Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Old Siferef infection killed Win7 Updater?


  • Please log in to reply
18 replies to this topic

#1 carlsoti

carlsoti

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:39 AM

Posted 10 May 2012 - 07:19 PM

So, I'm trying to get an online game working, thinking they had issues. Come to find out, neither my firewall nor updater has been working since January.

Here's the link to my original thread, where Gringo helped me get rid of the infection:

http://www.bleepingcomputer.com/forums/topic437822.html


I dug around and found a registry file to get the firewall working, but I'm stumped on the Updater. Microsoft is of no help.

What do I do?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 10 May 2012 - 11:25 PM

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#3 carlsoti

carlsoti
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:39 AM

Posted 11 May 2012 - 06:11 AM

Farbar Service Scanner Version: 08-05-2012
Ran by Owner (administrator) on 11-05-2012 at 04:10:33
Running from "C:\Users\Owner\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 11 May 2012 - 08:08 AM

What happens when you do a windows update?

Do you receive any error codes?

Did you run the fixit?

http://support.microsoft.com/kb/971058

#5 carlsoti

carlsoti
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:39 AM

Posted 11 May 2012 - 07:21 PM

When I run updater, it starts, but then gives error code 80096001. I've tried at least three different MS fix-its. two of them said it was fixing something, but nothing changed, the other did nothing.
attached is a screen shot of the updater error. (though I might not've done the screenshot/paste part right.)

Attached Files


Edited by carlsoti, 11 May 2012 - 07:22 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 11 May 2012 - 10:53 PM

Download

http://go.microsoft.com/?linkid=9643523

Run it aggressive mode

Restart the PC and check if you can update

If that doesnt work,try this

http://go.microsoft.com/?linkid=9748992

I've tried at least three different MS fix-its

can you list them?

#7 carlsoti

carlsoti
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:39 AM

Posted 11 May 2012 - 11:23 PM

Unfortunately, I'm not really good with keeping track of that stuff. It was ones that were linked through the microsoft help and support just below the error message.

I'll try the other suggestions now.

#8 carlsoti

carlsoti
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:39 AM

Posted 11 May 2012 - 11:35 PM

i tried both of the fix-its you linked. The first one only seemed to wipe out the update history, so it shows I've never updated, instead of the old January date. Still no updates. I ran the second one after finding out the first one didn't do anything, and the second one didn't do anything either.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 12 May 2012 - 12:05 AM

Make sure to create a restore point before trying this

Download

windefend

Launch it,click YES when you receive a UAC prompt

For this particular error code i dont find any proper solution on the web

Try this

readiness tool

or

open command prompt with admin rights and run this command

sfc /scannow

Restart the PC and check for updates.

If this error code is specific to microsoft security essentials.Try reinstalling it

good luck

Edited by narenxp, 12 May 2012 - 12:07 AM.


#10 carlsoti

carlsoti
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:39 AM

Posted 12 May 2012 - 12:36 AM

I tried the windefend. It didn't do anything. When I ran the readieness tool, it gave me an error, the screen shot is attached. Obviously, that didn't do anything.

I ran the scannow, and it didn't detect anything. I re-booted anyway, and still nothing.


Is there any way that the original win7 disc can help fix the problem, without losing any programs or other data??

Attached Files



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 12 May 2012 - 12:51 AM

Lets try one last thing ,download

subinacl

Install it,do not change the default location

open command prompt with admin rights and run this command and press ENTER

cd /d "%ProgramFiles%\Windows Resource Kits\Tools"

Now copy these commands together and paste it in command window

subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f /grant=system=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f /grant=system=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f /grant=system=f
subinacl /subdirectories %SystemDrive%\ /grant=administrators=f /grant=system=f



The command should start running,restart the PC after command completes

See if you can update now.If that doesnt work,try a STARTUP repair using your OS CD.

good luck

Edited by narenxp, 12 May 2012 - 12:51 AM.


#12 carlsoti

carlsoti
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:39 AM

Posted 12 May 2012 - 09:14 AM

I get an error "windows cannot find CD". Make sure you typed the name correctly then try again.

My files automatically load into my download file. I didn't move it from there. Might that be the problem?

EDIT: Nevermind that stuff above. I did "windows+r", not cmd.

When I run the CMD as admin, and past the line above, I get a message that the "system could not find the path specified."

Still, the file is in my download folder, might that cause the issue of this program not function properly?

Edited by carlsoti, 12 May 2012 - 09:28 AM.


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:39 AM

Posted 12 May 2012 - 09:50 AM

Still, the file is in my download folder, might that cause the issue of this program not function properly?

Did you install it? Launch the installer,and continue installing it in c:\ProgramFiles%\Windows Resource Kits\Tools

and then try the commands as instructed

#14 carlsoti

carlsoti
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:39 AM

Posted 12 May 2012 - 10:07 AM

sorry, I'm a little "thick" this morning.

It's installed and running now.

#15 carlsoti

carlsoti
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:02:39 AM

Posted 12 May 2012 - 10:13 AM

No luck. Same as before. Same error and everything.

Will a startup repair leave my files intact?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users