Free Malware Removal Forum

[Bio-Hazard]

Hello!

We have found reason for your problems and Mosaic1 is working on a fix. Please be patient as it can take some time.

[tenmeg]

Hi - OK great - sounds promising - looking forward to see what Mosaic comes with. Thanks

[Bio-Hazard]

Hello!

First you need a copy of secedit.exe.

Go to this site to get a hotfix.:

http://support.microsoft.com/kb/897327

Download the hotfix on to your desktop and run it. The hotfix you need is for Windows XP SP2 for x86 systems. Let me know if it installs or not

[tenmeg]

Hi - I downloaded the HotFix and tried to run the exe. file but ran into the same old problem when I have attempted in the past to install upgrades. I receive the following error message.

"Setup could not verify the integrity of the file Update.inf Make sure the Cryptographic service is running on this computer."

I checked services and Cryptographic services are running. I've chased around on MS's website looking for a fix to this problem but never found any solution that worked.

Here is the MS site that talks about this problem + suggested solutions:

http://support.microsoft.com/kb/822798

[Bio-Hazard]

Hello!

Thats what we were afraid of. We are going to have to do it the hard way. I will let Mosaic1 know and as soon as we have come up with a solution i will post back

[tenmeg]

Hi - OK - thanks

[Bio-Hazard]

Hello!

Lets see what we can do.

• Please go to this link and download Universal Extractor.
  http://www.softpedia.com/progDownload/U ... 56951.html
  
• Once Downloaded, install it.
• Once installed, Universal Extractor will add entries to your context menus.
• Find the hotfix you downloaded from MS and right click on it.
• Click this entry on the context menu:
  
  • UniExtract to SubDir
• This will extract all the files in the Hotfix installer to a subdirectory named the same as the hotfix.
• Open this Folder which Universal Extractor created (you'll find that folder in the same directory as the hotfix) and then copy secedit.exe to C:\windows\System32.

• Click Start
• Click Run
• In the box type:
• cmd
• Then press enter.
• Copy this command:
  
  

  Code: Select all

  secedit /configure /areas FILESTORE /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose

  
  
• Then right click in the command window and click paste.
• Press enter.
• It will take a few minutes to reset all the Folder and file permissions to their defaults.

Now see if you can install Updates and post back your results. Good Luck. If you still get an error, reboot the computer. This step may also just resolve that error you have been getting regarding the Paging file. Drive Permissions incorrect or missing can generate the error you described there too.

[tenmeg]

Hi - here is what happened after all of that. . .

1 - downloaded Universal Extractor
2 - HotFix files were extracted
3 - found secedit.exe and moved it to C:\windows\System32.
4 - Opened cmd prompt window & pasted the command code. Rc'd the following message after I ran the code.
5 - "Unable to read from or write to the database. task is completed with error. See log %windir%\security\logs\scesrv.log for detail info."
6 - I searched for the scesrv.log but it does not exist.

I did not know what that error msg meant but I tried clicking the Windows Update button on my Start page anyway. It checkd to see if I the latest Update software. It then proceeded to automatically download the latest Update software. ( it never did that before ) Then it said I needed to reboot my computer to download any new MS software. I rebooted and hit the Windows Update button again, it again checked to see if I had the latest Update software and it then went to Welcome to Windows Update. Clicked the Express Button and got the same error message as I have in the past.

ERROR = The website has encountered a problem and cannot display the page you are trying to view. ERROR NO. = 0x80248011

For a moment I thought it was going to work. I was able to run the HotFix. The computer does shut down quicker, I still get the Paging File error, Automatic Update service was restored. Now where do we go from here??

[Bio-Hazard]

Hello!

How much free disk space you have in your C: drive?

• Double click on My Computer.
• Then right click on the C: Drive icon.
• Click on Properties,
• Report what it reports as Used space and then also what it lists as Free Space. If there isn't enough free space on the drive, that Paging File error can pop up.

