techinstructor

Hallelujah! It worked! I follwed these instructions and upon restart, Window Management Instrumentation Service had been started. I was then able to "Start" the Security Center with no errors. I tried installing a few Windows updates with the Windows Updater and they did NOT failed. I suspect the WMI problem was causing my installation errors before. I am so glad to have that working again. Thank you so much for your help.

I am slowly working my way through the utility manual and the information on how to do the manual repair. This information pointed me to the Event Viewer where I discovered another Service, Application Virtualization Client that was also stopped on 11/11/13 and has an error message when I try to restart it. I suspect it too is dependent on WMI. I havn't run the tool yet; I'll post more when I do and know more. I may also call Customer Care as soon as I know enough to know what to ask. As to the registry, I would take you up on the offer if you think it will help. I'm very unsure of my knowledge and skills in this area so I definately need guidance. I am running Windows 7 Home Premium 64 bit. The only bootable disk I have for the ASUS is the Recovery DVD that I created when I first got it. I have never tried to use it as it is designed to wipe my drive and reinstall the OS. ******************************************************************************************************************************** I created a SysInspector log and sent it to Marco. Hopefully it will shed some more light on this issue. I do appreciate all of your help and patience. I won't have time to work on these problems tomorrow but I'll get back on it over the weekend. One other question: I have some other issues with this notebook that occurred prior to the November trojan infection (problems with the Elan trackpad, Windows Updater, and some other issues that I have been unable to resolve). I have seriously considered wiping the C drive and doing a system recovery. Were I to do that would it reset the registry as well? I realize that this would require the reinstallation of software and drivers. Thank you again.

I've tried to reply to this thread twice now and the post has just disappearred. I really appreciate the offers of help and I will respond shortly, but right now I'm so frustrated I could cry. I need to calm down and then I think things will work better.

Please post a screen shot of this message as I don't recall seeing anything like that so far. I would gladly post a screen shot but the message is no longer there. (No, I didn't make it up.) However, it would have been more accurate for me to say there was a red circle with an x in it beside the Flag in the notifications area. I am not very diligent about checking these notifications and since the message seems to come and go at random, I suspect this is an old problem. I did recheck to see if the Security Center had somehow "started" but it had not and will not. I am posting a screen shot of the error message that occurs when I try to start it. Someone else suggested that I check the dependencies for the Security Center for Windows for Windows Management Instrumentation and Remote Procedure Call. There were no dependencies listed. Remote Procedure Call had been started but Windows Management Instrumentation had been stopped and could not be restarted. (I'm posting a screenshot of that error message as well.) I think Windows Management Instrumentation may need to be running for the Security Center to function, so this may be the problem. I reread the thread on the trojan that infected my computer last November. I had this message from Stackz: and this from me stating my actions: I really didn't know anything about the Windows Management Instrumentation service, so I didn't do anything at the time to try to get it running again. It's probably been stopped since then. The only other lingering issue from that time that I know of is with the ASUS Control Deck, which tries to start up and then quits working everytime I restart the notebook. I haven't noticed anything else not working. So does anyone have any suggestions as how I can get these services operating again?

Ran chkdsk /f --- I did this on restart and watched it through stage 4, but missed seeing it do all of stage 5. As far as I know it only found 1 thing in Stage 4, Verifying file data. "Windows replaced bad clusters in file 3349 of name \USERS\TECHIN~1\NTUSER~1.REG" Ran sfc/ scannow as admin -- Results: "Windows Resource Protection did not find any integrity violations" I've run ESET on this computer since it was new. I did have an issue with a trojan back in November https://forum.eset.com/topic/1365-win32kryptikbojt-trojan-variant-found/#entry7652. More on that in the next post.

Hi, I'm running Windows 7 Home Premium (64 bit) and ESET Smart Security 5 Version 5.2.9.1. Upon startup I had a red flag in my Windows Action Center that informed me that I needed to start the Windows Security Center. I attempted to do this, but was not able to. Microsoft support led me to the Security Center Properties and told me to choose "Log On" and click "Browse" to enter the name of my computer (which is an Asus K52JC notebook, if that matters). When I enter my computer name I get an error message, "An object (User or Built-in security principal) withe the following name cannot be found: "timobile". Check the selected object types and locations for accuracy (they look correct to me) and ensure that you have typed the object name correctly, (it is correct) or remove this object from the selection. Windows support suggested the possibilty of malware if the service would not start after this step. When I try to start the service, I get this message: "Windows could not start the Security Center service on Local Computer. Error 1068: The dependency service or group failed to start." So after checking the ESET logs and seeing that all was well and up to date - no evidence of any recent activity in the logs, I ran Malwarebytes (nothing found) and then Spybot Search and Destroy which found some registry issues, all of which it was able to fix except for 1 (HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSD\General\ -- I didn't understand what the threat was, only that it was unable to clean it. Interestingly, when I looked this up in the registry, one of the items in the General folder was ComputerName. So, my questions are: 1) Should I even be concerned with this issue? I wondered if I even needed to run Windows Security Center if I'm running ESET. 2) If I do need to run Windows Security Center, then does anyone have any suggestions as to what steps I could try from this point? Thank you for your help.

Thanks. Upon investigation I found this file in eSet's quarantine. Further seaching revealed three other files etfq4h.reg, etfq4h.bxx, and etfq4h.fvv. I was able to quarantine the first two and the third I was able to delete after reboot with the help of Hijack This. I also deleted the registry entry. Is it ok to delete these and the other trojan files from the eSet quarantine? I really don't like leaving them there and would much prefer for them to just be GONE! Thanks again.

Sorry it took me so long to respond. I've attached the Sysinspector Log. Hopefully, this is what you were requesting. SysInspector-TIMOBILE-131117-1359.zip So far the computer has not had any other issues, though the issue with "the ControlDeck not responding" continues to occur each time it starts up. Interestingly though, there are no obvious issues other than the dialog window pops ups, I click "close" and then everything appears normal and there are no obvious issues with operation. I'm planning to download the latest version of the ControlDeck from ASUS and see if it fixes the problem. I'm still concerned that there may be other hidden issues from this trojan lurking on my machine so I greatly appreciate any suggestions you may have.

My computer was infected last night with a variant of Win32/Kryptik.BOJT Trojan. It locked the computer and demanded a $300 ransom for the key to unlock the machine. Upon the third restart, the computer was unlocked thanks to eSet Smart Security 5. eSet located and quarantined the trojan - file name: h4qfte.dss. Since then I've had only a few minor issues which may or may not be related. Soon after the desktop was unlocked I got a Windows error message stating that the Control deck had stopped working. This has not happened again, but then I haven't restarted the computer. I've also experienced a frozen browser (mouse would not move) for about a minute a few times this morning - once when trying to "print" to pdf. Each time the browser came back into operation on its own after a pause. Our internet connection (mobile broadband) is "iffy" at best so that may have been the culprit there. Since discovering the quarantined trojan I have run a computer scan with eSet, in addition to a scan with SuperAntiSpyware and Malwarebytes Anti Malware, all of which had up-to-date definitions. Nothing was found on any of these scans. I've also run CCleaner which did not find anything. Interestingly, wrhile checking the startup items in CCleaner, I found a suspicious file (etfq4h.ink) which was disabled and deleted. I also disabled "Remote Desktop Administration" after reading a tip at eSet (I don't recall ever enabling it, so I wonder if the trojan did that). I also put tape over my laptop's camera, since the trojan photographed the user when the infection occurred. This was disconcerting to say the least. I'm concerned that there could be other infected items that have not been discovered. I can't find any definitive information on the variant of this trojan that infected my computer, specifically if it could have had rootkit capabilities. I'm also concerned that the eSet Firewall allowed this trojan to get into my computer. I would appreciate comments concerning any further action that I might take to ensure that I don't have more problems from this trojan in the future. I'm afraid to back up my files for fear of infecting my external drive which was not plugged in at the time. Any assurances or advice would be welcomed.