windowsupdate log : error 0x8024000b
in [Windows Update]
|
Prev: Security Update error: Windows XP (KB973768)
Next: Failed Windows Update - Win 2K3 WE - Error code 0x80070005
From: Chris Dupont on 5 Jan 2010 18:44 PA bear, Thanks for the info, but i was looking for a solution without having to reinstall windows. There has to be a solution, which is not so radical. So for now, i'm going to try what Shenan said. If all that doesn't work, i still can do a re-install if necessary. grtz, Chris. "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> schreef in bericht news:uB5hdQdjKHA.2164(a)TK2MSFTNGP02.phx.gbl... >> In the past, i also had Norton Anti-Virus which i replaced with KAV >> since about 2 years. The subscription expired briefly a year ago >> for about 2 days. Any way to solve this ? > > Sure! Back-up any personal data (none of which should be considered 100% > trustworthy at this point) then do a format & clean install of Windows. > Please note that a Repair Install (AKA in-place upgrade) will NOT fix > this! > > HOW TO do a clean install of WinXP: See > http://michaelstevenstech.com/cleanxpinstall.html#steps and/or Method 1 in > http://support.microsoft.com/kb/978307 > > After the clean install, you'll have the equivalent of a "new computer" so > take care of everything on the following page before otherwise connecting > the machine to the internet or a network and before using a USB key that > isn't brand-new or hasn't been freshly formatted: > > 4 steps to help protect your new computer before you go online > http://www.microsoft.com/security/pypc.aspx > > Other helpful references include: > > HOW TO get a computer running WinXP Gold (no Service Packs) fully patched > (after a clean install) > http://groups.google.com/group/microsoft.public.windowsupdate/msg/3f5afa8ed33e121c > > HOW TO get a computer running WinXP SP1(a) or SP2 fully patched (after a > clean install) > http://groups.google.com/group/microsoft.public.windowsxp.general/msg/a066ae41add7dd2b > > Tip: After getting the computer fully-patched, download/install KB971029 > manually: http://support.microsoft.com/kb/971029 > > NB: Any Norton or McAfee free-trial that came preinstalled on the computer > when you bought it will be reinstalled (but invalid) when Windows is > reinstalled. You MUST uninstall the free-trial and download/run the > appropriate removal tool before installing any Windows Service Packs or IE > upgrades and before installing your new anti-virus application (e.g., KAV; > which will require WinXP SP3 to be installed). > > Norton Removal Tool > > ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe > > McAfee Consumer Products Removal Tool > > http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe > > Also see: > > Steps To Help Prevent Spyware > http://www.microsoft.com/security/spyware/prevent.aspx > > Steps to Help Prevent Computer Worms > http://www.microsoft.com/security/worms/prevent.aspx > > Avoid Rogue Security Software! > http://www.microsoft.com/security/antivirus/rogue.aspx > -- > ~Robear Dyer (PA Bear) > MS MVP-IE, Mail, Security, Windows Client - since 2002 > www.banthecheck.com > > > Chris Dupont wrote: >> It is true that in the past, i ran "hijackthis" software to show security >> breaches. >> In the past, i also had Norton Anti-Virus which i replaced with KAV >> since about 2 years. The subscription expired briefly a year ago >> for about 2 days. >> Any way to solve this ? >> >> >> >> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> schreef in bericht >> news:eW4LcfajKHA.4912(a)TK2MSFTNGP02.phx.gbl... >>> This "smells" like the result of a hijackware infection. How long has >>> KAV >>> been installed? Has your subscription ever expired, however briefly? >>> >>> Has a Norton or McAfee application ever been installed on this machine >>> (e.g., a free-trial version that came preinstalled when you bought it)? >>> -- >>> ~Robear Dyer (PA Bear) >>> MS MVP-IE, Mail, Security, Windows Client - since 2002 >>> >>> >>> Chris Dupont wrote: >>>> I've discovered that the problem is related to the fact that the >>>> Windows >>>> WMI-service can't be started. >>>> Also can't start 2 other services, cfr. Security center service and >>>> Windows >>>> firewall service. >>>> When trying to start WMI-service, I allways get the following error : >>>> "ERROR >>>> 126 : can't find module" >>>> So i executed the Microsoft WMIdiag.exe tool. In the log created by >>>> this >>>> tool, i found the following information. >>>> Can anyone help me with this ? Because i still don't understand what is >>>> exactly the