No updates possible 80072EFE
in [Windows Update]
|
From: Klauwaart on 13 May 2010 19:59 "MowGreen" <mowgreen(a)nowandzen.com> wrote in message news:eWDH2Ov8KHA.3840(a)TK2MSFTNGP02.phx.gbl... > Klauwaart wrote: >>> >>> 3) Click the back *arrow* at the top left of the window or click the >>> 'Go to the main User Accounts page' link at the bottom of the window. >>> Click the 'Change User Account Control settings' link. >>> Was there a UAC prompt ? What is the UAC slider set to ? >> Again, nothing that looked like a prompt, the slider is set to "Never >> Notify". >>> >>> If your User Account has Admin privileges then it should be set to >>> the *second from the top*, which is it's Default setting. If it is set >>> lower then that or it has been turned off, move the slider to the >>> second from the top and click the OK button. >>> Malware can disable or lower the UAC setting. >> I have now set the slider to the position you recommended. >>> >>> Will await your findings before recommending further steps. >> Thank you. >> I am almost embarrassed asking for more help. > > There's no cause for embarrassment unless you set the UAC slider to Never > Notify and forgot that you did. If you did not, then I strongly suspect > that malware is in play here and if that's the case, then it's pretty well > hidden. That's not the reason for being embarrassed. I must be pushing your patience to the limits. And, indeed, I never touched the slider, so I suspect Malware too, I have now used all sorts of malware killers (Spybot, MBAN, Lavasoft Ad-Aware, Webroot), but although they cleaned up things, the problem remains. Or maybe I could make a lot of money with a new wonder treatment: how to go from blond to grey overnight. :) > > So, what happens when you try to open an Elevated Command Prompt now > ( Start orb > Search programs and files > type in cmd > Under Programs, right click cmd.exe and choose 'Run as admin ') > does UAC prompt you to allow it to run Elevated ? Well, what happens now is a popup saying "Do you want this program to make changes to your system?" Is that the prompt you mean? And when I looked at my slider, I got the same prompt, but asking me if I wanted Lavasoft to make changes to my system. > > If yes, then flush the DNS cache. Type in the below commands, press Enter > after each > ( After you enter the first command you should get a message stating > "Windows IP Configuration. Successfully flushed the DNS Resolver Cache." ) I did get that "successfully flushed" message. > > ipconfig /flushdns > > Leave the Elevated Command Prompt open. Type in > > netsh winhttp show proxy > > Is any proxy listed ? If there is then type in the below, pressing Enter > after *each* command It gives me "Direct Access <no proxy server>" > > netsh winhttp reset proxy > netsh winsock reset > exit > > Restart the system and then open Windows Update in Control Panel. > Click the Check for updates link. > Can the system contact the update servers now ? That is obviously a no. > > > MowGreen > ================ > *-343-* FDNY > Never Forgotten > ================ > > banthecheck.com > "Security updates should *never* have *non-security content* prechecked
From: Klauwaart on 13 May 2010 20:04 Yet another update: this time it is the Windows application to control the settings which asks for permission when I go to my slider. "Klauwaart" <admin(a)vlaanderen-flanders.org.uk> wrote in message news:uMxaehv8KHA.5476(a)TK2MSFTNGP06.phx.gbl... > > > "MowGreen" <mowgreen(a)nowandzen.com> wrote in message > news:eWDH2Ov8KHA.3840(a)TK2MSFTNGP02.phx.gbl... >> Klauwaart wrote: >>>> >>>> 3) Click the back *arrow* at the top left of the window or click the >>>> 'Go to the main User Accounts page' link at the bottom of the window. >>>> Click the 'Change User Account Control settings' link. >>>> Was there a UAC prompt ? What is the UAC slider set to ? >>> Again, nothing that looked like a prompt, the slider is set to "Never >>> Notify". >>>> >>>> If your User Account has Admin privileges then it should be set to >>>> the *second from the top*, which is it's Default setting. If it is set >>>> lower then that or it has been turned off, move the slider to the >>>> second from the top and click the OK button. >>>> Malware can disable or lower the UAC setting. >>> I have now set the slider to the position you recommended. >>>> >>>> Will await your findings before recommending further steps. >>> Thank you. >>> I am almost embarrassed asking for more help. >> >> There's no cause for embarrassment unless you set the UAC slider to Never >> Notify and forgot that you did. If you did not, then I strongly suspect >> that malware is in play here and if that's the case, then it's pretty >> well hidden. > That's not the reason for being embarrassed. > I must be pushing your patience to the limits. > And, indeed, I never touched the slider, so I suspect Malware too, I have > now used all sorts of malware killers (Spybot, MBAN, Lavasoft Ad-Aware, > Webroot), but although they cleaned up things, the problem remains. > Or maybe I could make a lot of money with a new wonder treatment: how to > go from blond to grey overnight. :) > >> >> So, what happens when you try to open an Elevated Command Prompt now >> ( Start orb > Search programs and files > type in