=======================================================

• Click Start
• Click Run
• copy this into the box:
  

  Code: Select all

  C:\WINDOWS\System32\msiexec.exe /regserver

• Click enter

=======================================================


Batch file - Checkdb.txt

• Open Notepad (not wordpad) by click start
• Click Run
• Type notepad into the box and click enter
• Notepad will open
• Copy and Paste everything from the Code box into Notepad (not wordpad):
  
  

  Code: Select all

  cacls C: >Checkdb.txt
  
  Dir /a /s %windir%\security\*.inf >>checkdb.txt
  Dir /a /s %windir%\security\*.log >>checkdb.txt
  Dir /a  %windir%\security\Database\secedit.sdb  >>checkdb.txt
  echo.>>checkdb.txt
  esentutl /g  %windir%\security\Database\secedit.sdb   >>checkdb.txt 2<&1
  
  Dir /a %windir%\repair\secsetup.inf>>checkdb.txt
  
  Start Notepad checkdb.txt 
  

  
  
• Go to File > Save As
• Save File name as Checkdb.bat
• Change Save as Type to All Files and save the file to your desktop.
• Close Notepad
• Double-click Checkdb.bat on your Desktop
• Post back with the text that will open in notepad (checkdb.txt ).

=======================================================


Let's try this page: http://www.updatexp.com/0x80248011.html

• Try Resolution 1 and see if it helps.
• If not, try resolution #2 to see if it helps.

Resolution Suggestion One:

# To resolve this error, clear the Microsoft Internet Explorer cache. To do this, follow these steps:

Start Internet Explorer.
On the Tools menu, click Internet Options.
Click the General tab.
In the Temporary Internet files section, click Delete Cookies.
In the Delete Cookies box, click OK.
Click Delete Files.
Click to select the Delete all offline content check box in the Delete Files dialog box, and then click OK.
In the History section, click Clear History.
Click Yes, and then click OK.

------------------------------

Resolution Suggestion Two:

# Delete the datastore and allow it to rebuild itself:

First stop the Automatic Update Service:

Click Start
Choose Run
In the Run box, type services.msc
Click OK
Right-click the Automatic Updates Service
Click Stop

After Stopping the Service please rename the folder c:\Windows\SoftwareDistribution

Open Windows Explorer
Navigate to the Windows folder
Click on the + next to the Windows folder
Navigate to SoftwareDistribution folder
Right Click on the SoftwareDistribution folder
Select rename from the Menu
Rename the folder to SoftwareDistribution.old and click Enter

Now restart the Automatic Update Service

Click Start
Choose Run
In the Run box, type services.msc
Click OK
Right-click the Automatic Updates Service
Click Start

Starting the service will take a moment...

=======================================================

Logs/Information to Post in Next Reply

Please post the following logs/Information in your reply:

• Answer to to mu question
• checkdb.txt

[tenmeg]

Hi - here are the results as requested. . .

=========================================================================

1 - C Drive Capacity = 74.3 GB, Used Space=66.3 GB, Free Space=7.94

2 - Ran code search for 'msiexec.exe' & rc'd the following msg = "Windows cannot find C:\Windows\System32\msiexec.exe"

3 - Ran 'Checkdb.bat' and rc'd the following message = 'The procedure entry point JetGetSystemParameter @24 could not be located in the dynamic link library ESENT.dll'

4 - Log data produced by 'Checkdb.bat'

===========================================================================

C:\Documents and Settings\TENMEG\Desktop 2WIRE200\TENMEG:F
2WIRE200\TENMEG:(OI)(CI)(IO)F
NT AUTHORITY\SYSTEM:F
NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F
BUILTIN\Administrators:F
BUILTIN\Administrators:(OI)(CI)(IO)F

