Tech Support Forum - View Single Post - My laptop cannot get Microsoft Updates and I couldn't install most of the free scans

miracleshaman · 12-09-2006, 12:22 AM

The only scans that would work were trend micro. CW shredder found nothing, but the scan did find WinAd 1, but said it could not remove it.

About two weeks ago I started getting pop-up ads like crazy. I couldn't stand being online, it was so annoying! I downloaded Registry Mechanic and it found and removed lots of errrors, and it was a little bit better, but not completely.

I run Spybot, Ad-Aware, SpySweeper, Registry Mechanic and Arovax AntiSpyware every day, and they always find stuff, every day, but I still can't get Updates and the pop-ups, though lessened were still there.

So I downloaded HijackThis and eliminated everything listed in the first scan. Before I read not to. Oops! Luckliy, I didn't wreck anything. Nor did I fix anything. Then I ran HijackThis again, and went through every item, one by one, and removed what I identified as bad. And the pop-ups have totally stopped. At least none today, and only one yesterday. Way better than one every 2 seconds!

But I still can't get Microsoft Updates or updates for Windows Defender (or download and install those scanners, even for a one-time use). I have no trouble gettting updates for AVG, Ad-Aware, or Spybot.

When I go to get Updates, it says the files I need can not be found and must be reinstalled. So I click on OK, and it says Downloading... Registering... and then goes right back to the page that says the files have to be installed. And its just an endless loop, over and over. With nothing actually being installed. Even when I could get updates (this started a few weeks ago) I could never install the update for .Net Framework. That would fail every time.

Looking forward to finding out what you find. So here's the log:

Logfile of HijackThis v1.99.1
Scan saved at 1:42:58 AM, on 12/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Documents and Settings\Suraya Rose Sarae\Application Data\Allume Systems\StuffIt\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ebay.com/
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Arovax AntiSpyware] "C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe" /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/reso...scbase8460.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/v...fo/webscan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Notebook Manager Service (anbmService) - Unknown owner - C:\Acer\eManager\anbmServ.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

I see it lists Panda and other scanners, so I guess they did install after all, but none of them would actually scan. And its possible the places that say files missing are from where I deleted things before I knew better.

And in case there is any confusion. This post is for a different computer than what I posted for earlier. I'd think it was obvious to you, because the problems are different. But just in case you're wondering why I posted again so soon, that's why!

Thank you in advance for what you find, because I have been worried about security breaches on this computer. I do download P2P files here. Miracle Shaman.

12-09-2006, 12:22 AM	#1 (permalink)
miracleshaman Registered User Join Date: Dec 2006 Posts: 128 OS: XPSP2	My laptop cannot get Microsoft Updates and I couldn't install most of the free scans The only scans that would work were trend micro. CW shredder found nothing, but the scan did find WinAd 1, but said it could not remove it. About two weeks ago I started getting pop-up ads like crazy. I couldn't stand being online, it was so annoying! I downloaded Registry Mechanic and it found and removed lots of errrors, and it was a little bit better, but not completely. I run Spybot, Ad-Aware, SpySweeper, Registry Mechanic and Arovax AntiSpyware every day, and they always find stuff, every day, but I still can't get Updates and the pop-ups, though lessened were still there. So I downloaded HijackThis and eliminated everything listed in the first scan. Before I read not to. Oops! Luckliy, I didn't wreck anything. Nor did I fix anything. Then I ran HijackThis again, and went through every item, one by one, and removed what I identified as bad. And the pop-ups have totally stopped. At least none today, and only one yesterday. Way better than one every 2 seconds! But I still can't get Microsoft Updates or updates for Windows Defender (or download and install those scanners, even for a one-time use). I have no trouble gettting updates for AVG, Ad-Aware, or Spybot. When I go to get Updates, it says the files I need can not be found and must be reinstalled. So I click on OK, and it says Downloading... Registering... and then goes right back to the page that says the files have to be installed. And its just an endless loop, over and over. With nothing actually being installed. Even when I could get updates (this started a few weeks ago) I could never install the update for .Net Framework. That would fail every time. Looking forward to finding out what you find. So here's the log: Logfile of HijackThis v1.99.1 Scan saved at 1:42:58 AM, on 12/9/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SSU.EXE C:\Documents and Settings\Suraya Rose Sarae\Application Data\Allume Systems\StuffIt\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ebay.com/ O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [Arovax AntiSpyware] "C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe" /s O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/reso...scbase8460.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/v...fo/webscan.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Notebook Manager Service (anbmService) - Unknown owner - C:\Acer\eManager\anbmServ.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe I see it lists Panda and other scanners, so I guess they did install after all, but none of them would actually scan. And its possible the places that say files missing are from where I deleted things before I knew better. And in case there is any confusion. This post is for a different computer than what I posted for earlier. I'd think it was obvious to you, because the problems are different. But just in case you're wondering why I posted again so soon, that's why! Thank you in advance for what you find, because I have been worried about security breaches on this computer. I do download P2P files here. Miracle Shaman.