cmd >> Under Programs, right click cmd.exe and choose 'Run as admin ') >> does UAC prompt you to allow it to run Elevated ? > Well, what happens now is a popup saying "Do you want this program to make > changes to your system?" > Is that the prompt you mean? > And when I looked at my slider, I got the same prompt, but asking me if I > wanted Lavasoft to make changes to my system. > >> >> If yes, then flush the DNS cache. Type in the below commands, press Enter >> after each >> ( After you enter the first command you should get a message stating >> "Windows IP Configuration. Successfully flushed the DNS Resolver >> Cache." ) > I did get that "successfully flushed" message. >> >> ipconfig /flushdns >> >> Leave the Elevated Command Prompt open. Type in >> >> netsh winhttp show proxy >> >> Is any proxy listed ? If there is then type in the below, pressing Enter >> after *each* command > It gives me "Direct Access <no proxy server>" >> >> netsh winhttp reset proxy >> netsh winsock reset >> exit >> >> Restart the system and then open Windows Update in Control Panel. >> Click the Check for updates link. >> Can the system contact the update servers now ? > That is obviously a no. >> >> >> MowGreen >> ================ >> *-343-* FDNY >> Never Forgotten >> ================ >> >> banthecheck.com >> "Security updates should *never* have *non-security content* prechecked >
From: MowGreen on 13 May 2010 20:33 > >> >> So, what happens when you try to open an Elevated Command Prompt now >> ( Start orb > Search programs and files > type in cmd >> Under Programs, right click cmd.exe and choose 'Run as admin ') >> does UAC prompt you to allow it to run Elevated ? > Well, what happens now is a popup saying "Do you want this program to make changes to your system?" > Is that the prompt you mean? > And when I looked at my slider, I got the same prompt, but asking me if I wanted Lavasoft > to make changes to my system. Now that's the way UAC is supposed to function. >> Restart the system and then open Windows Update in Control Panel. >> Click the Check for updates link. >> Can the system contact the update servers now ? > That is obviously a no. Dang it. Please download and *save* the Windows Malicious Software Removal Tool ( MRT )from here: http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en Once the download completes, boot the system to Safe Mode: http://windows.microsoft.com/en-us/windows7/Advanced-startup-options-including-safe-mode " The Advanced Boot Options screen lets you start Windows in advanced troubleshooting modes. You can access the menu by turning on your computer and pressing the F8 key *before* Windows starts " Repeatedly press the F8 to access the Advanced Boot Options menu. If the F8 key is not pressed prior to Windows loading you'll have to shutdown and do it all over again. Once in Safe Mode (NOT Safe Mode with Networking; *just* Safe Mode) run windows-kb890830-v3.7.exe by *right* clicking it and choose 'Run as administrator'; agree to the UAC prompts to allow it to run Elevated. Once the MRT has finished running it should open a window showing you a list of malware and if any of them were detected. If you want, you can view the mrt.log located in Windows\debug <--- this subfolder Restart the system to normal Windows mode and please let us know if anything was detected and if it was removed. If nothing was detected, suggest you open Internet Explorer by clicking the Start orb > click All Program > *right* click Internet Explorer and choose 'Run as administrator'; do the UAC prompt again. Then go here: http://www.eset.com/online-scanner Click the Eset Online Scanner button and have the system scanned by it. Please post back with what was detected/removed, if anything. MowGreen ================ *-343-* FDNY Never Forgotten ================ banthecheck.com "Security updates should *never* have *non-security content* prechecked Klauwaart wrote: > >> >> So, what happens when you try to open an Elevated Command Prompt now >> ( Start orb > Search programs and files > type in cmd >> Under Programs, right click cmd.exe and choose 'Run as admin ') >> does UAC prompt you to allow it to run Elevated ? > Well, what happens now is a popup saying "Do you want this program to > make changes to your system?" > Is that the prompt you mean? > And when I looked at my slider, I got the same prompt, but asking me if > I wanted Lavasoft to make changes to my system.
From: Ottmar Freudenberger on 14 May 2010 00:35 "Klauwaart" <admin(a)vlaanderen-flanders.org.uk> schrieb: > And, indeed, I never touched the slider, so I suspect Malware too, I have > now used all sorts of malware killers (Spybot, MBAN, Lavasoft Ad-Aware, > Webroot), but although they cleaned up things, the problem remains. http://technet.microsoft.com/en-us/library/cc512587.aspx Rebuild your system from scratch. Bye, Freudi
From: PA Bear [MS MVP] on 14 May 2010 02:27
Ottmar Freudenberger wrote: >> And, indeed, I never touched the slider, so I suspect Malware too, I have >> now used all sorts of malware killers (Spybot, MBAN, Lavasoft Ad-Aware, >> Webroot), but although they cleaned up things, the problem remains. > > http://technet.microsoft.com/en-us/library/cc512587.aspx > Rebuild your system from scratch. [And they let Jesper get away!] |