Volume in drive C has no label.
Volume Serial Number is 5E04-0064

Directory of C:\WINDOWS\security\templates

09/30/1998 12:19 PM 114,284 basicdc4.inf
09/30/1998 12:19 PM 96,530 basicsv4.inf
09/30/1998 12:19 PM 92,335 basicwk4.inf
09/30/1998 12:19 PM 21,131 compdc4.inf
09/30/1998 12:19 PM 20,640 compws4.inf
12/08/2002 11:49 AM 9,588 ConvW2k.inf
08/04/2004 01:00 AM 7,784 hisecdc.inf
09/30/1998 12:19 PM 20,465 hisecdc4.inf
08/04/2004 01:00 AM 8,015 hisecws.inf
10/01/1998 12:22 PM 20,860 hisecws4.inf
11/26/2003 05:11 AM 3,672 hpq2k.inf
11/26/2003 05:12 AM 3,672 hpqxp.inf
09/30/1998 12:19 PM 2,772 off97sr1.inf
09/30/1998 12:19 PM 19,829 securdc4.inf
10/01/1998 12:22 PM 22,103 securws4.inf
08/07/2004 05:58 AM 246,942 setup security.inf
16 File(s) 710,622 bytes

Total Files Listed:
16 File(s) 710,622 bytes
0 Dir(s) 8,535,347,200 bytes free
Volume in drive C has no label.
Volume Serial Number is 5E04-0064
Volume in drive C has no label.
Volume Serial Number is 5E04-0064

Directory of C:\WINDOWS\security\Database

05/05/2006 03:49 PM 2,105,344 secedit.sdb
1 File(s) 2,105,344 bytes
0 Dir(s) 8,535,347,200 bytes free

Volume in drive C has no label.
Volume Serial Number is 5E04-0064

Directory of C:\WINDOWS\repair

08/07/2004 05:58 AM 246,942 secsetup.inf
1 File(s) 246,942 bytes
0 Dir(s) 8,535,408,640 bytes free

==========================================================================================

The resolutions you posted to ERROR NO. = 0x80248011 is copied from a MS help page and is posted on many sites - none of the resolution tips worked yesterday after running HotFix and then running Windows Update.

==========================================================================================

I forgot to mention yesterday that my "System Restore" does not work either. In looking at various resolution web sites for error 0x80248011 one of the common problems is System Restore quits working.

[Bio-Hazard]

Hello!

Me Mosaic1 are working hard for creating a solution for you. Your operating system is very messed up.Your drive permissions are not working and we are trying to restore them. This is why system restore doesnt work either.

=======================================================

Disable your Anti Virus and malware scanners.

• Click Start
• Click Run
• In the box type:
• cmd
• Then press enter.
• Copy this command:
  
  

  Code: Select all

  secedit.exe /analyze /db  %Windir%\new.db /cfg %Windir%\inf\defltwk.inf /log %Windir%\security\logs\permsanalyze.log

  
  
• Then right click in the command window and click paste.
• Press enter.

=======================================================

Disable your Anti Virus and malware scanners.

• Click Start
• Click Run
• In the box type:
• cmd
• Then press enter.
• Copy this command:
  
  

  Code: Select all

  secedit.exe /configure /areas FILESTORE USER_RIGHTS REGKEYS /db %Windir%\new.db /cfg %Windir%\inf\defltwk.inf /log   %Windir%\security\logs\permsrepair.log

  
  
• Then right click in the command window and click paste.
• Press enter.

=======================================================


Disable your Anti Virus and malware scanners.

• Click Start
• Click Run
• In the box type:
• cmd
• Then press enter.
• Copy this command:
  
  

  Code: Select all

  cacls C: >perms.txt && start notepad perms.txt 

  
  
• Then right click in the command window and click paste.
• Press enter.

=======================================================

Looks like you are missing your windows installer so we need to look for a copy of it.

SystemLook

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield (make sure there is no empty spaces after CryptSvc):
  

  Code: Select all

  :filefind 
  *msiexec*

  
  
• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found at on your Desktop entitled SystemLook.txt

=======================================================

Logs/Information to Post in Next Reply

Please post the following logs/Information in your reply:

• SystemLook.txt
• checkdb.txt

[tenmeg]

Hi - here is the info requested. . . .

=====================================================================

When I ran the two cmd prompt code's I rec'd the following msg for both.

