Jump to content

"Runtime Error (at 92:137): Could not call proc." semi-fixed

Recommended Posts

OKAY.. here we go..


Back story - I posted in the wrong forum.. - after following another case.. identical to mine...


I had already ran.. BEFORE ENCOUNTERING FORUM ADVICE HERE - Combofix and Eusing Registry Cleaner.. normal mode.. Combofix found Wininit.ini and \ssd\ssdp+stub.exe and 9 orphans.. cleaned out.. Eusing 88 issues in registry cleaned

Reboot.. used MBAM Clean - to remove old.. - reboot again..  - Attempted to Re-install.. got "Topic Title Error.. 92:137 message"

Went to Safe Mode - Combofix found 1 infection MSDownload.tmp and 8 more orphans - reboot to regular mode.. still no internet .. still no go.. with MBAM.. and no updates for anything else)


Then I googled MalwareBytes and "Runtime Error (at 92:137):  Could not call proc."

(google led me to the forum.. which was closed/locked.. and resolved.. - so when in ROME do as the Romans DO )


I thought I copied the process.. step by step.. AND DID get GOOD RESULTS



Asus Laptop, Win 7 64bit Home Premium


initially ..


Was Not able to install MBAM

Was not able to run Spybot S&D


Followed the guidance to download and install Adw Cleaner and Zoek.. - did so..


and in the process cleaned up a lot of MESS -- 314 in ADW and handfuls in Zoek


(Missed the step where I am supposed to download and run FRST .. now attached logs)


SO PLEASE KEEP IN MIND.. FRST.TXT and Addition.TXT - were both created.. AFTER ZOEK and Adw Cleaner were run


..but I will include those logs .. along with .. FRST's logs.. MBAM's Logs.. and ComboFix's Logs (which were created before FRST's)







mbam-log-2015-10-18 (15-04-17).xml




Link to post
Share on other sites

  • Root Admin

Hi there. Sorry for the delay.


Can you please run the MBAM CLEAN removal tool 2 times and reboot each time. However, do not reinstall MBAM at this time. I want you  to run the MBAM CHECK tool and post that log before we move on.




Remove MBAM using this method. (run it twice, make sure to deactivate MBAM first though before uninstalling it)


MBAM Clean Removal Process 2x



After you have completed STEP 1 above and have rebooted twice then run this scan and post back the log and we'll proceed from there.


Please create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please do not copy and paste the entire contents of the log into your next post, instead please attach the log CheckResults.txt file which should now be located on your desktop to your next post





Link to post
Share on other sites

  • Root Admin

Please click on START and type in CMD.EXE and when it shows on the menu right click and choose "Run as administrator"

Then type in the following and press the Enter key. It will say the drive is locked


CHKDSK   C:   /R



Chkdsk cannot run because the volume is in use by another
process.  Would you like to schedule this volume to be
checked the next time the system restarts? (Y/N)



Press the Y key and Enter key and then restart the computer to let it run.


On Windows 7 the disk check log is in the Event Logs under Application with a heading source of  Wininit

How to Read the Event Viewer Log for Check Disk (chkdsk) in Vista, Windows 7, and Windows 8

Then find the disk check log in Event Viewer and copy/paste the text results here in your next reply please.




Link to post
Share on other sites

here s the chkdsk c: /r   results..    (I copied and pasted it into wordpad in text format.. but it some how messed up the spacing a bit.. and doubled up some of the lines.. so I put in the hard-returns and took out some of the extra spaces to make it look more like the real chkdsk results..normally viewed on screen)






Link to post
Share on other sites

  • Root Admin

You're missing the DISK CHECK results. From Event Logs you should be able to open the Event. Then click the copy button. Then you can either paste directly back here using CTRL-V on the keyboard or paste it into a NOTEPAD document (not wordpad) and then attach that text file.



