FIXED!Group_Policy_Client error Event ID 7026 Have I been HACKED?!?

[Elvis2]

I now have to logon at the password screen which I didn't have to before.
I can't check firewall status nor may I install Ad-Aware.
Restore dosen't work.
This is on a fresh install of Windows 7 last weekend and everything worked fine up until yesterday. This is not my daily rig. I use it for video editing, recording and gaming. It's been off for four days.
Tia

 

[Elvis2]

ttt

 

[RebateMonger]

I don't know about the 7026 error, but the others: Ad-Aware, System Restore, Firewall status, are common signs of malware infection.

Can you provide more information about the error messages you get when you try to install Ad-Aware or check the Firewall status?

 

[Elvis2]

I don't know about the 7026 error, but the others: Ad-Aware, System Restore, Firewall status, are common signs of malware infection.

Can you provide more information about the error messages you get when you try to install Ad-Aware or check the Firewall status?

I go to open the firewall status and nothing happens. Same with system restore. Ad-Aware goes to install and just keeps loading.
Microsoft website sez this error prevents the regular user from being able to logon. I'm able to do so but have to go thru the password screen but didn't have to before all this started. Maybe because I don't use a password to logon since I'm the only one that uses it. I dunno....
Btw, thanks for the response.

 

[RebateMonger]

I go to open the firewall status and nothing happens. Same with system restore. Ad-Aware goes to install and just keeps loading.

Hmmm...I wouldn't say those are typical malware responses. Often, you'll get a message that the program is corrupted or infected.

Do other programs run OK? Do other control panels come up? Can you install other programs?

 

[Elvis2]

Hmmm...I wouldn't say those are typical malware responses. Often, you'll get a message that the program is corrupted or infected.

Do other programs run OK? Do other control panels come up? Can you install other programs?

Everything else works fine. I can't restore, check firewall status, allow programs thru the firewall or install Ad-aware. It's all security issues.
I backed up my rig on an external drive just before this happened. I'm considering a reformat and fresh install but still don't know how and what caused this. When I do a fresh install I:
1) Format
2) Load OS
3) Motherboard drivers
(all the above while disconnected from the internet)
4) Install AVG, reboot, go online for AVG updates. At this point, I usually install Ad-aware as well but didn't this time .
5) Microsoft updates of my choosing
6) Video and souncard drivers
7) Misc. software
8) Disk cleanup
9) Defrag
10) Full virus scan
11) Run Ad-aware

 

[RebateMonger]

It's possible it's just some sort of problem with Windows or drivers that has messed things up.

I don't see anythiing wrong with your install methodology.

That said, the most likely way a nearly-new computer could be contaminated would be from malware-infected drivers or software. I recommend that sure that drivers come from the component or motherboard manufacturer, Windows Updates are obtained from Microsoft, and I avoid non-name-brand utilities unless absolutely necessary and I use them only if the software maker has a well-documented history.

Of course, there's also the possibility of a self-installing web malware attack. Typically these are pretty obvious, though, with immediate pop-ups and such. If it's super-quiet software trying to remain hidden, it wouldn't make sense to announce its arrival with a bunch of computer malfunctions.

Sorry I'm not of more help. Like I said, your symptoms are not typical of what I've seen from other malware infections...not that I've seen them all.

 

[stlcardinals]

I'd download malwarebytes from another computer and stick the install file on usb flash drive.

Reboot your suspected computer into safe mode (press F8 before Windows splash screen and select safe mode)

Install malwarebytes and run a full scan.

Running any Windows installation with a user that has admin rights without a password is asking for trouble. Set a password on any user account.

 

[Elvis2]

I'd download malwarebytes from another computer and stick the install file on usb flash drive.

Reboot your suspected computer into safe mode (press F8 before Windows splash screen and select safe mode)

Install malwarebytes and run a full scan.

Running any Windows installation with a user that has admin rights without a password is asking for trouble. Set a password on any user account.

Thanks, I'll give it a try.

 

[Gamingphreek]

I now have to logon at the password screen which I didn't have to before.
I can't check firewall status nor may I install Ad-Aware.
Restore dosen't work.
This is on a fresh install of Windows 7 last weekend and everything worked fine up until yesterday. This is not my daily rig. I use it for video editing, recording and gaming. It's been off for four days.
Tia

If the computer has been off for 4 days, how do you think it got infected ?