cause of these problems. >>>> >>>> Info from tha WMidiag log : >>> <snip> >>>> BroMow wrote: >>>>> 0x8024000b means that the operation was cancelled. >>>>> The green bar scrolling endlessly is occurring because of >>>>> error 0x80080005 >>>>> >>>>> 2010-01-03 21:09:34:390 1424 808 Agent WARNING: Failed to evaluate >>>>> Installed rule, updateId = {02FF0A91-FC2F-4218-AAF5-D28FDD327581}.105, >>>>> hr >>>>> = 80080005 >>>>> >>>>> Either there's corruption in the CatRoot2 subfolder or the winsock >>>>> stack >>>>> is damaged. >>>>> >>>>> First, suggest you do a clean boot of XP and see if it can search for >>>>> updates while in the clean boot state: >>>>> >>>>> How to configure Windows XP to start in a "clean boot" state >>>>> http://support.microsoft.com/kb/310353 >>>>> >>>>> If the system can search for updates, then the issue is being caused >>>>> by >>>>> 'something' that Kaspersky has done or is doing. >>>>> >>>>> If the system can not search for updates, while still in the clean >>>>> boot >>>>> state, open a Command Prompt ( Start > Run > type in cmd > click OK ) >>>>> At the prompt, type in the following commands, pressing Enter after >>>>> *each* >>>>> one >>>>> >>>>> netsh winsock reset >>>>> exit >>>>> >>>>> After the first command is entered you'll get a message stating the >>>>> system >>>>> must be restarted. Enter the second command, which will close the >>>>> Command >>>>> Prompt window, and then restart the system. >>>>> Check once more to see if it can search for updates. >>>>> >>>>> If it still can not, please run the following from Start > Run >>>>> type in sigverif.exe > click OK >>>>> Click Advanced >>>>> Click 'Notify me if any system files are not signed' >>>>> On the Logging tab, make sure the 'Save the file signature >>>>> verification results to a log file' check box is selected >>>>> Name the log SigVerif.txt and click OK >>>>> Click Start >>>>> >>>>> When the tool is done running, copy and paste it into your reply >>>>> please, >>>>> Chris. >>>>> >>>>> Also, please copy and paste the last 50 or so lines of the >>>>> WindowsUpdate.log along with the SigVerif.txt. >>>>> What we're looking for is the Version of the Windows Update Agent, >>>>> which >>>>> will look like this in the WU.log: >>>>> >>>>> 2010-01-04 07:40:50:162 980 910 Misc =========== Logging initialized >>>>> (build: 7.4.7600.226 >>>>> >>>>> How to read the Windowsupdate.log file >>>>> http://support.microsoft.com/kb/902093 >>>>> Chris Dupont wrote: >>>>>> When trying to update via the windows update site, the green bar bar >>>>>> just keeps on scrolling endlessly.... >>>>>> >>>>>> I found the following info in my windowsupdate.log (does anyone has >>>>>> any >>>>>> idea what might be the problem here?) : >>>>>> >>>>>> >>>>>> 2010-01-03 21:09:34:390 1424 808 Agent WARNING: Failed to evaluate >>>>>> Installed rule, updateId = >>>>>> {02FF0A91-FC2F-4218-AAF5-D28FDD327581}.105, >>>>>> hr >>>>>> = 80080005 >>>>>> 2010-01-03 21:09:34:390 1424 808 PT WARNING: >>>>>> CAgentUpdateManager::DetectForUpdates failed: 0x8024000b >>>>>> 2010-01-03 21:09:34:390 1424 808 PT WARNING: Sync of Updates: >>>>>> 0x8024000b >>>>>> 2010-01-03 21:09:34:390 1424 808 PT WARNING: >>>>>> SyncServerUpdatesInternal >>>>>> failed: 0x8024000b >>>>>> 2010-01-03 21:09:34:390 1424 808 Agent * WARNING: Failed to >>>>>> synchronize, error = 0x8024000B >>>>>> 2010-01-03 21:09:34:562 1424 808 Agent * WARNING: Exit code = >>>>>> 0x8024000B >>> <snip> >>>>>> 2010-01-03 21:09:34:906 1424 b30 Agent WARNING: WU client fails to >>>>>> call >>>>>> back to search call {7A29DE6E-891E-4DFA-BFC3-7E7F33900655} with error >>>>>> 0x8024000c >
From: PA Bear [MS MVP] on 5 Jan 2010 19:38 You should have thought about this before you allowed your NAV subscription to lapse, however briefly, last year. See... Help: I Got Hacked. Now What Do I Do? http://technet.microsoft.com/en-us/library/cc700813.aspx Your computer's compromised and none of your data should be considered trustworthy (includes all online usernames & passwords; e.g., online banking & credit cards). The only way to get the computer back into a trusted, secure state is via a clean install. Chris Dupont wrote: > PA bear, > > Thanks for the info, but i was looking for a solution without having to > reinstall windows. > There has to be a solution, which is not so radical. > So for now, i'm going to try what Shenan said. > If all that doesn't work, i still can do a re-install if necessary. > >>> In the past, i also had Norton Anti-Virus which i replaced with KAVs >>> since about 2 years. The subscription