Link to post
Share on other sites

Well ..I did the start.. accessories.. RIGHT CLICK (on cmd).. RUN as Administrator.. and even though I traditionally just do a CHKDSK /R  I followed your instructions to a "T" and did .. CHKDSK C: /R ... then..  followed the link.. to the HOW TO... view/search..event viewer.. etc.. and.. that said.. oddly I did a "FIND" on.. CHKDSK.(I used lower case as nobody indicated it was case sensitive).. .. and it found nothing.. however..it did did come to rest on.. this entry..showing the wininit..  (in the Type?) column.. and when I clicked on it....and previewed the contents.. it looked like the results of the chkdsk.. hence.. why I cut and pasted it..into .. the CHECK Results.txt file above.

Link to post
Share on other sites

  • Root Admin

Well the entry above is the log for MBAM CHECK not the Disk Check.


mbam-check result log version:

User Account type:                 Administrator
OS:                                Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System
Current Version and Build:         6.1.7601.0
mbam-check result log version:

Date Log Created: 10/22/15
Time Log Created: 07:53:35

Compatibility Flag Settings:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    SIGN.IE=05F1000 BrotherSoftExtreme_CT2776682.exeREG_SZ        WINXPSP2
    C:\T2G-ProtectionSuite\Spybot - Search & Destroy 2\SDWelcome.exeREG_SZ        RUNASADMIN
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

Malwarebytes Anti-Malware Shell Extension Block Check:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:

MBAM Startup Entries:

Malwarebytes Anti-Malware Service and Driver Status:

--------------Driver File Info:--------------

Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector
WIN32_EXIT_CODE:        N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A

Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMService
WIN32_EXIT_CODE:        N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A

Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler
WIN32_EXIT_CODE:        N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A

Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A

Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MbamWebAccessControl
WIN32_EXIT_CODE:        N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A

Required Dependencies:

Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
CHECKPOINT:             0
WAIT_HINT:              0

    DisplayName                   REG_SZ        @%SystemRoot%\system32\bfe.dll,-1001
    Group                         REG_SZ        NetworkProvider
    ImagePath                     REG_EXPAND_SZ    %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
    Description                   REG_SZ        @%SystemRoot%\system32\bfe.dll,-1002
    ObjectName                    REG_SZ        NT AUTHORITY\LocalService
    ErrorControl                  REG_DWORD        1
    Start                         REG_DWORD        2
    Type                          REG_DWORD        32
    DependOnService               REG_MULTI_SZ    RpcSs

    ServiceSidType                REG_DWORD        3
    RequiredPrivileges            REG_MULTI_SZ    SeAuditPrivilege

    FailureActions                REG_BINARY    Binary Data

    ServiceDll                    REG_EXPAND_SZ    %SystemRoot%\System32\bfe.dll
    ServiceDllUnloadOnStop        REG_DWORD        1
    ServiceMain                   REG_SZ        BfeServiceMain
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY    Binary Data

    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY    Binary Data

    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY    Binary Data

    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY    Binary Data

    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY    Binary Data

    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY    Binary Data

    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY    Binary Data

    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY    Binary Data

    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY    Binary Data

    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY    Binary Data

    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY    Binary Data

    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY    Binary Data

    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY    Binary Data

    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY    Binary Data

    {b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY    Binary Data

    {d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY    Binary Data

    {8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY    Binary Data

    {4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY    Binary Data

    {3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY    Binary Data

    {17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY    Binary Data

    {567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY    Binary Data

    {4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY    Binary Data

    {3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY    Binary Data

    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY    Binary Data

    {f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY    Binary Data

    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY    Binary Data

    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY    Binary Data

    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY    Binary Data

    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY    Binary Data

    {4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY    Binary Data

    {be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY    Binary Data

    {716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY    Binary Data

    {1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY    Binary Data

    {07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY    Binary Data

    {5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY    Binary Data

    {b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY    Binary Data

    {0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY    Binary Data

    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY    Binary Data

    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY    Binary Data

    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY    Binary Data

    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY    Binary Data

    {91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY    Binary Data

    {64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY    Binary Data

    {13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY    Binary Data

    {cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY    Binary Data

    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY    Binary Data

    {375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY    Binary Data

    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY    Binary Data

    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY    Binary Data

    {b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY    Binary Data

    {3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY    Binary Data

    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY    Binary Data

    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY    Binary Data

    {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY    Binary Data

    {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY    Binary Data

    {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY    Binary Data

    {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY    Binary Data

    {38b977e7-40a1-446a-bd7f-6ab5980c5d16}REG_BINARY    Binary Data

    {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY    Binary Data

    {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY    Binary Data

    {b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY    Binary Data

    {9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY    Binary Data

    {9367171b-3264-4f09-a0e8-81b38c162f17}REG_BINARY    Binary Data

Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
CHECKPOINT:             0
WAIT_HINT:              0