Additionally, have you downloaded something questionable or been to any questionable sites? If not, once again, how do you think it got infected ?

Don't bother running Malwarebytes, it sounds like something merely isn't working right or an update corrupted your system upon boot. Boot from the Windows 7 disk and do a restore from there.

Additionally, lets refine your excessively long install process...

1) Format
2) Load OS
3) Motherboard drivers
(all the above while disconnected from the internet)
----> No need to do this. Get the most up to date drivers from the web.
4) Install AVG, reboot, go online for AVG updates. At this point, I usually install Ad-aware as well but didn't this time.
----> AVG is terrible now. MSE or Avira should be what you want now.
----> Ad-aware is also excessive given that Windows Defender runs by default. Don't bother with it.
5) Microsoft updates of my choosing
6) Video and souncard drivers
----> You should really install video and sound drivers right after motherboard drivers. Don't trust Windows Update to always get the most up-to-date and correct drivers.
7) Misc. software
8) Disk cleanup
----> Largely unnecessary as you should have next to nothing in your tmp directories and there shouldn't be any files old enough to compress.
9) Defrag
----> Why would you do this? If you haven't deleted hundreds of things already there should be no fragmentation. Furthermore, Windows should be doing this already. Finally, there should given the I/O algorithms present in todays machines, defragmenting a machine should have virtually no effect.
10) Full virus scan
----> Once again, why? What have you downloaded or visited that would necessitate this.
11) Run Ad-aware
----> Same as above, why? If you haven't visited anything questionable there should be no reason to run this!

In short it should look something like this:
1. Format
2. Install OS
3. Install Firefox/Chrome/Safari
4. Install various drivers (Chipset, Audio, Video, etc...)
5. Install Microsoft Security Essentials
6. Enjoy

-Kevin

 

[Elvis2]

Malwarebytes didn't turn up anything so maybe it was a corrupted file.
I installed my image file and everything's back to normal.
Thanks for the help.

 

[RebateMonger]

I installed my image file and everything's back to normal.

That's cheating. (grin)

 

[Chiefcrowe]

As far as I recall, in safe mode the service is disabled so you can't install software while in that mode.

I'd download malwarebytes from another computer and stick the install file on usb flash drive.

Reboot your suspected computer into safe mode (press F8 before Windows splash screen and select safe mode)

Install malwarebytes and run a full scan.

Running any Windows installation with a user that has admin rights without a password is asking for trouble. Set a password on any user account.

 

[stlcardinals]

As far as I recall, in safe mode the service is disabled so you can't install software while in that mode.

If that software's install requires the Windows Installer service. Malwarebytes does not. There is a workaround for even the windows installer service that I use to uninstall stuff in safe mode that require the service, can't think of it off the top of my head.

 

[rasczak]

If that software's install requires the Windows Installer service. Malwarebytes does not. There is a workaround for even the windows installer service that I use to uninstall stuff in safe mode that require the service, can't think of it off the top of my head.

I would love to hear about this. If you happen to remember it, do you think you could post it here?

 

[Elvis2]

That's cheating. (grin)

Yeah, but it worked .
It turned out to be a corrupted file. I went thru the event log and I scattered a file during an o/c session. Just pushed my rig a little too far. .

 

[Elvis2]

If the computer has been off for 4 days, how do you think it got infected ?
Possible Trojan

Additionally, have you downloaded something questionable or been to any questionable sites? If not, once again, how do you think it got infected ?
None

Don't bother running Malwarebytes, it sounds like something merely isn't working right or an update corrupted your system upon boot. Boot from the Windows 7 disk and do a restore from there.

Additionally, lets refine your excessively long install process...
Mine works for me ...Thank you very much.


In short it should look something like this:
1. Format
2. Install OS
3. Install Firefox/Chrome/Safari
4. Install various drivers (Chipset, Audio, Video, etc...)
5. Install Microsoft Security Essentials
6. Enjoy

-Kevin

Checking the event log, the error occured during an o/c session in which I obviously corrupted some files.