No updates possible 80072EFE
in [Windows Update]
|
From: Klauwaart on 14 May 2010 08:13 MOW, YOU DID IT!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! I don't know how to thank you. I REALLY owe you BIG TIME!!!!! The scan with the Malicious Software Remover took almost 7 hours, and it turned out 2 files on my hard drive were infected with the Alureon.H virus, which apparentlyy looks at your drivers, and, as I experienced, sends users to sites of the hacker's choice (hence the redirection from Google to advert sites). Also, after the reboot, I saw that orange shield with an exclamation mark on my "Shut Down" button, which indicated to me that the updates were up and running again, and yes, when I opened Windows Update, there it came, telling me there were updates waiting for me. Like I said before, I really don't know how to thank you, all the patience you have shown, and all the detailed explanations. If there is ever anything I can do for you, I'll be only too glad to do so. Thanks a thousand times again. Klauwaart. (You saved my blond hair from going grey). "MowGreen" <mowgreen(a)nowandzen.com> wrote in message news:eslgF0v8KHA.3880(a)TK2MSFTNGP04.phx.gbl... >> >>> >>> So, what happens when you try to open an Elevated Command Prompt now >>> ( Start orb > Search programs and files > type in cmd >>> Under Programs, right click cmd.exe and choose 'Run as admin ') >>> does UAC prompt you to allow it to run Elevated ? >> Well, what happens now is a popup saying "Do you want this program to >> make changes to your system?" >> Is that the prompt you mean? >> And when I looked at my slider, I got the same prompt, but asking me if I >> wanted Lavasoft >> to make changes to my system. > > Now that's the way UAC is supposed to function. > >>> Restart the system and then open Windows Update in Control Panel. >>> Click the Check for updates link. >>> Can the system contact the update servers now ? >> That is obviously a no. > > Dang it. Please download and *save* the Windows Malicious Software Removal > Tool ( MRT )from here: > http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en > > Once the download completes, boot the system to Safe Mode: > http://windows.microsoft.com/en-us/windows7/Advanced-startup-options-including-safe-mode > > " The Advanced Boot Options screen lets you start Windows in advanced > troubleshooting modes. You can access the menu by turning on your computer > and pressing the F8 key *before* Windows starts " > > Repeatedly press the F8 to access the Advanced Boot Options menu. If the > F8 key is not pressed prior to Windows loading you'll have to shutdown and > do it all over again. > Once in Safe Mode (NOT Safe Mode with Networking; *just* Safe Mode) > run windows-kb890830-v3.7.exe by *right* clicking it and choose 'Run as > administrator'; agree to the UAC prompts to allow it to run Elevated. > Once the MRT has finished running it should open a window showing you a > list of malware and if any of them were detected. > > If you want, you can view the mrt.log located in > Windows\debug <--- this subfolder > > > Restart the system to normal Windows mode and please let us know if > anything was detected and if it was removed. > If nothing was detected, suggest you open Internet Explorer by clicking > the Start orb > click All Program > *right* click Internet Explorer and > choose 'Run as administrator'; do the UAC prompt again. > Then go here: http://www.eset.com/online-scanner > > Click the Eset Online Scanner button and have the system scanned by it. > Please post back with what was detected/removed, if anything. > > MowGreen > ================ > *-343-* FDNY > Never Forgotten > ================ > > banthecheck.com > "Security updates should *never* have *non-security content* prechecked > > > > Klauwaart wrote: >> >>> >>> So, what happens when you try to open an Elevated Command Prompt now >>> ( Start orb > Search programs and files > type in cmd >>> Under Programs, right click cmd.exe and choose 'Run as admin ') >>> does UAC prompt you to allow it to run Elevated ? >> Well, what happens now is a popup saying "Do you want this program to >> make changes to your system?" >> Is that the prompt you mean? >> And when I looked at my slider, I got the same prompt, but asking me if >> I wanted Lavasoft to make changes to my system.