    AttachWhenLoaded              REG_DWORD        1
    DisplayName                   REG_SZ        @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
    Group                         REG_SZ        FSFilter Infrastructure
    ImagePath                     REG_EXPAND_SZ    system32\drivers\fltmgr.sys
    Description                   REG_SZ        @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
    ErrorControl                  REG_DWORD        3
    Start                         REG_DWORD        0
    Tag                           REG_DWORD        1
    Type                          REG_DWORD        2
    0                             REG_SZ        Root\LEGACY_FLTMGR\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1

File Size: 289664    BYTES    FileVersion: 6.1.7601.17514    MD5: [da6b67270fd9db3697b20fce94950741]
File Size: 1066176   BYTES    FileVersion:    MD5: [714cf24fc19a20ae0dc701b48ded2cf6]
File Size: 90112     BYTES    FileVersion: 6.1.7601.17514    MD5: [703ffd301ab900b047337c5d40fd6f96]

MBAM Registry Settings and License Info:

Scheduler Queue:

Pending File Rename Operations:
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

MBAMProtector Registry Values:

MBAMService Registry Values:

MBAMScheduler Registry Values:

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
CHECKPOINT:             0
WAIT_HINT:              0

TermService Start is set to: 3 (Manual Startup)

Proxy Status: No proxy is Set

LAN Settings:

only 'Automatically detect settings' is selected


    SystemPartition    REG_SZ        \Device\HarddiskVolume2

Balloon Tips Status:


Time Format Settings:

Should be:
        h:mm:ss tt

REG_SZ        h:mm:ss tt
REG_SZ        AM
REG_SZ        PM
REG_SZ        :

Language and Regional Settings:

ACP:     Language is English (United States)
MACCP:     Language is English (United States)
OEMCP:     Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:

All Users Startup Folder Exists.
Current User's Startup Folder Exists.

MBAM DLL's and Runtime Files:

MBAM Registry Settings and License Info (part 2):

Context Menu Entries:

List of MBAM Related Directories:


Link to post
Share on other sites

  • Root Admin

Okay it did find and correct some issues in the MFT and no indications of a failing drive so that's good.



Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.



Then restart the computer and download a new installer for MBAM and install it and let me know if you still get the same error or not.




I'll be out most of the day tomorrow so may not be able to check back until Monday





Link to post
Share on other sites

Ran the Oldtimer's Temp File Cleaner.. - found about 1.00 megs of files to delete.. - It said not to interrupt.. only took a few minutes.. - hit exit.. at the end..


installed MBAM install was flawless..  - right clicked run as admin  (as well)


Update access server - unavailable  - or something to that degree.. clicked update to make sure.. - same


SWAPPED NET CABLES.. just to be sure.. - same..


Went ahead and ran it anyways.. definitions/signatures.. database dated 9/22/2015  just in case it finds anything..  - will keep you posted..

Link to post
Share on other sites

Okay .. MBAM scan completed - 6 found.. 5 in Comodo's Quarantine.. - but an interesting one.. called SIAXI.DAT sitting in c:\windows\system32\lah\fhh


categorized as.. "PUP.Optional.HijackHosts.GEN  ...raised my eyebrow..


And the computer NEEDED to be RESTARTED..


upon restart.. - launched MBAM (administratively).. - Unable to Access Update Server   :(

Link to post
Share on other sites

  • Root Admin

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.

Link to post
Share on other sites

  • Root Admin

Strange in that it says your DHCP networking is not working yet I assume you're sending and posting here using this same computer.


Please restart the computer and then run the following for me. Make sure your antivirus is disabled when you run it. Delete your current copy and download a new fresh copy to run.


Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


Link to post
Share on other sites

not a combo fix expert.. - did go into .. comodo.. shut off Anti-virus for 30 mins.. Firewall for 30 mins.. Sandbox for 30 mins.. HIPS was already disabled.. and shut.. Viruscope down for 30 mins.. - right click EXITED on spybot (on systray next to clock to shut it down) .. yet.. 2 mins later.. Combofix pops up to say.. "SHUT THESE PROGRAMS OFF.. Comodo AV and.. Spybot Search and Destroy.. " ..... assuming it was just a slow..to shut down background processes or services..?


............I went ahead with the scan..


all seemed to be okay.. created a restore point.. and off it went.. to scan.. all seemed pretty normal..


quicky analysis.. shows 5 orphans.. but nothing under deletions.. the rests is.. mumbo-jumbo to me..


hope this is helpful.. to you ..


AS for.. am I using the same computer to send.. these reports.. NO..


IM ON THE SAME NETWORK..with a secondary computer..


the ORIGINAL PROBLEM.. was.. MBAM would not  update..so I uninstalled the old version ..thinking it was corrupted  or infected.. upon reboot and attempted re-install of newer version.. it too would not INSTALL :( but after trying to browse.. and not being able to get to the net...with 404 page cannot be displayed error messages.. this is when I first sought your forum and help.. (and jumped the gun..following somebody elses POST with identical problem.. and error message)


only I missed a step.. didn't do FRST first.. - went right into ADWCleaner and Zoek.. - which...upon reboot.. . did allow me to INSTALL new copy.. - but still would not let me update.. .  (have since uninstalled that version.. as per your instruction.. using mbam clean twice with reboots in between cleaning cycles)


and even issuing the NETSH interface ip reset resetlog.txt command.. that didn't sufficiently rebuild/restore  the tcp/ip stack..


..or clear the dns.. or whatever is blocking me from getting to the web


(and yes..i have switched cables.. and even reset router.. connections from it.. WORK with my other computer.. )


so I leave it in your hands..


Link to post
Share on other sites

  • Root Admin

Okay, that makes more sense now. The logs do indicate that the computer cannot access the Internet but you were posting so I was confused. Please run a new FRST scan and place a check mark in the Additions.txt check box and post back both new logs. We'll look deeper and see if we can get the network stack working again.



Link to post
Share on other sites

  • Root Admin

Sorry for the delay but glad you replied as I lost track of your post.


Let's start by getting rid of all these antivirus products. Should only have one and it looks like you have a big mix of them or at least pieces of them possibly from previous installs.


Temporarily uninstall ALL of them except MSE.


AV: Trend Micro Titanium Internet Security (Disabled - Out of date) {68F968AC-2AA0-091D-848C-803E83E35902}
AV: Microsoft Security Essentials (Disabled - Up to date) {3F839487-C7A2-C958-E30C-E2825BA31FB5}
AV: COMODO Antivirus (Enabled - Out of date) {F25D0092-CDBE-B303-ADB7-88DE8CDECCF5}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Trend Micro Titanium Internet Security (Disabled - Out of date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Disabled - Up to date) {84E27563-E198-C6D6-D9BC-D9F020245508}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}


Uninstall ALL versions of Java as well.


Reset your hosts file back to defaults for now (let me know if you need help on how to do that)


Reset you MSCONFIG back to NORMAL

Please read the following article concerning the use of MSCONFIG
Msconfig Is Not A Startup Manager


Reset your web browsers

Please visit each of the following sites and lets reset all of your browsers back to defaults to prevent unexpected issues.
If you are not using one of the browsers but it is installed then you may want to consider uninstalling it as older versions of some software can pose an increase in the potential for an infection to get in.

Internet Explorer
How to reset Internet Explorer settings

Click on Help / Troubleshooting Information then click on the Reset Firefox button.

Start by disabling Sync
How To Delete Your Google Chrome Browser Sync Data
Chrome - Reset browser settings
If that fails then Uninstall Google Chrome and do not reinstall until sure the system is clean.



Then reboot twice and run a new set of logs from FRST for me.