expired briefly a year ago >>> for about 2 days. Any way to solve this ? >> >> Sure! Back-up any personal data (none of which should be considered 100% >> trustworthy at this point) then do a format & clean install of Windows. >> Please note that a Repair Install (AKA in-place upgrade) will NOT fix >> this! >> >> HOW TO do a clean install of WinXP: See >> http://michaelstevenstech.com/cleanxpinstall.html#steps and/or Method 1 >> in >> http://support.microsoft.com/kb/978307 >> >> After the clean install, you'll have the equivalent of a "new computer" >> so >> take care of everything on the following page before otherwise connecting >> the machine to the internet or a network and before using a USB key that >> isn't brand-new or hasn't been freshly formatted: >> >> 4 steps to help protect your new computer before you go online >> http://www.microsoft.com/security/pypc.aspx >> >> Other helpful references include: >> >> HOW TO get a computer running WinXP Gold (no Service Packs) fully patched >> (after a clean install) >> http://groups.google.com/group/microsoft.public.windowsupdate/msg/3f5afa8ed33e121c >> >> HOW TO get a computer running WinXP SP1(a) or SP2 fully patched (after a >> clean install) >> http://groups.google.com/group/microsoft.public.windowsxp.general/msg/a066ae41add7dd2b >> >> Tip: After getting the computer fully-patched, download/install KB971029 >> manually: http://support.microsoft.com/kb/971029 >> >> NB: Any Norton or McAfee free-trial that came preinstalled on the >> computer >> when you bought it will be reinstalled (but invalid) when Windows is >> reinstalled. You MUST uninstall the free-trial and download/run the >> appropriate removal tool before installing any Windows Service Packs or >> IE >> upgrades and before installing your new anti-virus application (e.g., >> KAV; >> which will require WinXP SP3 to be installed). >> >> Norton Removal Tool >> >> ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe >> >> McAfee Consumer Products Removal Tool >> >> http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe >> >> Also see: >> >> Steps To Help Prevent Spyware >> http://www.microsoft.com/security/spyware/prevent.aspx >> >> Steps to Help Prevent Computer Worms >> http://www.microsoft.com/security/worms/prevent.aspx >> >> Avoid Rogue Security Software! >> http://www.microsoft.com/security/antivirus/rogue.aspx >> -- >> ~Robear Dyer (PA Bear) >> MS MVP-IE, Mail, Security, Windows Client - since 2002 >> www.banthecheck.com >> >> >> Chris Dupont wrote: >>> It is true that in the past, i ran "hijackthis" software to show >>> security >>> breaches. >>> In the past, i also had Norton Anti-Virus which i replaced with KAV >>> since about 2 years. The subscription expired briefly a year ago >>> for about 2 days. >>> Any way to solve this ? >>> >>> >>> >>> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> schreef in bericht >>> news:eW4LcfajKHA.4912(a)TK2MSFTNGP02.phx.gbl... >>>> This "smells" like the result of a hijackware infection. How long has >>>> KAV >>>> been installed? Has your subscription ever expired, however briefly? >>>> >>>> Has a Norton or McAfee application ever been installed on this machine >>>> (e.g., a free-trial version that came preinstalled when you bought it)? >>>> -- >>>> ~Robear Dyer (PA Bear) >>>> MS MVP-IE, Mail, Security, Windows Client - since 2002 >>>> >>>> >>>> Chris Dupont wrote: >>>>> I've discovered that the problem is related to the fact that the >>>>> Windows >>>>> WMI-service can't be started. >>>>> Also can't start 2 other services, cfr. Security center service and >>>>> Windows >>>>> firewall service. >>>>> When trying to start WMI-service, I allways get the following error : >>>>> "ERROR >>>>> 126 : can't find module" >>>>> So i executed the Microsoft WMIdiag.exe tool. In the log created by >>>>> this >>>>> tool, i found the following information. >>>>> Can anyone help me with this ? Because i still don't understand what >>>>> is >>>>> exactly the cause of these problems. >>>>> >>>>> Info from tha WMidiag log : >>>> <snip> >>>>> BroMow wrote: >>>>>> 0x8024000b means that the operation was cancelled. >>>>>> The green bar scrolling endlessly is occurring because of >>>>>> error 0x80080005 >>>>>> >>>>>> 2010-01-03 21:09:34:390 1424 808 Agent WARNING: Failed to evaluate >>>>>> Installed rule, updateId = >>>>>> {02FF0A91-FC2F-4218-AAF5-D28FDD327581}.105, >>>>>> hr >>>>>> = 80080005 >>>>>> >>>>>> Either there's corruption in the CatRoot2 subfolder or the winsock >>>>>> stack >>>>>> is damaged. >>>>>> >>>>>> First, suggest you do a clean boot of XP and see if it can search for >>>>>> updates while in the clean boot state: >>>>>> >>>>>> How to configure Windows XP to start in a "clean boot" state >>>>>> http://support.microsoft.com/kb/310353 >>>>>> >>>>>> If the system can search for updates, then the issue is being caused >>>>>> by >>>>>> 'something' that Kaspersky has done or is doing. >>>>>> >>>>>> If the system can not search for updates, while still in the clean >>>>>> boot >>>>>> state, open a Command Prompt ( Start > Run > type in cmd > click OK ) >>>>>> At the prompt, type in the following commands, pressing Enter after >>>>>> *each* >>>>>> one >>>>>> >>>>>> netsh winsock reset >>>>>> exit >>>>>> >>>>>> After the first command is entered you'll get a message stating the >>>>>> system >>>>>> must be restarted. Enter the second command, which will close the >>>>>> Command >>>>>> Prompt window, and then restart the system. >>>>>> Check once more to see if it can search for updates. >>>>>> >>>>>> If it still can not, please run the following from Start > Run >>>>>> type in sigverif.exe > click OK >>>>>> Click Advanced >>>>>> Click 'Notify me if any system files are not signed' >>>>>> On the Logging tab, make sure the 'Save the file signature >>>>>> verification results to a log file' check box is selected >>>>>> Name the log SigVerif.txt and click OK >>>>>> Click Start >>>>>> >>>>>> When the tool is done running, copy and paste it into your reply >>>>>> please, >>>>>> Chris. >>>>>> >>>>>> Also, please copy and paste the last 50 or so lines of the >>>>>> WindowsUpdate.log along with the SigVerif.txt. >>>>>> What we're looking for is the Version of the Windows Update Agent, >>>>>> which >>>>>> will look like this in the WU.log: >>>>>> >>>>>> 2010-01-04 07:40:50:162 980 910 Misc =========== Logging initialized >>>>>> (build: 7.4.7600.226 >>>>>> >>>>>> How to read the Windowsupdate.log file >>>>>> http://support.microsoft.com/kb/902093 >>>>>> Chris Dupont wrote: >>>>>>> When trying to update via the windows update site, the green bar bar >>>>>>> just keeps on scrolling endlessly.... >>>>>>> >>>>>>> I found the following info in my windowsupdate.log (does anyone has >>>>>>> any >>>>>>> idea what might be the problem here?) : >>>>>>> >>>>>>> >>>>>>> 2010-01-03 21:09:34:390 1424 808 Agent WARNING: Failed to evaluate >>>>>>> Installed rule, updateId = >>>>>>> {02FF0A91-FC2F-4218-AAF5-D28FDD327581}.105, >>>>>>> hr >>>>>>> = 80080005 >>>>>>> 2010-01-03 21:09:34:390 1424 808 PT WARNING: >>>>>>> CAgentUpdateManager::DetectForUpdates failed: 0x8024000b >>>>>>> 2010-01-03 21:09:34:390 1424 808 PT WARNING: Sync of Updates: >>>>>>> 0x8024000b >>>>>>> 2010-01-03 21:09:34:390 1424 808 PT WARNING: >>>>>>> SyncServerUpdatesInternal >>>>>>> failed: 0x8024000b >>>>>>> 2010-01-03 21:09:34:390 1424 808 Agent * WARNING: Failed to >>>>>>> synchronize, error = 0x8024000B >>>>>>> 2010-01-03 21:09:34:562 1424 808 Agent * WARNING: Exit code = >>>>>>> 0x8024000B >>>> <snip> >>>>>>> 2010-01-03 21:09:34:906 1424 b30 Agent WARNING: WU client fails to >>>>>>> call >>>>>>> back to search call {7A29DE6E-891E-4DFA-BFC3-7E7F33900655} with >>>>>>> error >>>>>>> 0x8024000c
From: Chris Dupont on 5 Jan 2010 20:01 It wasn't my NAV that expired, it was KAV about a year ago that expired. By the way, i never knew such bad software as Norton Antivirus, it continually let trojans and other malware go through. And this problem only started a couple of months ago. So how do you know if it's related. "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> schreef in bericht news:OQCqBkmjKHA.1824(a)TK2MSFTNGP04.phx.gbl... > You should have thought about this before you allowed your NAV > subscription to lapse, however briefly, last year. See... > > Help: I Got Hacked. Now What Do I Do? > http://technet.microsoft.com/en-us/library/cc700813.aspx > > Your computer's compromised and none of your data should be considered > trustworthy (includes all online usernames & passwords; e.g., online > banking > & credit cards). > > The only way to get the computer back into a trusted, secure state is via > a > clean install. > > Chris Dupont wrote: >> PA bear, >> >> Thanks for the info, but i was looking for a solution without having to >> reinstall windows. >> There has to be a solution, which is not so radical. >> So for now, i'm going to try what Shenan said. >> If all that doesn't work, i still can do a re-install if necessary. >> >>>> In the past, i also had Norton Anti-Virus which i replaced with KAVs >>>> since about 2 years. The subscription expired briefly a year ago >>>> for about 2 days. Any way to solve this ? >>> >>> Sure! Back-up any personal data (none of which should be considered >>> 100% >>> trustworthy at this point) then do a format & clean install of Windows. >>> Please note that a Repair Install (AKA in-place upgrade) will NOT fix >>> this! >>> >>> HOW TO do a clean install of WinXP: See >>> http://michaelstevenstech.com/cleanxpinstall.html#steps and/or Method 1 >>> in >>> http://support.microsoft.com/kb/978307 >>> >>> After the clean install, you'll have the equivalent of a "new computer" >>> so >>> take care of everything on the following page before otherwise >>> connecting >>> the machine to the internet or a network and before using a USB key that >>> isn't brand-new or hasn't been freshly formatted: >>> >>> 4 steps to help protect your new computer before you go online >>> http://www.microsoft.com/security/pypc.aspx >>> >>> Other helpful references include: >>> >>> HOW TO get a computer running WinXP Gold (no Service Packs) fully >>> patched >>> (after a clean install) >>> http://groups.google.com/group/microsoft.public.windowsupdate/msg/3f5afa8ed33e121c >>> >>> HOW TO get a computer running WinXP SP1(a) or SP2 fully patched (after a >>> clean install) >>> http://groups.google.com/group/microsoft.public.windowsxp.general/msg/a066ae41add7dd2b >>> >>> Tip: After getting the computer fully-patched, download/install KB971029 >>> manually: http://support.microsoft.com/kb/971029 >>> >>> NB: Any Norton or McAfee free-trial that came preinstalled on the >>> computer >>> when you bought it will be reinstalled (but invalid) when Windows is >>> reinstalled. You MUST uninstall the free-trial and download/run the >>> appropriate removal tool before installing any Windows Service Packs or >>> IE >>> upgrades and before installing your new anti-virus application (e.g., >>> KAV; >>> which will require WinXP SP3 to be installed). >>> >>> Norton Removal Tool >>> >>> ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe >>> >>> McAfee Consumer Products Removal Tool >>> >>> http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe >>> >>> Also see: >>> >>> Steps To Help Prevent Spyware >>> http://www.microsoft.com/security/spyware/prevent.aspx >>> >>> Steps to Help Prevent Computer Worms >>> http://www.microsoft.com/security/worms/prevent.aspx >>> >>> Avoid Rogue Security Software! >>> http://www.microsoft.com/security/antivirus/rogue.aspx >>> -- >>> ~Robear Dyer (PA Bear) >>> MS MVP-IE, Mail, Security, Windows Client - since 2002 >>> www.banthecheck.com >>> >>> >>> Chris Dupont wrote: >>>> It is true that in the past, i ran "hijackthis" software to show >>>> security >>>> breaches. >>>> In the past, i also had Norton Anti-Virus which i replaced with KAV >>>> since about 2 years. The subscription expired briefly a year ago >>>> for about 2 days. >>>> Any way to solve this ? >>>> >>>> >>>> >>>> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> schreef in bericht >>>> news:eW4LcfajKHA.4912(a)TK2MSFTNGP02.phx.gbl... >>>>> This "smells" like the result of a hijackware infection. How long has >>>>> KAV >>>>> been installed? Has your subscription ever expired, however briefly? >>>>> >>>>> Has a Norton or McAfee application ever been installed on this machine >>>>> (e.g., a free-trial version that came preinstalled when you bought >>>>> it)? >>>>> -- >>>>> ~Robear Dyer (PA Bear) >>>>> MS MVP-IE, Mail, Security, Windows Client - since 2002 >>>>> >>>>> >>>>> Chris Dupont wrote: >>>>>> I've discovered that the problem is related to the fact that the >>>>>> Windows >>>>>> WMI-service can't be started. >>>>>> Also can't start 2 other services, cfr. Security center service and >>>>>> Windows >>>>>> firewall service. >>>>>> When trying to start WMI-service, I allways get the following error : >>>>>> "ERROR >>>>>> 126 : can't find module" >>>>>> So i executed the Microsoft WMIdiag.exe tool. In the log created by >>>>>> this >>>>>> tool, i found the following information. >>>>>> Can anyone help me with this ? Because i still don't understand what >>>>>> is >>>>>> exactly the cause of these problems. >>>>>> >>>>>> Info from tha WMidiag log : >>>>> <snip> >>>>>> BroMow wrote: >>>>>>> 0x8024000b means that the operation was cancelled. >>>>>>> The green bar scrolling endlessly is occurring because of >>>>>>> error 0x80080005 >>>>>>> >>>>>>> 2010-01-03 21:09:34:390 1424 808 Agent WARNING: Failed to evaluate >>>>>>> Installed rule, updateId = >>>>>>> {02FF0A91-FC2F-4218-AAF5-D28FDD327581}.105, >>>>>>> hr >>>>>>> = 80080005 >>>>>>> >>>>>>> Either there's corruption in the CatRoot2 subfolder or the winsock >>>>>>> stack >>>>>>> is damaged. >>>>>>> >>>>>>> First, suggest you do a clean boot of XP and see if it can search >>>>>>> for >>>>>>> updates while in the clean boot state: >>>>>>> >>>>>>> How to configure Windows XP to start in a "clean boot" state >>>>>>> http://support.microsoft.com/kb/310353 >>>>>>> >>>>>>> If the system can search for updates, then the issue is being caused >>>>>>> by >>>>>>> 'something' that Kaspersky has done or is doing. >>>>>>> >>>>>>> If the system can not search for updates, while still in the clean >>>>>>> boot >>>>>>> state, open a Command Prompt ( Start > Run > type in cmd > click >>>>>>> OK ) >>>>>>> At the prompt, type in the following commands, pressing Enter after >>>>>>> *each* >>>>>>> one >>>>>>> >>>>>>> netsh winsock reset >>>>>>> exit >>>>>>> >>>>>>> After the first command is entered you'll get a message stating the >>>>>>> system >>>>>>> must be restarted. Enter the second command, which will close the >>>>>>> Command >>>>>>> Prompt window, and then restart the system. >>>>>>> Check once more to see if it can search for updates. >>>>>>> >>>>>>> If it still can not, please run the following from Start > Run >>>>>>> type in sigverif.exe > click OK >>>>>>> Click Advanced >>>>>>> Click 'Notify me if any system files are not signed' >>>>>>> On the Logging tab, make sure the 'Save the file signature >>>>>>> verification results to a log file' check box is selected >>>>>>> Name the log SigVerif.txt and click OK >>>>>>> Click Start >>>>>>> >>>>>>> When the tool is done running, copy and paste it into your reply >>>>>>> please, >>>>>>> Chris. >>>>>>> >>>>>>> Also, please copy and paste the last 50 or so lines of the >>>>>>> WindowsUpdate.log along with the SigVerif.txt. >>>>>>> What we're looking for is the Version of the Windows Update Agent, >>>>>>> which >>>>>>> will look like this in the WU.log: >>>>>>> >>>>>>> 2010-01-04 07:40:50:162 980 910 Misc =========== Logging >>>>>>> initialized >>>>>>> (build: 7.4.7600.226 >>>>>>> >>>>>>> How to read the Windowsupdate.log file >>>>>>> http://support.microsoft.com/kb/902093 >>>>>>> Chris Dupont wrote: >>>>>>>> When trying to update via the windows update site, the green bar >>>>>>>> bar >>>>>>>> just keeps on scrolling endlessly.... >>>>>>>> >>>>>>>> I found the following info in my windowsupdate.log (does anyone >>>>>>>> has >>>>>>>> any >>>>>>>> idea what might be the problem here?) : >>>>>>>> >>>>>>>> >>>>>>>> 2010-01-03 21:09:34:390 1424 808 Agent WARNING: Failed to evaluate >>>>>>>> Installed rule, updateId = >>>>>>>> {02FF0A91-FC2F-4218-AAF5-D28FDD327581}.105, >>>>>>>> hr >>>>>>>> = 80080005 >>>>>>>> 2010-01-03 21:09:34:390 1424 808 PT WARNING: >>>>>>>> CAgentUpdateManager::DetectForUpdates failed: 0x8024000b >>>>>>>> 2010-01-03 21:09:34:390 1424 808 PT WARNING: Sync of Updates: >>>>>>>> 0x8024000b >>>>>>>> 2010-01-03 21:09:34:390 1424 808 PT WARNING: >>>>>>>> SyncServerUpdatesInternal >>>>>>>> failed: 0x8024000b >>>>>>>> 2010-01-03 21:09:34:390 1424 808 Agent * WARNING: Failed to >>>>>>>> synchronize, error = 0x8024000B >>>>>>>> 2010-01-03 21:09:34:562 1424 808 Agent * WARNING: Exit code = >>>>>>>> 0x8024000B >>>>> <snip> >>>>>>>> 2010-01-03 21:09:34:906 1424 b30 Agent WARNING: WU client fails to >>>>>>>> call >>>>>>>> back to search call {7A29DE6E-891E-4DFA-BFC3-7E7F33900655} with >>>>>>>> error >>>>>>>> 0x8024000c >
From: MowGreen on 6 Jan 2010 14:42 Chris Dupont wrote: > It wasn't my NAV that expired, it was KAV about a year ago that expired. > By the way, i never knew such bad software as Norton Antivirus, > it continually let trojans and other malware go through. > And this problem only started a couple of months ago. > So how do you know if it's related. > By the Services that can not be started and the Malwarebytes anti-malware log, Chris: " I've discovered that the problem is related to the fact that the Windows WMI-service can't be started. Also can't start 2 other services, cfr. Security center service and Windows firewall service. " 3)Malwarebytes : Infected Registry Keys: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijacker) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully. I second PA Bear's thoughts on this, Chris. It's time to format and reinstall. MowGreen =============== *-343-* FDNY Never Forgotten =============== banthecheck.com "Security updates should *never* have *non-security content* prechecked" > "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> schreef in bericht > news:OQCqBkmjKHA.1824(a)TK2MSFTNGP04.phx.gbl... > >>You should have thought about this before you allowed your NAV >>subscription to lapse, however briefly, last year. See... >> >> Help: I Got Hacked. Now What Do I Do? >> http://technet.microsoft.com/en-us/library/cc700813.aspx >> >>Your computer's compromised and none of your data should be considered >>trustworthy (includes all online usernames & passwords; e.g., online >>banking >>& credit cards). >> >>The only way to get the computer back into a trusted, secure state is via >>a >>clean install. >> >>Chris Dupont wrote: >> >>>PA bear, >>> >>>Thanks for the info, but i was looking for a solution without having to >>>reinstall windows. >>>There has to be a solution, which is not so radical. >>>So for now, i'm going to try what Shenan said. >>>If all that doesn't work, i still can do a re-install if necessary. >>> >>> >>>>>In the past, i also had Norton Anti-Virus which i replaced with KAVs >>>>>since about 2 years. The subscription expired briefly a year ago >>>>>for about 2 days. Any way to solve this ? >>>> >>>>Sure! Back-up any personal data (none of which should be considered >>>>100% >>>>trustworthy at this point) then do a format & clean install of Windows. >>>>Please note that a Repair Install (AKA in-place upgrade) will NOT fix >>>>this! >>>> >>>>HOW TO do a clean install of WinXP: See >>>>http://michaelstevenstech.com/cleanxpinstall.html#steps and/or Method 1 >>>>in >>>>http://support.microsoft.com/kb/978307 >>>> >>>>After the clean install, you'll have the equivalent of a "new computer" >>>>so >>>>take care of everything on the following page before otherwise >>>>connecting >>>>the machine to the internet or a network and before using a USB key that >>>>isn't brand-new or hasn't been freshly formatted: >>>> >>>> 4 steps to help protect your new computer before you go online >>>> http://www.microsoft.com/security/pypc.aspx >>>> >>>>Other helpful references include: >>>> >>>>HOW TO get a computer running WinXP Gold (no Service Packs) fully >>>>patched >>>>(after a clean install) >>>>http://groups.google.com/group/microsoft.public.windowsupdate/msg/3f5afa8ed33e121c >>>> >>>>HOW TO get a computer running WinXP SP1(a) or SP2 fully patched (after a >>>>clean install) >>>>http://groups.google.com/group/microsoft.public.windowsxp.general/msg/a066ae41add7dd2b >>>> >>>>Tip: After getting the computer fully-patched, download/install KB971029 >>>>manually: http://support.microsoft.com/kb/971029 >>>> >>>>NB: Any Norton or McAfee free-trial that came preinstalled on the >>>>computer >>>>when you bought it will be reinstalled (but invalid) when Windows is >>>>reinstalled. You MUST uninstall the free-trial and download/run the >>>>appropriate removal tool before installing any Windows Service Packs or >>>>IE >>>>upgrades and before installing your new anti-virus application (e.g., >>>>KAV; >>>>which will require WinXP SP3 to be installed). >>>> >>>> Norton Removal Tool >>>> >>>>ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe >>>> >>>> McAfee Consumer Products Removal Tool >>>> >>>>http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe >>>> >>>>Also see: >>>> >>>>Steps To Help Prevent Spyware >>>>http://www.microsoft.com/security/spyware/prevent.aspx >>>> >>>>Steps to Help Prevent Computer Worms >>>>http://www.microsoft.com/security/worms/prevent.aspx >>>> >>>>Avoid Rogue Security Software! >>>>http://www.microsoft.com/security/antivirus/rogue.aspx >>>>-- >>>>~Robear Dyer (PA Bear) >>>>MS MVP-IE, Mail, Security, Windows Client - since 2002 >>>>www.banthecheck.com >>>> >>>> >>>>Chris Dupont wrote: >>>> >>>>>It is true that in the past, i ran "hijackthis" software to show >>>>>security >>>>>breaches. >>>>>In the past, i also had Norton Anti-Virus which i replaced with KAV >>>>>since about 2 years. The subscription expired briefly a year ago >>>>>for about 2 days. >>>>>Any way to solve this ? >>>>> >>>>> >>>>> >>>>>"PA Bear [MS MVP]" <PABearMVP(a)gmail.com> schreef in bericht >>>>>news:eW4LcfajKHA.4912(a)TK2MSFTNGP02.phx.gbl... >>>>> >>>>>>This "smells" like the result of a hijackware infection. How long has >>>>>>KAV >>>>>>been installed? Has your subscription ever expired, however briefly? >>>>>> >>>>>>Has a Norton or McAfee application ever been installed on this machine >>>>>>(e.g., a free-trial version that came preinstalled when you bought >>>>>>it)? >>>>>>-- >>>>>>~Robear Dyer (PA Bear) >>>>>>MS MVP-IE, Mail, Security, Windows Client - since 2002 >>>>>> >>>>>> >>>>>>Chris Dupont wrote: >>>>>> >>>>>>>I've discovered that the problem is related to the fact that the >>>>>>>Windows >>>>>>>WMI-service can't be started. >>>>>>>Also can't start 2 other services, cfr. Security center service and >>>>>>>Windows >>>>>>>firewall service. >>>>>>>When trying to start WMI-service, I allways get the following error : >>>>>>>"ERROR >>>>>>>126 : can't find module" >>>>>>>So i executed the Microsoft WMIdiag.exe tool. In the log created by >>>>>>>this >>>>>>>tool, i found the following information. >>>>>>>Can anyone help me with this ? Because i still don't understand what >>>>>>>is >>>>>>>exactly the cause of these problems. >>>>>>> >>>>>>>Info from tha WMidiag log : >>>>>> >>>>>><snip> >>>>>> >>>>>>>BroMow wrote: >>>>>>> >>>>>>>>0x8024000b means that the operation was cancelled. >>>>>>>>The green bar scrolling endlessly is occurring because of >>>>>>>>error 0x80080005 >>>>>>>> >>>>>>>>2010-01-03 21:09:34:390 1424 808 Agent WARNING: Failed to evaluate >>>>>>>>Installed rule, updateId = >>>>>>>>{02FF0A91-FC2F-4218-AAF5-D28FDD327581}.105, >>>>>>>>hr >>>>>>>>= 80080005 >>>>>>>> >>>>>>>>Either there's corruption in the CatRoot2 subfolder or the winsock >>>>>>>>stack >>>>>>>>is damaged. >>>>>>>> >>>>>>>>First, suggest you do a clean boot of XP and see if it can search >>>>>>>>for >>>>>>>>updates while in the clean boot state: >>>>>>>> >>>>>>>>How to configure Windows XP to start in a "clean boot" state >>>>>>>>http://support.microsoft.com/kb/310353 >>>>>>>> >>>>>>>>If the system can search for updates, then the issue is being caused >>>>>>>>by >>>>>>>>'something' that Kaspersky has done or is doing. >>>>>>>> >>>>>>>>If the system can not search for updates, while still in the clean >>>>>>>>boot >>>>>>>>state, open a Command Prompt ( Start > Run > type in cmd > click >>>>>>>>OK ) >>>>>>>>At the prompt, type in the following commands, pressing Enter after >>>>>>>>*each* >>>>>>>>one >>>>>>>> >>>>>>>>netsh winsock reset >>>>>>>>exit >>>>>>>> >>>>>>>>After the first command is entered you'll get a message stating the >>>>>>>>system >>>>>>>>must be restarted. Enter the second command, which will close the >>>>>>>>Command >>>>>>>>Prompt window, and then restart the system. >>>>>>>>Check once more to see if it can search for updates. >>>>>>>> >>>>>>>>If it still can not, please run the following from Start > Run >>>>>>>>type in sigverif.exe > click OK >>>>>>>>Click Advanced >>>>>>>> Click 'Notify me if any system files are not signed' >>>>>>>>On the Logging tab, make sure the 'Save the file signature >>>>>>>>verification results to a log file' check box is selected >>>>>>>>Name the log SigVerif.txt and click OK >>>>>>>>Click Start >>>>>>>> >>>>>>>>When the tool is done running, copy and paste it into your reply >>>>>>>>please, >>>>>>>>Chris. >>>>>>>> >>>>>>>>Also, please copy and paste the last 50 or so lines of the >>>>>>>>WindowsUpdate.log along with the SigVerif.txt. >>>>>>>>What we're looking for is the Version of the Windows Update Agent, >>>>>>>>which >>>>>>>>will look like this in the WU.log: >>>>>>>> >>>>>>>>2010-01-04 07:40:50:162 980 910 Misc =========== Logging >>>>>>>>initialized >>>>>>>>(build: 7.4.7600.226 >>>>>>>> >>>>>>>>How to read the Windowsupdate.log file >>>>>>>>http://support.microsoft.com/kb/902093 >>>>>>>> Chris Dupont wrote: >>>>>>>> >>>>>>>>>When trying to update via the windows update site, the green bar >>>>>>>>>bar >>>>>>>>>just keeps on scrolling endlessly.... >>>>>>>>> >>>>>>>>>I found the following info in my windowsupdate.log (does anyone >>>>>>>>>has >>>>>>>>>any >>>>>>>>>idea what might be the problem here?) : >>>>>>>>> >>>>>>>>> >>>>>>>>>2010-01-03 21:09:34:390 1424 808 Agent WARNING: Failed to evaluate >>>>>>>>>Installed rule, updateId = >>>>>>>>>{02FF0A91-FC2F-4218-AAF5-D28FDD327581}.105, >>>>>>>>>hr >>>>>>>>>= 80080005 >>>>>>>>>2010-01-03 21:09:34:390 1424 808 PT WARNING: >>>>>>>>>CAgentUpdateManager::DetectForUpdates failed: 0x8024000b >>>>>>>>>2010-01-03 21:09:34:390 1424 808 PT WARNING: Sync of Updates: >>>>>>>>>0x8024000b >>>>>>>>>2010-01-03 21:09:34:390 1424 808 PT WARNING: >>>>>>>>>SyncServerUpdatesInternal >>>>>>>>>failed: 0x8024000b >>>>>>>>>2010-01-03 21:09:34:390 1424 808 Agent * WARNING: Failed to >>>>>>>>>synchronize, error = 0x8024000B >>>>>>>>>2010-01-03 21:09:34:562 1424 808 Agent * WARNING: Exit code = >>>>>>>>>0x8024000B >>>>>> >>>>>><snip> >>>>>> >>>>>>>>>2010-01-03 21:09:34:906 1424 b30 Agent WARNING: WU client fails to >>>>>>>>>call >>>>>>>>>back to search call {7A29DE6E-891E-4DFA-BFC3-7E7F33900655} with >>>>>>>>>error >>>>>>>>>0x8024000c >> > >
First
|
Prev
|
Pages: 1 2 3 4 Prev: Security Update error: Windows XP (KB973768) Next: Failed Windows Update - Win 2K3 WE - Error code 0x80070005 |