"Unable to Read From or Write to Database"

======================================================================

I ran CheckDB & Rc'd the following Error message + the text log below

ERROR - "The procedure entry point JetGetSystemParameter@24 could not be located in the dynamic link library ESENT.dll"

======================================================================

C:\Documents and Settings\TENMEG\Desktop 2WIRE200\TENMEG:F
2WIRE200\TENMEG:(OI)(CI)(IO)F
NT AUTHORITY\SYSTEM:F
NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F
BUILTIN\Administrators:F
BUILTIN\Administrators:(OI)(CI)(IO)F

Volume in drive C has no label.
Volume Serial Number is 5E04-0064

Directory of C:\WINDOWS\security\templates

09/30/1998 12:19 PM 114,284 basicdc4.inf
09/30/1998 12:19 PM 96,530 basicsv4.inf
09/30/1998 12:19 PM 92,335 basicwk4.inf
09/30/1998 12:19 PM 21,131 compdc4.inf
09/30/1998 12:19 PM 20,640 compws4.inf
12/08/2002 11:49 AM 9,588 ConvW2k.inf
08/04/2004 01:00 AM 7,784 hisecdc.inf
09/30/1998 12:19 PM 20,465 hisecdc4.inf
08/04/2004 01:00 AM 8,015 hisecws.inf
10/01/1998 12:22 PM 20,860 hisecws4.inf
11/26/2003 05:11 AM 3,672 hpq2k.inf
11/26/2003 05:12 AM 3,672 hpqxp.inf
09/30/1998 12:19 PM 2,772 off97sr1.inf
09/30/1998 12:19 PM 19,829 securdc4.inf
10/01/1998 12:22 PM 22,103 securws4.inf
08/07/2004 05:58 AM 246,942 setup security.inf
16 File(s) 710,622 bytes

Total Files Listed:
16 File(s) 710,622 bytes
0 Dir(s) 8,503,062,528 bytes free
Volume in drive C has no label.
Volume Serial Number is 5E04-0064

Directory of C:\WINDOWS\security\logs

09/03/2009 04:44 PM 2 permsanalyze.log
09/03/2009 04:16 PM 2 permsrepair.log
2 File(s) 4 bytes

Total Files Listed:
2 File(s) 4 bytes
0 Dir(s) 8,503,062,528 bytes free
Volume in drive C has no label.
Volume Serial Number is 5E04-0064

Directory of C:\WINDOWS\security\Database

05/05/2006 03:49 PM 2,105,344 secedit.sdb
1 File(s) 2,105,344 bytes
0 Dir(s) 8,503,062,528 bytes free

Volume in drive C has no label.
Volume Serial Number is 5E04-0064

Directory of C:\WINDOWS\repair

08/07/2004 05:58 AM 246,942 secsetup.inf
1 File(s) 246,942 bytes
0 Dir(s) 8,503,062,528 bytes free


=========================================================================

System Lookup Text Log

SystemLook v1.0 by jpshortstuff (22.05.09)
Log created at 17:12 on 03/09/2009 by TENMEG (Administrator - Elevation successful)

========== filefind ==========

Searching for "*msiexec*"
C:\3dc3929ee64b598eff1ac8bd38fe\msiexec.exe --a--c 78848 bytes [21:45 04/05/2005] [21:45 04/05/2005] F5F0146580E7023ADB963879840777F8
C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Microsoft Windows Installer 3.1\mWinRun.dll\ansi\msiexec.exe --a--c 83456 bytes [20:21 29/11/2008] [01:27 13/11/2004] E6B975475B001A15B14AE6BDCDE58E45
C:\Documents and Settings\TENMEG\Favorites\Links\Computer troubleshooting\error Cannot find the file 'MSIEXEC' (or one of its components) make sure ....url --a--c 208 bytes [00:51 16/01/2009] [00:51 16/01/2009] 96A1AC6AF9F80918729D348A65942042
C:\Documents and Settings\TENMEG\Recent\MSIEXEC.EX_.lnk --a--c 608 bytes [23:50 03/09/2009] [23:50 03/09/2009] F4AAAFFFA565EE7EDBFE8978FA5BCD45
C:\I386\MSIEXEC.EX_ --a--c 28710 bytes [13:00 04/08/2004] [13:00 04/08/2004] 2F59379BC02A7824C75788CABE4B73A8
C:\Permissions Reset\msiexec.txt --a--c 38 bytes [07:48 03/12/2008] [07:48 03/12/2008] 77E8B96FB793270BB4652B86631C135C
C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe --a--c 77312 bytes [20:10 08/05/2006] [08:00 04/08/2004] 4236AE241F193F58ADAB141CECCFD5F4
C:\WINDOWS\Microsoft Windows Installer 3.1\mWinRun.dll\ansi\msiexec.exe --a--- 83456 bytes [21:08 05/12/2008] [01:27 13/11/2004] E6B975475B001A15B14AE6BDCDE58E45

