Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unable to download new programs or updates


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Go into Control Panel, Windows Updates and see if you can get any updates. 


  • 0

Advertisements


#17
Susanking96

Susanking96

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

It is showing that it's trying to download 45 updates, but it is showing 0% progress as it tries, and has been like that for several minutes.


  • 0

#18
Susanking96

Susanking96

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Nevermind that last reply... it's at 38% now...


  • 0

#19
Susanking96

Susanking96

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

43 updates installed.

1 failed.

1 not needed.


  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 7 Update 11
Java 7 Update 67 (64-bit)

Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it.  Do not let it install the yahoo toolbar or other foistware.

(If you also want the 64 bit version then use the 64 bit version of IE to get it.)

 

 

Make sure the date and time on your clock are correct.

 

Run VEW again as before and post both logs.

 

 


  • 0

#21
Susanking96

Susanking96

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 16/09/2015 11:19:44 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/09/2015 5:14:15 AM
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The NVIDIA Update Service Daemon service hung on starting.

Log: 'System' Date/Time: 16/09/2015 5:00:25 AM
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.

Log: 'System' Date/Time: 16/09/2015 4:38:29 AM
Type: Error Category: 1
Event: 20 Source: Microsoft-Windows-WindowsUpdateClient
Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.

Log: 'System' Date/Time: 16/09/2015 12:26:06 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 70.

Log: 'System' Date/Time: 16/09/2015 12:26:06 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 40.

Log: 'System' Date/Time: 16/09/2015 12:26:06 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 70.

Log: 'System' Date/Time: 16/09/2015 12:26:06 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 70.

Log: 'System' Date/Time: 16/09/2015 12:26:06 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 70.

Log: 'System' Date/Time: 16/09/2015 12:25:56 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 40.

Log: 'System' Date/Time: 16/09/2015 12:25:56 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 40.

Log: 'System' Date/Time: 16/09/2015 12:25:56 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 70.

Log: 'System' Date/Time: 16/09/2015 12:25:56 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 70.

Log: 'System' Date/Time: 16/09/2015 12:25:56 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 70.

Log: 'System' Date/Time: 16/09/2015 12:25:55 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 70.

Log: 'System' Date/Time: 16/09/2015 12:25:55 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 70.

Log: 'System' Date/Time: 16/09/2015 12:25:55 AM
Type: Error Category: 0
Event: 36887 Source: Schannel
The following fatal alert was received: 70.

Log: 'System' Date/Time: 15/09/2015 2:45:14 AM
Type: Error Category: 0
Event: 7030 Source: Service Control Manager
The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Log: 'System' Date/Time: 15/09/2015 12:53:01 AM
Type: Error Category: 0
Event: 7030 Source: Service Control Manager
The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Log: 'System' Date/Time: 15/09/2015 12:27:12 AM
Type: Error Category: 0
Event: 7030 Source: Service Control Manager
The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Log: 'System' Date/Time: 14/09/2015 11:13:47 PM
Type: Error Category: 0
Event: 7030 Source: Service Control Manager
The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/09/2015 5:07:31 AM
Type: Warning Category: 0
Event: 7039 Source: Service Control Manager
A service process other than the one launched by the Service Control Manager connected when starting the Microsoft .NET Framework NGEN v4.0.30319_X64 service.  The Service Control Manager launched process 2748 and process 2368 connected instead.    Note that if this service is configured to start under a debugger, this behavior is expected.

Log: 'System' Date/Time: 16/09/2015 5:05:04 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 16/09/2015 5:01:22 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/09/2015 5:01:21 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 16/09/2015 4:56:35 AM
Type: Warning Category: 0
Event: 1073 Source: USER32
The attempt by user Susan-PCLT\Susan to restart/shutdown computer SUSAN-PCLT failed

Log: 'System' Date/Time: 15/09/2015 11:17:17 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 15/09/2015 12:33:53 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 15/09/2015 12:33:53 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 15/09/2015 1:57:30 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 15/09/2015 1:54:32 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 15/09/2015 1:54:32 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\bcmihvsrv64.dll

Log: 'System' Date/Time: 14/09/2015 11:05:02 PM
Type: Warning Category: 0
Event: 130 Source: Ntfs
The file system structure on volume C: has now been repaired.