Link to post
Share on other sites

okay.. thanx for getting back to me.. SORRY FOR THE DELAY.. lots going on in my life ..here too..


followed your wish list.. did the best I could..


removed.. Comodo


removed trend micro


removed spybot


attempted to remove.. MSE - but not in the add/remove list in programs and features


ALSO could not find.. Windows Defender in the programs / features.. add/remove list..


uninstalled google / chromodium


reset internet explorer defaults..


found  c:\windows\system32\drivers\etc\host   . .removed all the "inputs" from Spybot.. and saved it back down..   (only one entry at the top.. left. )




on boot up.. got the following message.. in a dialog box entitled..


Microsoft Security Client


( x ) an error has occurred in the program during initialization.  If this problem continues, please contact your system administrator.

Error Code:  0x80070002


I am assuming and I mayyyyyyyy be completely wrong.. that there may be some MSE residual in.. Registry ?? (either a Run.. or Run-Once type command?) .. or a remnant in MSConfig that is pointing to launch the Microsoft Security Essential.. and of course..its not there.. so its like a dead / orphaned link..?


OR.. if it is a "service" that normally checks to see.. if windows firewall is on.. or off.. or if.. a 3rd party firewall / anti-virus is in place.. - its pulling up..nothing.. ??  just my thoughts.. theories.. but that's why you are the PRO's ;)


not sure if there is a dedicated "REMOVAL" tool.. for MSE ..or not..?


also..not sure what program you would recommend.. for.. removing remnants of programs that may not have uninstalled correctly.. those that may still appear in add/remove programs list..but aren't in the system.. and  those that  ..don't appear in add/remove programs list.. but ..still have indicators in registry, start-up / msconfig.. or icons on the screen?


I have used Eusing Registry cleaner up until this point..but ..still not 100%  effective.. with respect to all the "orphans..  / widows" . .mentioned in the above paragraph..

.... Autoruns.. maybe useful too.. but .. very little documentation on how to run it.. and I find it sometimes flags things that are perfectly legitimate .. or needed.. or in use by other processes.. and wouldn't want to rely on its coding.. blindly..


Rebooted twice .. as per your request..


Ran.. FRST.. and since you had .. "logs".. plural..?.. I added the checkmark to .. "Additions"


here they both are..








Link to post
Share on other sites

  • Root Admin

We have a list of uninstaller tools for some applications listed here. Please give those a try as warranted.


As for Registry Cleaners those are snake oil. Please have a read.
Do I need a Windows Registry Cleaner?

Please uninstall Bonjour from the system. We can reinstall of fix it later.

The log says that you don't have an Ethernet cable connected. Are you only trying to access via wireless ?


Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.


Link to post
Share on other sites

...just got this now.. will reply again AFTER... I run the "FIX"...


to answer your questions.. yes.. I had unplugged the Ethernet cable.. as IT was not working .. wired.. (switched cords a week back just to make sure it wasn't a cabling issue.. and yes.. tried it in a different port on the router.. ) and yes.. ..the wireless was not working..either..  everything I've downloaded to pc.. was done..via usb memory stick.. and all reports.. results.. I've posted here.. have been copied back to mem stick and uploaded from my secondary pc..which is surfing the web just fine off the same router.. wired


Will now go . .remove bonjour.. upload fix.. and follow those instructions..

Link to post
Share on other sites

ok - removed the bonjour / Apple service.. not worried..


copied the FIX onto the desktop where the FRST was run from..


opened FRST - clicked on the FIX button..


watched a whole whack of commands - fly past..


asked for a reboot..


copied the fix log .. here.. as an attachment..


(jumped into c:\program files \ accessories.. - right clicked on ms command prompt run as administrator)


did an ipconfig /all


with network cable plugged back in .. - getting.. ip addy of (Preferred)

...............................................................gateway addy :                                        <-- yep.. :(  blank

..............................................................D.N.S. addy :    WHICH IS CORRECT :)


..but of course...  ping worked

ping of (also the gateway's addy.. ) .. transmit failed (*4)


so here is the fix log


Forgot to mention.. on reboot.. :o   still had that Microsoft Security Client failure.. even though the log says the Fix.. successfully removed it.. ?


Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.