From: PA Bear [MS MVP] on 14 May 2010 12:23 [You may not be totally "out of the woods" just yet.] Klauwaart wrote: > MOW, YOU DID IT!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! > I don't know how to thank you. > I REALLY owe you BIG TIME!!!!! > > The scan with the Malicious Software Remover took almost 7 hours, and it > turned out 2 files on my hard drive were infected with the Alureon.H > virus, > which apparentlyy looks at your drivers, and, as I experienced, sends > users > to sites of the hacker's choice (hence the redirection from Google to > advert > sites). > > Also, after the reboot, I saw that orange shield with an exclamation mark > on > my "Shut Down" button, which indicated to me that the updates were up and > running again, and yes, when I opened Windows Update, there it came, > telling > me there were updates waiting for me. > > Like I said before, I really don't know how to thank you, all the patience > you have shown, and all the detailed explanations. > If there is ever anything I can do for you, I'll be only too glad to do > so. > > Thanks a thousand times again. > Klauwaart. > (You saved my blond hair from going grey). > > > "MowGreen" <mowgreen(a)nowandzen.com> wrote in message > news:eslgF0v8KHA.3880(a)TK2MSFTNGP04.phx.gbl... >>> >>>> >>>> So, what happens when you try to open an Elevated Command Prompt now >>>> ( Start orb > Search programs and files > type in cmd >>>> Under Programs, right click cmd.exe and choose 'Run as admin ') >>>> does UAC prompt you to allow it to run Elevated ? >>> Well, what happens now is a popup saying "Do you want this program to >>> make changes to your system?" >>> Is that the prompt you mean? >>> And when I looked at my slider, I got the same prompt, but asking me if >>> I >>> wanted Lavasoft >>> to make changes to my system. >> >> Now that's the way UAC is supposed to function. >> >>>> Restart the system and then open Windows Update in Control Panel. >>>> Click the Check for updates link. >>>> Can the system contact the update servers now ? >>> That is obviously a no. >> >> Dang it. Please download and *save* the Windows Malicious Software >> Removal >> Tool ( MRT )from here: >> http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en >> >> Once the download completes, boot the system to Safe Mode: >> http://windows.microsoft.com/en-us/windows7/Advanced-startup-options-including-safe-mode >> >> " The Advanced Boot Options screen lets you start Windows in advanced >> troubleshooting modes. You can access the menu by turning on your >> computer >> and pressing the F8 key *before* Windows starts " >> >> Repeatedly press the F8 to access the Advanced Boot Options menu. If the >> F8 key is not pressed prior to Windows loading you'll have to shutdown >> and >> do it all over again. >> Once in Safe Mode (NOT Safe Mode with Networking; *just* Safe Mode) >> run windows-kb890830-v3.7.exe by *right* clicking it and choose 'Run as >> administrator'; agree to the UAC prompts to allow it to run Elevated. >> Once the MRT has finished running it should open a window showing you a >> list of malware and if any of them were detected. >> >> If you want, you can view the mrt.log located in >> Windows\debug <--- this subfolder >> >> >> Restart the system to normal Windows mode and please let us know if >> anything was detected and if it was removed. >> If nothing was detected, suggest you open Internet Explorer by clicking >> the Start orb > click All Program > *right* click Internet Explorer and >> choose 'Run as administrator'; do the UAC prompt again. >> Then go here: http://www.eset.com/online-scanner >> >> Click the Eset Online Scanner button and have the system scanned by it. >> Please post back with what was detected/removed, if anything. >> >> MowGreen >> ================ >> *-343-* FDNY >> Never Forgotten >> ================ >> >> banthecheck.com >> "Security updates should *never* have *non-security content* prechecked >> >> >> >> Klauwaart wrote: >>> >>>> >>>> So, what happens when you try to open an Elevated Command Prompt now >>>> ( Start orb > Search programs and files > type in cmd >>>> Under Programs, right click cmd.exe and choose 'Run as admin ') >>>> does UAC prompt you to allow it to run Elevated ? >>> Well, what happens now is a popup saying "Do you want this program to >>> make changes to your system?" >>> Is that the prompt you mean? >>> And when I looked at my slider, I got the same prompt, but asking me if >>> I wanted Lavasoft to make changes to my system.
From: Klauwaart on 14 May 2010 12:46 True, PA Bear, but at least the main problems have gone, ie. the updates refusing to do anything, and the redirecting and blocking of sites during surfing. I have even strengthened my security now. "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message news:OEQVGQ48KHA.4600(a)TK2MSFTNGP02.phx.gbl... > [You may not be totally "out of the woods" just yet.] > > Klauwaart wrote: >> MOW, YOU DID IT!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! >> I don't know how to thank you. >> I REALLY owe you BIG TIME!!!!! >> >> The scan with the Malicious Software Remover took almost 7 hours, and it >> turned out 2 files on my hard drive were infected with the Alureon.H >> virus, >> which apparentlyy looks at your drivers, and, as I experienced, sends >> users >> to sites of the hacker's choice (hence the redirection from Google to >> advert >> sites). >> >> Also, after the reboot, I saw that orange shield with an exclamation mark >> on >> my "Shut Down" button, which indicated to me that the updates were up and >> running again, and yes, when I opened Windows Update, there it came, >> telling >> me there were updates waiting for me. >> >> Like I said before, I really don't know how to thank you, all the >> patience >> you have shown, and all the detailed explanations. >> If there is ever anything I can do for you, I'll be only too glad to do >> so. >> >> Thanks a thousand times again. >> Klauwaart. >> (You saved my blond hair from going grey). >> >> >> "MowGreen" <mowgreen(a)nowandzen.com> wrote in message >> news:eslgF0v8KHA.3880(a)TK2MSFTNGP04.phx.gbl... >>>> >>>>> >>>>> So, what happens when you try to open an Elevated Command Prompt now >>>>> ( Start orb > Search programs and files > type in cmd >>>>> Under Programs, right click cmd.exe and choose 'Run as admin ') >>>>> does UAC prompt you to allow it to run Elevated ? >>>> Well, what happens now is a popup saying "Do you want this program to >>>> make changes to your system?" >>>> Is that the prompt you mean? >>>> And when I looked at my slider, I got the same prompt, but asking me if >>>> I >>>> wanted Lavasoft >>>> to make changes to my system. >>> >>> Now that's the way UAC is supposed to function. >>> >>>>> Restart the system and then open Windows Update in Control Panel. >>>>> Click the Check for updates link. >>>>> Can the system contact the update servers now ? >>>> That is obviously a no. >>> >>> Dang it. Please download and *save* the Windows Malicious Software >>> Removal >>> Tool ( MRT )from here: >>> http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en >>> >>> Once the download completes, boot the system to Safe Mode: >>> http://windows.microsoft.com/en-us/windows7/Advanced-startup-options-including-safe-mode >>> >>> " The Advanced Boot Options screen lets you start Windows in advanced >>> troubleshooting modes. You can access the menu by turning on your >>> computer >>> and pressing the F8 key *before* Windows starts " >>> >>> Repeatedly press the F8 to access the Advanced Boot Options menu. If the >>> F8 key is not pressed prior to Windows loading you'll have to shutdown >>> and >>> do it all over again. >>> Once in Safe Mode (NOT Safe Mode with Networking; *just* Safe Mode) >>> run windows-kb890830-v3.7.exe by *right* clicking it and choose 'Run as >>> administrator'; agree to the UAC prompts to allow it to run Elevated. >>> Once the MRT has finished running it should open a window showing you a >>> list of malware and if any of them were detected. >>> >>> If you want, you can view the mrt.log located in >>> Windows\debug <--- this subfolder >>> >>> >>> Restart the system to normal Windows mode and please let us know if >>> anything was detected and if it was removed. >>> If nothing was detected, suggest you open Internet Explorer by clicking >>> the Start orb > click All Program > *right* click Internet Explorer and >>> choose 'Run as administrator'; do the UAC prompt again. >>> Then go here: http://www.eset.com/online-scanner >>> >>> Click the Eset Online Scanner button and have the system scanned by it. >>> Please post back with what was detected/removed, if anything. >>> >>> MowGreen >>> ================ >>> *-343-* FDNY >>> Never Forgotten >>> ================ >>> >>> banthecheck.com >>> "Security updates should *never* have *non-security content* prechecked >>> >>> >>> >>> Klauwaart wrote: >>>> >>>>> >>>>> So, what happens when you try to open an Elevated Command Prompt now >>>>> ( Start orb > Search programs and files > type in cmd >>>>> Under Programs, right click cmd.exe and choose 'Run as admin ') >>>>> does UAC prompt you to allow it to run Elevated ? >>>> Well, what happens now is a popup saying "Do you want this program to >>>> make changes to your system?" >>>> Is that the prompt you mean? >>>> And when I looked at my slider, I got the same prompt, but asking me if >>>> I wanted Lavasoft to make changes to my system. >
From: Ottmar Freudenberger on 14 May 2010 14:14 "Klauwaart" <admin(a)vlaanderen-flanders.org.uk> schrieb: > I have even strengthened my security now. Not really until you've rebuilded your compormised system from scratch. Bye, Freudi
From: Klauwaart on 14 May 2010 21:05
Sure, will give that a go too Don't really want to go through all that misery again. Thanks. "Ottmar Freudenberger" <freudi(a)gmx.net> wrote in message news:855i82FgddU1(a)mid.individual.net... > "Klauwaart" <admin(a)vlaanderen-flanders.org.uk> schrieb: > >> I have even strengthened my security now. > > Not really until you've rebuilded your compormised system from scratch. > > Bye, > Freudi |