Log: 'System' Date/Time: 14/09/2015 8:42:27 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 14/09/2015 4:14:19 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 14/09/2015 4:11:24 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 14/09/2015 4:11:24 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\bcmihvsrv64.dll

 

 

 

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 16/09/2015 11:20:41 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/09/2015 5:20:58 AM
Type: Error Category: 0
Event: 1002 Source: MsiInstaller
Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'

Log: 'Application' Date/Time: 16/09/2015 5:07:15 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 15/09/2015 11:28:49 PM
Type: Error Category: 0
Event: 1002 Source: MsiInstaller
Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'

Log: 'Application' Date/Time: 15/09/2015 11:19:05 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 15/09/2015 2:09:16 AM
Type: Error Category: 0
Event: 1002 Source: MsiInstaller
Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'

Log: 'Application' Date/Time: 15/09/2015 1:59:23 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 14/09/2015 8:54:15 PM
Type: Error Category: 0
Event: 1002 Source: MsiInstaller
Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'

Log: 'Application' Date/Time: 14/09/2015 8:44:20 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 14/09/2015 4:29:56 PM
Type: Error Category: 0
Event: 1002 Source: MsiInstaller
Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'

Log: 'Application' Date/Time: 14/09/2015 4:15:24 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/09/2015 4:58:06 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   15 user registry handles leaked from \Registry\User\S-1-5-21-774334311-1544358969-1951404087-1002:
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Policies\Microsoft\SystemCertificates
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Policies\Microsoft\SystemCertificates
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Policies\Microsoft\SystemCertificates
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Policies\Microsoft\SystemCertificates
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\Root
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\My
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\CA
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\Disallowed
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\trust
Process 4024 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\TrustedPeople

Log: 'Application' Date/Time: 16/09/2015 4:28:53 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\SysPart\Default\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe' (pid 4472) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:53 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe' (pid 4704) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:53 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe' (pid 3384) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:53 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe' (pid 2960) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:53 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\WindowsMobile\wmdc.exe' (pid 2608) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:53 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Lenovo\Energy Management\utility.exe' (pid 2532) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:53 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe' (pid 2440) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:53 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Elantech\ETDCtrl.exe' (pid 2324) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:53 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Internet Explorer\iexplore.exe' (pid 2280) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:52 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Internet Explorer\iexplore.exe' (pid 1552) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:52 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\explorer.exe' (pid 1980) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:52 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe' (pid 4220) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2015 4:28:52 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\iTunes\iTunesHelper.exe' (pid 3500) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 15/09/2015 2:00:30 AM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-RPC-Events
Possible Memory Leak.  Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 320) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)].  [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked.  The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20).  User Action: Contact your application vendor for an updated version of the application.

Log: 'Application' Date/Time: 14/09/2015 8:38:11 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   15 user registry handles leaked from \Registry\User\S-1-5-21-774334311-1544358969-1951404087-1002:
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Policies\Microsoft\SystemCertificates
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Policies\Microsoft\SystemCertificates
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Policies\Microsoft\SystemCertificates
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Policies\Microsoft\SystemCertificates
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\Root
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\My
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\CA
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\Disallowed
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\trust
Process 4248 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\TrustedPeople

Log: 'Application' Date/Time: 14/09/2015 4:11:20 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   12 user registry handles leaked from \Registry\User\S-1-5-21-774334311-1544358969-1951404087-1002:
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Policies\Microsoft\SystemCertificates
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Policies\Microsoft\SystemCertificates
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Policies\Microsoft\SystemCertificates
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\Root
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\My
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\CA
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\Disallowed
Process 3792 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-774334311-1544358969-1951404087-1002\Software\Microsoft\SystemCertificates\trust

 


  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Run the Windows Readiness tool

 

http://www.microsoft...s.aspx?id=20858

 

Probably best to use IE to get it.

 

Is your date and time correct? 


  • 0

#23
Susanking96

Susanking96

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Yes. Date and time are correct on my machine.


