Solved Failure to configure IE10 security update (KB2962872)

dynasty15

New member
Local time
12:56 AM
Messages
8
Hi all, I'm new to this forum - recently had trouble installing a security update for IE10. It seems like IE related updates tend to give my computer trouble. The update installs ok, but then after restarting, it fails when configuring, then reverts to the original state.

The update code is KB2962872
The error code is 80071A2D

I prepared a CBS.zip file, but it is too large to upload so I made a dropbox link:
https://www.dropbox.com/s/5i1zsgpj5wrspot/CBS.zip

Any help would be appreciated, thanks!
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitIntel Core i7-3612QMintegrated graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Lenovo
OS
Windows 7 Home Premium 64bit
CPU
Intel Core i7-3612QM
Graphics Card(s)
integrated graphics
Antivirus
Microsoft Security Essentials
Browser
Chrome
update

I just reran the SURT, the log files are quite a bit smaller now, attaching a zip file (with the cab files removed to make it fit, not sure if they are necessary, but in any case they are in the dropbox link above)

Thanks!
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitIntel Core i7-3612QMintegrated graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Lenovo
OS
Windows 7 Home Premium 64bit
CPU
Intel Core i7-3612QM
Graphics Card(s)
integrated graphics
Antivirus
Microsoft Security Essentials
Browser
Chrome
CheckSUR fixed one problem the first time it ran - and found nothing more to fix the second time

The SFC scan found one error, and claims to have fixed it - but I'm not convinced that it did.

Code:
 Line 958531: 2014-07-23 01:23:27, Info                  CSI    00000476 [SR] Repairing 1 components
 Line 958532: 2014-07-23 01:23:27, Info                  CSI    00000477 [SR] Beginning Verify and Repair transaction
 Line 958535: 2014-07-23 01:23:27, Info                  CSI    00000479 [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:24{12}]"msrating.dll" from store

is rapidly followed by...

Code:
2014-07-23 01:23:27, Error                 CSI    0000047f (F) STATUS_TRANSACTION_NOT_ACTIVE #7909462# from Windows::Rtl::SystemImplementation::DirectFileSystemProvider::SysCreateFile(flags = (AllowSharingViolation|AllowAccessDenied|AllowTransactionalConflict|0x00000400), handle = {provider=NULL, handle=0}, da = (SYNCHRONIZE|FILE_WRITE_ATTRIBUTES), oa = @0x112ce70->OBJECT_ATTRIBUTES {s:48; rd:NULL; on:[119]"\SystemRoot\WinSxS\x86_microsoft-windows-ie-ratings_31bf3856ad364e35_10.2.9200.16521_none_e94d3c6514d16754\msrating.dll"; a:(OBJ_CASE_INSENSITIVE)}, iosb = @0x112cf20, as = (null), fa = 0, sa = (FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE), cd = FILE_OPEN, co = (FILE_NON_DIRECTORY_FILE|FILE_SYNCHRONOUS_IO_NONALERT|0x00204000), eab = NULL, eal = 0, disp = Invalid)
[gle=0xd0190003]
2014-07-23 01:23:27, Error                 CSI    [EMAIL="00000480@2014/7/23:08:23:27.871"]00000480@2014/7/23:08:23:27.871[/EMAIL] (F) d:\win7sp1_gdr\base\wcp\sil\merged\ntu\ntsystem.cpp(2057): Error STATUS_TRANSACTION_NOT_ACTIVE originated in function Windows::Rtl::SystemImplementation::DirectFileSystemProvider::SysCreateFile expression: (null)
[gle=0x80004005]
2014-07-23 01:23:27, Info                  CBS    Succesfully flushed NtfsLog.etl
2014-07-23 01:23:27, Info                  CBS    Succesfully added NtfsLog.etl to WER Report
2014-07-23 01:23:28, Error                 CSI    00000481 (F) STATUS_TRANSACTION_NOT_ACTIVE #7909461# from Windows::Rtl::SystemImplementation::CDirectory::OpenExistingFile(...)[gle=0xd0190003]
2014-07-23 01:23:28, Error                 CSI    00000482 (F) STATUS_TRANSACTION_NOT_ACTIVE #7909460# from Windows::Rtl::SystemImplementation::CDirectory_IRtlDirectoryTearoff::OpenExistingFile(flags = (SharingViolationIsOk|AccessDeniedIsOk|TransactionalConflictIsOk|DeletePendingIsOk), da = (SYNCHRONIZE|FILE_WRITE_ATTRIBUTES), oa = @0x112d498->SIL_OBJECT_ATTRIBUTES {s:40; on:"msrating.dll"; a:(OBJ_CASE_INSENSITIVE)}, sa = (FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE), oo = (FILE_SYNCHRONOUS_IO_NONALERT|FILE_NON_DIRECTORY_FILE|FILE_OPEN_FOR_BACKUP_INTENT|FILE_OPEN_REPARSE_POINT), file = NULL, disp = Invalid)
[gle=0xd0190003]
2014-07-23 01:23:28, Error                 CSI    00000483 (F) STATUS_TRANSACTION_NOT_ACTIVE #7909459# from Windows::Rtl::SystemImplementation::CSystemIsolationLayer_IRtlSystemIsolationLayerTearoff::TransferFile(flags = (ReplaceIfExists|OpenForBackupIntent|SharingViolationIsOk|TransactionalConflictIsOk|CannotDeleteIsOk|DeletePendingIsOk), op = [24]"HardLinkWithCopyFallback", odir = @0x5278a88, oname = [l:24{12}]"msrating.dll", ndir = @0x5278c38, nname = [l:24{12}]"msrating.dll", disp = Unmapped disposition: 0)
[gle=0xd0190003]
2014-07-23 01:23:28, Error                 CSI    00000484 (F) STATUS_TRANSACTION_NOT_ACTIVE #7909384# from RtlRunPrimitiveOperationsFromCallbacksAgainstSil(...)[gle=0xd0190003]
2014-07-23 01:23:28, Error                 CSI    00000485 (F) STATUS_TRANSACTION_NOT_ACTIVE #7909379# from ApplyTransactionPOQsToSil(...)[gle=0xd0190003]
2014-07-23 01:23:28, Error                 CSI    [EMAIL="00000486@2014/7/23:08:23:28.130"]00000486@2014/7/23:08:23:28.130[/EMAIL] (F) d:\win7sp1_gdr\base\wcp\componentstore\com\store_transaction.cpp(1021): Error STATUS_TRANSACTION_NOT_ACTIVE originated in function ApplyTransactionPOQsToSil expression: (null)
[gle=0x80004005]
2014-07-23 01:23:28, Info                  CBS    Succesfully flushed NtfsLog.etl
2014-07-23 01:23:28, Info                  CBS    Succesfully added NtfsLog.etl to WER Report
2014-07-23 01:33:31, Info                  CBS    Reboot mark refs incremented to: 1
2014-07-23 01:33:31, Info                  CBS    Scavenge: Starts
2014-07-23 01:33:31, Info                  CSI    [EMAIL="00000487@2014/7/23:08:33:31.764"]00000487@2014/7/23:08:33:31.764[/EMAIL] CSI Transaction @0x3ab660 initialized for deployment engine {d16d444c-56d8-11d5-882d-0080c847b195} with flags 00000002 and client id [10]"TI6.0_0:0/"
2014-07-23 01:33:31, Info                  CBS    Scavenge: Begin CSI Store
2014-07-23 01:33:32, Info                  CSI    00000488 Performing 1 operations; 1 are not lock/unlock and follow:
  Scavenge (8): flags: 00000017
2014-07-23 01:33:33, Info                  CSI    00000489 Creating NT transaction (seq 4), objectname [6]"(null)"
2014-07-23 01:33:33, Info                  CSI    0000048a Created NT transaction (seq 4) result 0x00000000, handle @0x1374
2014-07-23 01:33:34, Info                  CSI    [EMAIL="0000048b@2014/7/23:08:33:34.088"]0000048b@2014/7/23:08:33:34.088[/EMAIL] CSI perf trace:
CSIPERF:TXCOMMIT;359431
2014-07-23 01:33:37, Info                  CSI    0000048c Couldn't mark for pending delete: [ml:78{39},l:76{38}]"\SystemRoot\WinSxS\Temp\PendingDeletes"\[l:88{44}]"$$DeleteMe.sortkey.nlp.01cd8524f9181a7e.0028".  Reason: [13]"Cannot Delete"
2014-07-23 01:33:37, Info                  CSI    0000048d Couldn't mark for pending delete: [ml:78{39},l:76{38}]"\SystemRoot\WinSxS\Temp\PendingDeletes"\[l:88{44}]"$$DeleteMe.sortkey.nlp.01ce7f63012ce78d.0009".  Reason: [13]"Cannot Delete"
2014-07-23 01:33:37, Info                  CSI    0000048e Couldn't mark for pending delete: [ml:78{39},l:76{38}]"\SystemRoot\WinSxS\Temp\PendingDeletes"\[l:88{44}]"$$DeleteMe.sortkey.nlp.01cf29022b640e0c.0002".  Reason: [13]"Cannot Delete"
2014-07-23 01:33:37, Info                  CSI    0000048f Couldn't mark for pending delete: [ml:78{39},l:76{38}]"\SystemRoot\WinSxS\Temp\PendingDeletes"\[l:90{45}]"$$DeleteMe.sorttbls.nlp.01cd8524f9050f7c.0027".  Reason: [13]"Cannot Delete"
2014-07-23 01:33:37, Info                  CSI    00000490 Couldn't mark for pending delete: [ml:78{39},l:76{38}]"\SystemRoot\WinSxS\Temp\PendingDeletes"\[l:90{45}]"$$DeleteMe.sorttbls.nlp.01ce7f63012824cc.0008".  Reason: [13]"Cannot Delete"
2014-07-23 01:33:37, Info                  CSI    00000491 Couldn't mark for pending delete: [ml:78{39},l:76{38}]"\SystemRoot\WinSxS\Temp\PendingDeletes"\[l:90{45}]"$$DeleteMe.sorttbls.nlp.01cf29022b5a888b.0001".  Reason: [13]"Cannot Delete"
2014-07-23 01:33:37, Info                  CSI    00000492 ICSITransaction::Commit calling IStorePendingTransaction::Apply - coldpatching=FALSE applyflags=7
2014-07-23 01:33:37, Info                  CSI    00000493 Creating NT transaction (seq 5), objectname [6]"(null)"
2014-07-23 01:33:37, Info                  CSI    00000494 Created NT transaction (seq 5) result 0x00000000, handle @0x1628

Please run another SFC /SCANNOW, and post the new CBS.log file (only - compressed, please), and we'll see whether I'm right or not.
 

My Computer My Computer

At a glance

Win 7 x64 Home Premium (and x86 VirtualBox VM...i3 370M/i7 6500U8GB - finally :)/8GBit's an i3, dude!/dual Intel&nVidia
Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Hi NoelDP,

Thanks for your reply! I reran sfc /scannow, and the new CBS.log file is attached. I also forgot to mention that when running sfc /scannow, I get the following output:

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection could not perform the requested operation.

I am guessing this might be relevant to my problems? I am running cmd as administrator on an administrator account.
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitIntel Core i7-3612QMintegrated graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Lenovo
OS
Windows 7 Home Premium 64bit
CPU
Intel Core i7-3612QM
Graphics Card(s)
integrated graphics
Antivirus
Microsoft Security Essentials
Browser
Chrome
The error is still there. :(

Code:
 Line 3541: 2014-07-23 09:27:51, Info                  CSI    00000318 [SR] Beginning Verify and Repair transaction
 Line 3544: 2014-07-23 09:27:51, Info                  CSI    0000031a [SR] Repairing corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:24{12}]"msrating.dll" from store
 Line 3553: 2014-07-23 09:27:51, Info                  CSI    0000031c [SR] Repair complete
I'll post a fix protocol for this later - but I'm not certain that this is a 'normal' problem, so it may well fail...
The failure mode may help identify the exact problem.
 

My Computer My Computer

At a glance

Win 7 x64 Home Premium (and x86 VirtualBox VM...i3 370M/i7 6500U8GB - finally :)/8GBit's an i3, dude!/dual Intel&nVidia
Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Sorry - ignore my 'fix' post - it was for a different thread altogether!

I'll come back with the proper one for you shortly (I hope!)
 

My Computer My Computer

At a glance

Win 7 x64 Home Premium (and x86 VirtualBox VM...i3 370M/i7 6500U8GB - finally :)/8GBit's an i3, dude!/dual Intel&nVidia
Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
OK - I think I got it right this time...


I've uploaded a file - d15aa.zip - to my OneDrive at Noel's OneDrive
Please download and save it.

Right-click on the saved file and select Extract all...
Change the target to C:\ and click on Extract
Close all windows (it would be a good idea to print these instructions!)

Now reboot to the Repair Environment - as soon as the machine restarts, start tapping F8 - this should bring up the Advanced Boot Menu, at the top of which should be the option 'Repair my Computer'
Pick that
You'll have to log in with your username and password.

Pick the option to use a Command Prompt
At the prompt type
DIR C:\d15aa
hit the enter key - if you get a 'Not Found' error try
DIR D:\d15aa
or
DIR E:\d15aa



The drive letter in use when you find the folder will need to be substituted (for<drive>) into the following command...



XCOPY <drive>:\d15aa <drive>:\windows\winsxs /y /i /s /v /h



(e.g. XCOPY P:\wfire P:\windows\winsxs /y /i /s /v /h )



run the command (it should take almost no time) and when the prompt returns, type
EXIT
and hit the Enter key to exit Command Prompt - reboot to Normal Mode Windows.

Now run SFC /SCANNOW in an Elevated Command Prompt
then reboot and upload the new CBS.log file to your reply
 

My Computer My Computer

At a glance

Win 7 x64 Home Premium (and x86 VirtualBox VM...i3 370M/i7 6500U8GB - finally :)/8GBit's an i3, dude!/dual Intel&nVidia
Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Hi, thanks for the help!

I followed the steps, sfc /scannow is still getting to 100% verification, then saying 'Windows Resource Protection could not perform the requested operation.'

The CBS.log file is attached

I have also checked the windows\winsxs folder, the x86_microsoft-windows-ie-ratings_31bf3856ad364e35_10.2.9200.16521_none_e94d3c6514d16754 file folder appears to have copied correctly.
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitIntel Core i7-3612QMintegrated graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Lenovo
OS
Windows 7 Home Premium 64bit
CPU
Intel Core i7-3612QM
Graphics Card(s)
integrated graphics
Antivirus
Microsoft Security Essentials
Browser
Chrome
Sorry - wrong (but similar) thread

Please post your C:\Windows\windowsupdate.log file
 
Last edited:

My Computer My Computer

At a glance

Win 7 x64 Home Premium (and x86 VirtualBox VM...i3 370M/i7 6500U8GB - finally :)/8GBit's an i3, dude!/dual Intel&nVidia
Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Hi, the windowsupdate.log file is attached. I tried reinstalling the update, but it failed again.
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitIntel Core i7-3612QMintegrated graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Lenovo
OS
Windows 7 Home Premium 64bit
CPU
Intel Core i7-3612QM
Graphics Card(s)
integrated graphics
Antivirus
Microsoft Security Essentials
Browser
Chrome
The file found by the system appears to still be the wrong version - it's one from IE9, rather than IE10.

This probably means that the files were actually place wrongly - let's do a couple of quick checks...

Open an Elevated Command Prompt, and run the following commands...

DIR C:\d15aa
DIR C:\Windows\Winsxs\d15aa

Post the results.


Here are some instructions to make life easier :)
1) To open an Elevated Command Prompt Window (the ECP window), click on Start, All Programs, Accessories – then right-click on Command Prompt, and select Run as Administrator. Accept the UAC prompt.
2) To run the commands easier, highlight the block of commands, and right-click on the highlight – select Copy. In the CP Window, click on the black/white icon at top left – select Paste. The commands will run but may not complete the last command, so hit the Enter Key once.
3) To copy the results... click on the Black/White icon in the top left, and select Edit... 'Select All', and hit the Enter key - then use Ctrl+V or r-click+Paste to paste it into your response.
 

My Computer My Computer

At a glance

Win 7 x64 Home Premium (and x86 VirtualBox VM...i3 370M/i7 6500U8GB - finally :)/8GBit's an i3, dude!/dual Intel&nVidia
Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Hi NoelDP, thanks a lot for your patience on this, I pasted the results below. As a note, when I followed your startup repair commands, there was no d15aa subfolder created in the \windows\winsxs folder, rather the contents of the d15aa folder (which themselves were grouped in a folder called x86_microsoft-windows-ie-ratings_31bf3856ad364e3
5_10.2.9200.16521_none_e94d3c6514d16754) were copied into the winsxs folder. Based on the file sizes, it seems like the right files got copied. Did I make a mistake here?


The Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\Xiaofan>dir c:\d15aa
Volume in drive C is Windows7_OS
Volume Serial Number is 6A2C-76C6

Directory of c:\d15aa

23/07/2014 11:23 PM <DIR> .
23/07/2014 11:23 PM <DIR> ..
23/07/2014 11:23 PM <DIR> x86_microsoft-windows-ie-ratings_31bf3856
ad364e35_10.2.9200.16521_none_e94d3c6514d16754
0 File(s) 0 bytes
3 Dir(s) 68,178,751,488 bytes free

C:\Users\Xiaofan>dir c:\windows\winsxs\d15aa
Volume in drive C is Windows7_OS
Volume Serial Number is 6A2C-76C6

Directory of c:\windows\winsxs

File Not Found

C:\Users\Xiaofan>dir c:\d15aa\x86_microsoft-windows-ie-ratings_31bf3856ad364e35_
10.2.9200.16521_none_e94d3c6514d16754
Volume in drive C is Windows7_OS
Volume Serial Number is 6A2C-76C6

Directory of c:\d15aa\x86_microsoft-windows-ie-ratings_31bf3856ad364e35_10.2.92
00.16521_none_e94d3c6514d16754

23/07/2014 11:23 PM <DIR> .
23/07/2014 11:23 PM <DIR> ..
23/07/2014 11:23 PM 8,798 icrav03.rat
23/07/2014 11:23 PM 163,840 msrating.dll
23/07/2014 11:23 PM 1,988 ticrf.rat
3 File(s) 174,626 bytes
2 Dir(s) 68,178,923,520 bytes free

C:\Users\Xiaofan>dir c:\windows\winsxs\x86_microsoft-windows-ie-ratings_31bf3856
ad364e35_10.2.9200.16521_none_e94d3c6514d16754
Volume in drive C is Windows7_OS
Volume Serial Number is 6A2C-76C6

Directory of c:\windows\winsxs\x86_microsoft-windows-ie-ratings_31bf3856ad364e3
5_10.2.9200.16521_none_e94d3c6514d16754

23/07/2014 11:23 PM <DIR> .
23/07/2014 11:23 PM <DIR> ..
23/07/2014 11:23 PM 8,798 icrav03.rat
23/07/2014 11:23 PM 163,840 msrating.dll
23/07/2014 11:23 PM 1,988 ticrf.rat
3 File(s) 174,626 bytes
2 Dir(s) 68,178,825,216 bytes free


Finally, I should also note that when I had previously tried to turn off the internet explorer feature from the windows feature list, for some strange reason it is listed as ie11 instead of ie10, which is what I get when I check 'about internet explorer' when running the browser (which has been since reactivated). Not sure if that is at all relevant. I had previously tried updating ie10 to ie11, but ran into similar troubles with this whole failure to configure updates + reverting changes business.
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitIntel Core i7-3612QMintegrated graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Lenovo
OS
Windows 7 Home Premium 64bit
CPU
Intel Core i7-3612QM
Graphics Card(s)
integrated graphics
Antivirus
Microsoft Security Essentials
Browser
Chrome
Nope, it looks like you did everything right - I think that Windows is confused! :(

Lets see if there's a symlink or something pointing where it didn'orta...

Open an Elevated Command Prompt, and run the following commands..


DIR C:\Windows /AL /S

- if it comes back anything other than 'File not found' please post the results.

If it comes back as expected, then download NTFS Links View from here - NTFSLinksView - View NTFS symbolic links and junction points

extract it and set it to scan C:\Windows at Infinite depth

If it comes back with anything - save a report, and post it.
 

My Computer My Computer

At a glance

Win 7 x64 Home Premium (and x86 VirtualBox VM...i3 370M/i7 6500U8GB - finally :)/8GBit's an i3, dude!/dual Intel&nVidia
Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Here are the results from the dir c:\windows /AL /S

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\Xiaofan>dir c:\windows /AL /S
Volume in drive C is Windows7_OS
Volume Serial Number is 6A2C-76C6

Directory of c:\windows\SysWOW64\config\systemprofile

04/10/2012 11:20 AM <JUNCTION> Application Data [C:\Windows\system32\con
fig\systemprofile\AppData\Roaming]
04/10/2012 11:20 AM <JUNCTION> Cookies [C:\Windows\system32\config\syste
mprofile\AppData\Roaming\Microsoft\Windows\Cookies]
04/10/2012 11:20 AM <JUNCTION> Local Settings [C:\Windows\system32\confi
g\systemprofile\AppData\Local]
04/10/2012 11:20 AM <JUNCTION> My Documents [C:\Windows\system32\config\
systemprofile\Documents]
04/10/2012 11:20 AM <JUNCTION> NetHood [C:\Windows\system32\config\syste
mprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
04/10/2012 11:20 AM <JUNCTION> PrintHood [C:\Windows\system32\config\sys
temprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
04/10/2012 11:20 AM <JUNCTION> Recent [C:\Windows\system32\config\system
profile\AppData\Roaming\Microsoft\Windows\Recent]
04/10/2012 11:20 AM <JUNCTION> SendTo [C:\Windows\system32\config\system
profile\AppData\Roaming\Microsoft\Windows\SendTo]
04/10/2012 11:20 AM <JUNCTION> Start Menu [C:\Windows\system32\config\sy
stemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
04/10/2012 11:20 AM <JUNCTION> Templates [C:\Windows\system32\config\sys
temprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes

Directory of c:\windows\SysWOW64\config\systemprofile\AppData\Local

04/10/2012 11:20 AM <JUNCTION> Application Data [C:\Windows\system32\con
fig\systemprofile\AppData\Local]
04/10/2012 11:20 AM <JUNCTION> History [C:\Windows\system32\config\syste
mprofile\AppData\Local\Microsoft\Windows\History]
04/10/2012 11:20 AM <JUNCTION> Temporary Internet Files [C:\Windows\syst
em32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Fil
es]
0 File(s) 0 bytes

Directory of c:\windows\SysWOW64\config\systemprofile\Documents

04/10/2012 11:20 AM <JUNCTION> My Music [C:\Windows\system32\config\syst
emprofile\Music]
04/10/2012 11:20 AM <JUNCTION> My Pictures [C:\Windows\system32\config\s
ystemprofile\Pictures]
04/10/2012 11:20 AM <JUNCTION> My Videos [C:\Windows\system32\config\sys
temprofile\Videos]
0 File(s) 0 bytes

Total Files Listed:
0 File(s) 0 bytes
16 Dir(s) 68,208,848,896 bytes free

C:\Users\Xiaofan>

The NTFS links report is attached as well

Thanks!
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitIntel Core i7-3612QMintegrated graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Lenovo
OS
Windows 7 Home Premium 64bit
CPU
Intel Core i7-3612QM
Graphics Card(s)
integrated graphics
Antivirus
Microsoft Security Essentials
Browser
Chrome
This looks to me to be the residuals of a malware attack, or the results of using an automated 'fix' tool from an incompetent company.
There is no way that these links should be present - and I have no idea what the effect of removing them would be.

My immediate thought is to do a reformat/reinstall, as there's a possibility that the machine is highly compromised.

Second thought is to do a repair install.
 

My Computer My Computer

At a glance

Win 7 x64 Home Premium (and x86 VirtualBox VM...i3 370M/i7 6500U8GB - finally :)/8GBit's an i3, dude!/dual Intel&nVidia
Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Been busy the last little while, but finally yesterday got around to doing a repair install as you recommended - worked like a charm, windows is fully up to date again. Thanks for your help!
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitIntel Core i7-3612QMintegrated graphics
Computer type
Laptop
Computer Manufacturer/Model Number
Lenovo
OS
Windows 7 Home Premium 64bit
CPU
Intel Core i7-3612QM
Graphics Card(s)
integrated graphics
Antivirus
Microsoft Security Essentials
Browser
Chrome
Glad I was able to point you in the right direction!

Good luck with it!
 

My Computer My Computer

At a glance

Win 7 x64 Home Premium (and x86 VirtualBox VM...i3 370M/i7 6500U8GB - finally :)/8GBit's an i3, dude!/dual Intel&nVidia
Computer type
Laptop
Computer Manufacturer/Model Number
Asus K52F or Lenovo B51-80
OS
Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
CPU
i3 370M/i7 6500U
Motherboard
Asus/Lenovo
Memory
8GB - finally :)/8GB
Graphics Card(s)
it's an i3, dude!/dual Intel&nVidia
Sound Card
onboard
Monitor(s) Displays
15.6" built-in
Screen Resolution
1366x768/1920x1080
Hard Drives
750GB Seagate internal
Sundry external drives attached to other computers on the local network
1TB SSD on the Lenovo
PSU
n/a
Internet Speed
as much as I can get - usually on a dongle/phone, so <1MB/s
Antivirus
MSE/Defender
Browser
IE11/12/Edge/Chrome/FF(if I must)
Back
Top