 0

#128
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

Checked with friends family and co-workers and no one has a Win 7 x64-bit disc.

What do we do now?


  • 0

#129
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Throw the hail mary pass. Let's try the following. Let me know when it is complete.

 

Step#1 - Run Windows Repairs
1.  Download Windows Repair (All-in-One) Portable to your desktop.
2.  Once the file is downloaded, right-click on the file on your desktop and choose Extract All...
Extract.JPG
3.  Keep the defaults and click the Extract button.
4.  A folder named tweaking.com_windows_repair_aio will be extracted to the desktop. Once the extraction is complete the folder will open.
5.  Inside this folder, there is a folder named Tweaking.com - Windows Repair. Open this folder as well.
Capture.JPG
 
 
6. Double-click on Repair_Windows.exe to open.
7. When the program opens, click the Repairs tab and click the Open Repairs button.
8. A backup of your registry will be made. After a few moments you will have many options from which you can choose.
9. Keep all the defaults that are checked. Don't change anything.
10. Ensure the Restart check box is selected and click the Start Repairs button in the lower right of the screen. This may take some time to run so be patient.
StartRepairsWithReboot.JPG
11. Once the fixes are complete you will be prompted to restart your machine. Answer Yes.


  • 0

#130
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

Ok, done.  Whats next?


  • 0

Advertisements


#131
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Please try the following again.

 

Attempt to Uninstall Package
1. Click your Start button and type cmd in the Search box.
2. Right-click on cmd.exe that shows up in the search results and choose Run as administrator. Allow if prompted.
3. You will now be at a black command-prompt screen.
4. Copy/Paste the following into the command-prompt window and hit enter. Note: To paste, right-click in the command-prompt window and choose paste.
dism /online /remove-package /packagename:Package_for_KB976932~31bf3856ad364e35~amd64~~6.1.1.17514

5. Let me know the results of this command.


  • 0

#132
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

Microsoft Windows [Version 6.1.7600]
Copyright © 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>dism /online /remove-package /packagename:Package_for_KB9769
32~31bf3856ad364e35~amd64~~6.1.1.17514

Deployment Image Servicing and Management tool
Version: 6.1.7600.16385

Image Version: 6.1.7600.16385

Processing 1 of 1 -
An error occurred - Package_for_KB976932 Error: 0x800f0905

Error: 0x800f0905

DISM failed. No operation was performed.
For more information, review the log file.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32>


  • 0

#133
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

Since its the same result i'm thinking there are no more options.


  • 0

#134
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

It's unlikely that it will work but you can try updating to SP1 through Windows Update again. Don't use the downloaded file this time.

 

If it doesn't work then at this point here are your options.

1. Acquire replacement media for your machine. If it's an OEM machine such as Dell, HP, IBM, etc. you can contact them and get a replacement for a nominal fee. You may be able to do a repair but if it doesn't work at least you will be able to do a clean install with the media.

 

2. Acquire a retail (not OEM) copy of Windows 7 x64. It will likely be a little more expensive than the OEM route but you can use this to repair your machine. In the chance that it doesn't repair you can also use this for a clean install.

 

3. Leave it as is and we'll have Zep516 who started this thread assist you will cleaning up our tools and provide you some advice for staying protected online.

 

Let me know how the SP1 attempt goes and how you would like to proceed.

 

Thank you.

 

 


  • 0

#135
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 258 posts

How did this get to be this bad?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP