IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
I have been running into this problem for about a week, but the computer seems to be running fine otherwise. The Net Framework 3.5 & 4.8 21Hi x64 #KB5004331 keeps ending up as a failure with the error 0x80073712. I have retried this over and over and it does the same thing. It gave me an alternative to use KB5004296, but that also ended up as a failure. I attached screen shots of the notices
Tech Support Guy System Info Utility version 1.0.0.9
OS Version: Microsoft Windows 10 Home, 64 bit, Build 19043, Installed 20200807213151.000000-480
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz, Intel64 Family 6 Model 58 Stepping 9, CPU Count: 8
Total Physical RAM: 16 GB
Graphics Card: NVIDIA GeForce GTX 1660
Hard Drives: C: 465 GB (76 GB Free); D: 931 GB (363 GB Free); F: 230 GB (226 GB Free);
Motherboard: Gigabyte Technology Co., Ltd. Z68A-D3H-B3
System: Award Software International, Inc., ver GBT - 42302e31
Antivirus: Norton Security Online, Enabled and Updated
I apologize, I didn't see that request about not quoting you, it was helping me keep track of all of this. Here is the malwarebytes report, I ran it before the other one:
Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
When the tool opens, click Get Started.
Read and accept the license agreement.
At the Welcome to ESET Online Scanner window, click Get Started.
Select whether you would like to send anonymous data to ESET.
Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
Click on the Full Scan option.
Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
ESET will now begin scanning your computer. This may take some time.
When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
Dr.M: Okay, it's running. Your directions have been pretty amazing, hence, the "Professor" acknowledgement... I really appreciate all of your help and knowledge; I'm learning a lot from you. If you are ever out this way I owe you a dinner at our favorite restaurant in town! Will get back when the scan is done.
Once we get this cleaned up do you recommend buying and keeping the Malewarebytes program (or?) running as protection when I also have the Windows Security system giving virus/firewall/etc. protection along with the Comcast Xfinity protection online supplying my cable service for the internet, wifi and TV?
Buying the Premium version of Malwarebytes or stay with the free one, is up to you. With the Premium version, you have real time protection. This feature doesn't exist in free version. Instead, you have to scan your computer every now and then by your self, depending on how often you use your computer. Malwarebytes and Windows Security work well together, and both can keep you safe.
8/5/2021 12:22:01 PM
Files scanned: 696141
Detected files: 4
Cleaned files: 4
Total scan time 02:07:16
Scan status: Finished
C:\FRST\Quarantine\D\Documents\Computer Related\Media\Video Downloaders\Freemake\FreemakeVideoDownloaderSetup.exe.xBAD a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting
D:\Documents\Computer Related\Graphics\PDF Forge creator\Installer free\PDFCreator-2_3_0-Setup.exe a variant of Win32/LuluSoftware.A potentially unwanted application,Win32/InstallMonetizer.AQ potentially unwanted application cleaned by deleting
D:\Documents\Computer Related\Problems\Restoro registry fix\Restoro.exe Win32/ReImageRepair.T potentially unwanted application cleaned by deleting
D:\Documents\Games\Grand Theft Auto V\Mods\Lingon Trainer\1025_GrandTheftAutoV\GrandTheftAutoV+24Tr-LNG_v1.0.1290.1.exe a variant of MSIL/GameHack.SZ potentially unsafe application cleaned by deleting
++++++++++++++++++++++++++++++
Programs/Files deleted by Esetonline:
FreemakeVideoDownloader - Very useful, what can I use instead?
PDF Forge creator - Don't know how I even got that, no problem.
Restoro - Good riddence!
GTA Trainer - This was a free mod for the game I bought on Steam, didn't know it was harmful?
I'm sure you noticed that when we scan the computer with Malwarebytes and AdwCleaner, we first saw the detected items and then ran the tools again to remove them. ESET doesn't give us this opportunity, to check and choose what to delete, especially if the detected items are marked as "potentially unwanted/unsafe applications".
About Freemake: it seems that the program itself is fine. BUT: When you launch the installer it will also offer other software in addition to Freemake Video Converter. Unnecessary toolbars, adware etc. These "optional" programs are almost always pre-checked, the users get caught unaware and end up with unwanted software on their system. If you want to download it again, you can, but be very careful not to download anything else which indeed is a malware.
GTA Trainer: I don't have an opinion here, and perhaps you are right. But when I tried to find it, at least 2 pages were blocked by Malwarebytes (Premium), which warned me about a trojan.
A good technique is to send files (including exe/setup files) to VirusTotal for check. That way, you know what is the case about almost anything.
I will be back to you tomorrow morning (Just saw that it is already tomorrow, so... good night from me).
NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Dr.M re your post #48 I thought we just did this yesterday in your post #34 and I attached the the First-Fixlog.txt results in post #38. Here it is again:
Registry access was denied. Although I have my doubts that something will change, let's try the same fix (with some changes) in Safe mode.
1. Restart with Safe mode
Press the Windows icon on the keyboard together with the letter I, to get into the Settings.
Choose Update and Security.
From the menu at the left, choose Recovery.
Under the title Advanced startup at the right, choose Restart now.
From the window that will appear choose Troubleshoot and then Advanced options.
Choose Startup Settings and then Restart.
Press number 5, for choosing Safe mode with networking.
You will know that you are in Safe mode, if the background is black and Safe mode is written at the four corners of the screen.
2. FRST fix
NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Farbar Service Scanner Version: 23-12-2020
Ran by doane (administrator) on 07-08-2021 at 11:11:59
Running from "C:\Users\doane\Desktop"
Microsoft Windows 10 Home (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Policy:
========================
Windows Security:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\Drivers\afd.sys => File is digitally signed
C:\Windows\System32\Drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\SecurityHealthService.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
Status
Not open for further replies.
You have insufficient privileges to reply here.
Related Threads
?
?
?
?
?
Tech Support Guy
9.9M posts
859.7K members
Since 1998
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!