-=End Of File=-

==========================================================================

[Bio-Hazard]

Hello!


Do you have Service Pack 2 files still on your machine? Or did you slipstream them to CD or possibly delete them?


SystemLook

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  

  Code: Select all

  :filefind
  *esent.dll*
   

  
  
• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found at on your Desktop entitled SystemLook.txt


=======================================================

Disable your Anti Virus and malware scanners.

• Click Start
• Click Run
• In the box type:
• cmd
• Then press enter.
• Copy this command:
  
  

  Code: Select all

  regsvr32 scecli.dll

  
  
• Then right click in the command window and click paste.
• Press enter.
• Wait a little for the Msgbox to pop up and if it is a failure message, then please copy that message.
  

=======================================================


Logs/Information to Post in Next Reply

Please post the following logs/Information in your reply:

• Answer to My question
• SystemLook.txt
• A description of how your computer is behaving

[tenmeg]

Hi - SP2 ?? I don't really remember exactly when or how SP 2 was added to my computer. I thought ( Not Sure ) that I downloaded it from MS. Could have come with the computer?? Or on disks at my home in Arizona. I am currently staying for the summer in San Francisco, CA with friends. I have some disks for this computer at my home in AZ but I don't have anything here with me. Is there a way to search for SP 2 or would the files/folder be obvious and labeled Service Pack 2?? I looked in Control Panel/Add or Remove/ but did not see anything that said SP 2. There was something under Service Pack 1. Used SEARCH for Service Pack 2 but nothing was found. Again I want to thank you for sticking with this problem.

=======================================================================

SystemLook v1.0 by jpshortstuff (22.05.09)
Log created at 15:35 on 05/09/2009 by TENMEG (Administrator - Elevation successful)

========== filefind ==========

Searching for "*esent.dll*"
C:\WINDOWS\$hf_mig$\KB910437\SP2QFE\esent.dll --a--c 1082368 bytes [15:33 09/05/2006] [22:26 20/10/2005] 0A70ACFDC256D856FCFCBC316DF91619
C:\WINDOWS\$NtUninstallKB910437$\esent.dll --a--c 1082368 bytes [12:25 10/05/2006] [08:00 04/08/2004] A57B8ACD54AFBE482042C285C2767EBF
C:\WINDOWS\system32\esent.dll --a--- 1082368 bytes [08:00 04/08/2004] [22:20 20/10/2005] 50DE118DA580208B914B40DD47C90D52

-=End Of File=-

==========================================================================

MSG Rc'd for SCECLI.DLL= DllRegister Server in scedi.dll succeeded

==========================================================================

COMPUTER
Computer is running a lot faster and smoother - starts and closes quicker - I received an Update notice from MS but the download button was 'greyed out'. That means the Automatic Updater is working again but can't install any of the updates. The Paging File error msg still pops up on StartUp.

[Bio-Hazard]

Hello!

We need to check something. Thank you for your answers.


Download and run Win32kDiag

• Download Win32kDiag from any of the following locations and save it to your Desktop.
  • Download Win32kDiag (Win32kDiag.exe) - #1
  • Download Win32kDiag (Win32kDiag.exe) - #2
  • Download Win32kDiag (Win32kDiag.exe) - #3
• Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
• When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
• Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.