  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

See if this applies:

 

https://support.soft...ssure/kb/141591

 

Also make sure dcomlaunch is running:

 

Start, (All) Programs, Accessories then right click on Command Prompt and select Run As Admin.

Type with an Enter after each line:

net  start  dcomlaunch

(We want it to say
"The requested service has already been started

More help is available by typing NET HELPMSG 2182"

 

Does it?


  • 0

#25
Susanking96

Susanking96

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

I was unable to download the Readiness Tool. I would click download and no option to run or save would appear, although it would take me to the next page thanking me for downloading it.

 

dcomlaunch is running

 

Also, I could not figure out if the Schannel Event information applies to me or not...  I couldn't locate TLS or the group policy editor.


  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Open IE and then Tools (Gear), Internet Options, Advanced then hit the Reset.  That should reset IE to the default values.  Restart IE then see if it will let you Save or Run the 

.

 

You can also try getting the System Update Readiness Tool for Windows 7 for x64-based Systems using another browser.  I would Save it and then run it by right clicking and Run As Admin.

 

Are you able to go to any https sites?  Gmail or Facebook are both https sites if you are logged in.


  • 0

#27
Susanking96

Susanking96

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

I have no other browsers at the moment, though I have tried to download both Chrome and Firefox in the past year, I was unable to because of whatever has been affecting my computer. I would like to add one of them... which of the two would you suggest?

 

I am able to go to https sites. I am on Facebook regularly.


  • 0

#28
Susanking96

Susanking96

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

I just reset IE to default options and am still unable to download the Readiness Tool... does the same thing as before... no option to run or save and takes me to the page that says thank you for downloading.


  • 0

#29
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

See if you can get either browser.  If that still won't work we can try to get Opera via FTP as follows:

 

Start, All Programs, Accessories then Command Prompt.  (Win 7 and Vista must Right click on Command Prompt and Run As Admin.)
Text in boxes with extra spaces so you can see where one space goes is what you type with an Enter after each line.  Regular text is the expected response. Text in parentheses are my comments.


 

ftp  ftp.opera.com



Connected to get2.opera.com.
220 (vsFTPd 2.0.7)
User (get2.opera.com:(none)):

 

anonymous



331 Please specify the password.
Password:

 

any



230 Login successful.

ftp>
 

cd  pub/opera/win/1151/us



250 Directory successfully changed.

ftp>

 

 ls



(That's actually L S  Here you may get a windows prompt that it has blocked the program.  Tell it to unblock)
Opera_1151_int_Setup.exe

ftp>
 

binary



200 Switching to Binary mode.

ftp>
 

get  Opera_1151_int_Setup.exe



200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for Opera_1151_int_Setup.exe (10307952 b
ytes).

(It will take it some time to download the file.  There is no indication that anything is happening but if you go to Task Manager and look at the network traffic you will see that it is working.)

150 Opening BINARY mode data connection for Opera_1151_int_Setup.exe (10307952 b
ytes).
226 Transfer complete.
ftp: 10307952 bytes received in 44.73Seconds 230.44Kbytes/sec.

ftp>
 

 bye




Now is the tricky part.  Have to find where it got stored.  Do a search of the C:\ for Opera and it should show up.  
Usually it stores the file in C:\users\YourLoginName\ (Win 7 or Vista) or in XP at C:\Documents and Settings\YourLoginName\
Right click on it and Open File Location then run the file in XP by doubleclicking.  (Win 7 or Vista => right click on the the file and Run As Administrator).  It installs very quickly.  See if it will go anywhere like to att.com and whether it will let you download one of the other browsers or the readiness tool.


If ftp fails then we have other problems and will have to try something else.
 


  • 0

#30
Susanking96

Susanking96

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

So I was able to download and install Chrome (success!!) and was also able to download the Readiness Tool, but upon installation it got to what looks like about 95% completion on the progress bar and seems to have stalled... the message in the installation status box states:

 

Initializing installation... done!
Installing Hotfix for Windows (KB947821) (update 1 of 1)...

 

Do you think it has stalled or is it just taking a long time to complete?

 

P.S. When using Chrome to look at this thread there was no reply box available and I had to start up IE again to be able to post this response. I guess using Chrome will take some getting used to.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP