Windows non-update

Arie · 2008/09/26

"beejay said: ↑

Cannot find the file ' "C:\Documents and Settings ...... \WindowsUpdateAgent30-x86.exe "\wuforce' (or one of its components). Make sure the path and filename are correct and that all required linbraries are available.

Any further ideas?
Click to expand...

Wrong syntax: as I said, you have to add /wuforce. Also make sure there's a space between the closing " and the /wuforce command.

beejay · 2008/09/26

Thanks Mike & Arie.

Apologies for wrong syntax in posting - the syntax was actually correct in the commands used during Run.

ATF cleaner and ccleaner were then both installed and run as instructed.

X-cleaner micro-edition has now been run and it removed Alexa toolbar.

Malwarebyte's Anti-malware found 1 infection - Trojan Agent - and removed it.

Log follows :

Malwarebytes' Anti-Malware 1.28
Database version: 1210
Windows 5.0.2195 Service Pack 4

26/09/2008 20:23:32
mbam-log-2008-09-26 (20-23-32).txt

Scan type: Full Scan (E:\|)
Objects scanned: 91481
Time elapsed: 22 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
E:\msconfig.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Now about to download and run RSIT.exe

beejay · 2008/09/26

Here is the log from RSIT.exe :

Logfile of random's system information tool 1.02 (written by random/random)
Run at 2008-09-26 20:33:56
Microsoft Windows 2000 Professional Service Pack 4
System drive E: has 63 GB (80%) free of 78 GB
Total RAM: 511 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:34:11, on 26/09/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)
Boot mode: Normal

Running processes:
E:\WINNT\System32\smss.exe
E:\WINNT\system32\winlogon.exe
E:\WINNT\system32\services.exe
E:\WINNT\system32\lsass.exe
E:\WINNT\system32\svchost.exe
E:\WINNT\system32\spoolsv.exe
E:\program files\a-squared free\a2service.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\Comodo\Firewall\cmdagent.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\WINNT\System32\svchost.exe
E:\WINNT\system32\hidserv.exe
E:\Program Files\Ahead\InCD\InCDsrv.exe
E:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe
E:\WINNT\Explorer.EXE
E:\WINNT\system32\MSTask.exe
E:\WINNT\System32\WBEM\WinMgmt.exe
E:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe
E:\WINNT\system32\starter.exe
E:\WINNT\system32\svchost.exe
E:\Program Files\Comodo\Firewall\CPF.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
E:\Program Files\Registry Mechanic\RegMech.exe
E:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe
E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
E:\Documents and Settings\beejay\Desktop\RSIT.exe
E:\Program Files\Trend Micro\HijackThis\beejay.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=E:\WINNT\system32\Userinit.exe
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" E:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SBAMTray] E:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [RegistryMechanic] E:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] E:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = E:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.pestpatrol.com/pestscan/pestscan.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1221999443781
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121688809000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1182504983078
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {84818113-96C5-11D2-BE39-006008BF4DD5} (ViewDirector Object) - http://subscribers.scotlandspeople.gov.uk/php/globals/tif_viewer/activex/viewdw32.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O20 - Winlogon Notify: !SASWinLogon - E:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\program files\a-squared free\a2service.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - E:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - E:\WINNT\System32\dmadmin.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - E:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - E:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINNT\System32\nvsvc32.exe
O23 - Service: Sunbelt VIPRE Antivirus Service (SBAMSvc) - Sunbelt Software - E:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe

--
End of file - 6767 bytes

======Scheduled tasks folder======

E:\WINNT\tasks\1-Click Maintenance.job
E:\WINNT\tasks\XoftSpy.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - E:\WINNT\system32\msdxm.ocx [2005-03-31 844560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon "=E:\WINNT\system32\NvCpl.dll [2004-07-15 4112384]
"EnsoniqMixer "=E:\WINNT\system32\starter.exe [2000-08-10 32768]
"COMODO Firewall Pro "=E:\Program Files\Comodo\Firewall\CPF.exe [2007-12-13 1115728]
"egui "=E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-06-10 1447168]
"TkBellExe "=E:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-09-04 185896]
"SBAMTray "=E:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe [2008-08-26 677160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware "=E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-05 1576176]
"RegistryMechanic "=E:\Program Files\Registry Mechanic\RegMech.exe [2008-07-08 2828184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CaAvTray]
E:\WINNT\system32\

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CaISSDT]
E:\WINNT\system32\

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAVRID]
E:\WINNT\system32\

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus D68 Series]
E:\WINNT\system32\

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
E:\Program Files\Ahead\InCD\InCD.exe [2005-07-25 1397760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
E:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 458752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
E:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
E:\WINNT\system32\LVCOMSX.EXE [2004-10-08 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
E:\WINNT\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
E:\WINNT\system32\NvCpl.dll [2004-07-15 4112384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Opware15]
E:\WINNT\system32\

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Outpost Firewall]
E:\WINNT\system32\

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
E:\WINNT\system32\

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
E:\Program Files\Java\jre1.5.0_02\bin\jusched.exe [2005-03-04 36975]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
E:\WINNT\system32\

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk.disabled]
E:\WINNT\system32\

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk.disabled]
E:\WINNT\system32\

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk.disabled]
E:\WINNT\system32\

E:\Documents and Settings\All Users\Start Menu\Programs\Startup
Belkin 802.11g Wireless PCI Card Configuration Utility.lnk - E:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
E:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2008-08-26 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8} "=E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2006-09-28 73728]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=E:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-21 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages "=
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=149

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2008-09-26 20:33:56 ----D---- E:\rsit
2008-09-26 19:44:13 ----D---- E:\Documents and Settings\beejay\Application Data\Malwarebytes
2008-09-26 19:44:08 ----D---- E:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-26 19:44:07 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2008-09-26 19:22:00 ----D---- E:\WINNT\SoftwareDistribution
2008-09-26 17:01:44 ----A---- E:\WINNT\system32\STKIT432.DLL
2008-09-26 17:01:26 ----D---- E:\Program Files\Registry Mechanic
2008-09-23 10:36:21 ----N---- E:\WINNT\SchedLgU.Txt
2008-09-23 10:07:39 ----AD---- E:\WINNT\temp
2008-09-23 09:54:07 ----D---- E:\Program Files\CCleaner
2008-09-18 16:30:42 ----D---- E:\Program Files\MSECache
2008-09-18 11:02:16 ----AHDC---- E:\WINNT\$NtUninstallKB938464-IE6SP1-20080429.120000$
2008-09-08 16:54:53 ----D---- E:\Documents and Settings\beejay\Application Data\Sunbelt
2008-09-08 16:54:24 ----D---- E:\Documents and Settings\All Users\Application Data\Sunbelt
2008-09-04 15:33:04 ----D---- E:\Program Files\Common Files\xing shared
2008-09-04 15:33:01 ----A---- E:\WINNT\system32\rmoc3260.dll
2008-09-04 15:32:56 ----A---- E:\WINNT\system32\pndx5032.dll
2008-09-04 15:32:56 ----A---- E:\WINNT\system32\pndx5016.dll
2008-09-04 15:02:15 ----A---- E:\WINNT\system32\pncrt.dll

======List of files/folders modified in the last 1 months======

2008-09-26 20:33:58 ----AD---- E:\WINNT\system32
2008-09-26 20:24:10 ----D---- E:\Program Files\Mozilla Firefox
2008-09-26 19:44:12 ----AD---- E:\WINNT\system32\drivers
2008-09-26 19:44:07 ----RAD---- E:\Program Files
2008-09-26 19:31:52 ----D---- E:\WINNT\Minidump
2008-09-26 19:31:52 ----D---- E:\WINNT
2008-09-26 19:31:52 ----AD---- E:\WINNT\Debug
2008-09-26 19:24:29 ----AD---- E:\Documents and Settings\All Users\Application Data\TEMP
2008-09-26 19:19:42 ----AD---- E:\WINNT\system32\config
2008-09-26 12:14:49 ----AD---- E:\WINNT\security
2008-09-23 10:08:32 ----H---- E:\WINNT\system32\desktop.ini
2008-09-23 10:08:32 ----H---- E:\WINNT\desktop.ini
2008-09-23 10:08:32 ----H---- E:\Program Files\desktop.ini
2008-09-23 10:08:30 ----ASHD---- E:\WINNT\Installer
2008-09-23 10:08:30 ----AHD---- E:\Config.Msi
2008-09-23 09:54:45 ----AD---- E:\Program Files\ewido anti-malware
2008-09-23 07:31:16 ----D---- E:\WINNT\system32\NtmsData
2008-09-21 13:17:33 ----SD---- E:\WINNT\Downloaded Program Files
2008-09-21 11:00:26 ----D---- E:\WINNT\winsxs
2008-09-18 16:31:00 ----RSD---- E:\WINNT\Fonts
2008-09-18 16:30:50 ----AD---- E:\Program Files\Microsoft Office
2008-09-18 16:30:48 ----AD---- E:\Program Files\Common Files\Microsoft Shared
2008-09-18 11:16:04 ----D---- E:\Program Files\SpywareBlaster
2008-09-18 11:02:24 ----HD---- E:\WINNT\inf
2008-09-18 11:02:19 ----RASHDC---- E:\WINNT\system32\dllcache
2008-09-05 12:02:00 ----D---- E:\Program Files\SUPERAntiSpyware
2008-09-04 15:33:46 ----D---- E:\Documents and Settings\beejay\Application Data\Real
2008-09-04 15:33:04 ----AD---- E:\Program Files\Common Files
2008-09-04 15:33:03 ----D---- E:\Program Files\Common Files\Real
2008-09-04 10:56:48 ----A---- E:\WINNT\NeroDigital.ini
2008-09-03 16:22:19 ----AHD---- E:\Program Files\WindowsUpdate
2008-09-03 16:22:05 ----AD---- E:\WINNT\Help
2008-08-31 09:19:53 ----A---- E:\WINNT\ModemLog_Generic SoftK56 Data,Fax,Voice,Speakerphone,Handset.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; E:\WINNT\System32\DRIVERS\AvgAsCln.sys [2006-09-05 3968]
R1 Cdr4_2K;Cdr4_2K; E:\WINNT\system32\drivers\Cdr4_2K.sys [2006-10-10 44288]
R1 Cdralw2k;Cdralw2k; E:\WINNT\system32\drivers\Cdralw2k.sys [2004-11-02 23420]
R1 CmdMon;Comodo Application Engine; E:\WINNT\System32\DRIVERS\cmdmon.sys [2007-12-13 76800]
R1 easdrv;easdrv; E:\WINNT\system32\DRIVERS\easdrv.sys [2008-06-10 53256]
R1 epfwtdir;epfwtdir; E:\WINNT\system32\DRIVERS\epfwtdir.sys [2008-06-10 34312]
R1 InCDPass;InCDPass; E:\WINNT\System32\DRIVERS\InCDPass.sys [2005-07-25 29696]
R1 incdrm;InCD Reader; E:\WINNT\system32\drivers\incdrm.sys [2005-07-25 28672]
R1 SASDIFSV;SASDIFSV; \??\E:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\E:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 AmosNT;AmosNT; E:\WINNT\system32\DRIVERS\amosnt.sys [2000-12-18 245052]
R2 basic2;basic2; E:\WINNT\system32\DRIVERS\basic2.sys [2000-12-18 114864]
R2 eamon;EAMON; E:\WINNT\system32\DRIVERS\eamon.sys [2008-06-10 39944]
R2 Fallback;Fallback; E:\WINNT\system32\DRIVERS\fallback.sys [2000-07-06 443940]
R2 Fsks;Fsks; E:\WINNT\system32\DRIVERS\fsksnt.sys [2000-07-06 166948]
R2 K56;K56; E:\WINNT\system32\DRIVERS\k56nt.sys [2000-07-06 656460]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; E:\WINNT\system32\DRIVERS\mdc8021x.sys [2006-10-22 15781]
R2 Rksample;Rksample; E:\WINNT\system32\DRIVERS\rksample.sys [2000-12-18 111572]
R2 SoftFax;SoftFax; E:\WINNT\system32\DRIVERS\faxnt.sys [2000-07-06 323856]
R2 SpeakerPhone;SpeakerPhone; E:\WINNT\system32\DRIVERS\spkpnt.sys [2000-07-06 124488]
R2 Tones;Tones; E:\WINNT\system32\DRIVERS\tonesnt.sys [2000-07-06 88628]
R2 V124;V124; E:\WINNT\system32\DRIVERS\v124nt.sys [2000-12-18 785324]
R3 atirage3;atirage3; E:\WINNT\System32\DRIVERS\atimpab.sys [1999-11-10 71632]
R3 Bonifay;Bonifay; E:\WINNT\System32\DRIVERS\Bonifay.sys [2005-11-28 12160]
R3 cmpci;C-Media PCI Audio Driver (WDM); E:\WINNT\system32\drivers\cmpci.sys [2000-01-12 27332]
R3 DNINDIS5;DNINDIS5 NDIS Protocol Driver; \??\E:\PROGRA~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS []
R3 LVUSBSta;Logitech USB Monitor Filter; E:\WINNT\system32\drivers\lvusbsta.sys [2005-01-31 22016]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\E:\WINNT\system32\drivers\mbamswissarmy.sys []
R3 MODEMCSA;Unimodem Streaming Filter Device; E:\WINNT\system32\drivers\MODEMCSA.sys [1999-09-25 16144]
R3 pfc;Padus ASPI Shell; E:\WINNT\system32\drivers\pfc.sys [2002-10-01 9856]
R3 RT2500;Belkin RT2500 Wireless Driver; E:\WINNT\system32\DRIVERS\RT2500.sys [2004-07-29 211072]
R3 SASENUM;SASENUM; \??\E:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 sbpci;Sound Blaster PCI128 Driver (WDM); E:\WINNT\system32\drivers\sbpci.sys [2001-04-10 417305]
R3 uhcd;Microsoft USB Universal Host Controller Driver; E:\WINNT\System32\DRIVERS\uhcd.sys [2003-06-19 32848]
R3 usbhub;Microsoft USB Standard Hub Driver; E:\WINNT\System32\DRIVERS\usbhub.sys [2003-06-19 40176]
R3 winachsf;winachsf; E:\WINNT\system32\DRIVERS\winachsf.sys [2000-12-18 617692]
R4 InCDfs;InCD File System; E:\WINNT\system32\drivers\InCDfs.sys [2005-07-25 101504]
S1 kbdhid;Keyboard HID Driver; E:\WINNT\System32\DRIVERS\kbdhid.sys [1999-12-07 13744]
S2 HidUsb;Microsoft HID Class Driver; E:\WINNT\System32\DRIVERS\hidusb.sys [1999-12-07 13904]
S3 BOCDRIVE;BOClean Kernel Monitor.; E:\WINNT\system32\drivers\BOCDRIVE.sys []
S3 CCDECODE;Closed Caption Decoder; E:\WINNT\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DLKRTS;D-Link DFE-538TX 10/100 Adapter; E:\WINNT\system32\DRIVERS\DLKRTS.SYS [2001-10-17 25434]
S3 Gonzales;Gonzales; E:\WINNT\System32\DRIVERS\Gonzales.sys [2005-12-13 7040]
S3 InCDFat;Ahead InCDFat File System Driver; \??\E:\WINNT\system32\Drivers\InCDFat.sys []
S3 k750bus;Sony Ericsson 750 driver (WDM); E:\WINNT\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; E:\WINNT\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; E:\WINNT\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; E:\WINNT\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; E:\WINNT\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 mouhid;Mouse HID Driver; E:\WINNT\System32\DRIVERS\mouhid.sys [2003-06-19 11632]
S3 MPE;BDA MPE Filter; E:\WINNT\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINNT\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINNT\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINNT\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nv;nv; E:\WINNT\System32\DRIVERS\nv4_mini.sys [2004-07-15 2459712]
S3 pepifilter;Volume Adapter; E:\WINNT\system32\DRIVERS\lv302af.sys [2005-01-31 7104]
S3 PID_08A0;QuickCam IM(PID_08A0); E:\WINNT\system32\DRIVERS\LV302AV.SYS [2005-01-31 912768]
S3 rtl8139;Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver; E:\WINNT\System32\DRIVERS\RTL8139.SYS []
S3 SBRE;SBRE; \??\E:\WINNT\system32\drivers\SBREdrv.sys []
S3 SLIP;BDA Slip De-Framer; E:\WINNT\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; E:\WINNT\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbaudio;USB Audio Driver (WDM); E:\WINNT\system32\drivers\usbaudio.sys [1999-10-12 68912]
S3 usbprint;Microsoft USB PRINTER Class; E:\WINNT\System32\DRIVERS\usbprint.sys [2003-06-19 21872]
S3 usbscan;USB Scanner Driver; E:\WINNT\System32\DRIVERS\usbscan.sys [2003-06-19 12592]
S3 USBSTOR;USB Mass Storage Driver; E:\WINNT\System32\DRIVERS\USBSTOR.SYS [2003-06-19 21552]
S3 Winacpci;Winacpci; E:\WINNT\System32\DRIVERS\winacpci.sys [1999-09-25 602128]
S3 WSTCODEC;World Standard Teletext Codec; E:\WINNT\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; E:\WINNT\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; E:\program files\a-squared free\a2service.exe [2008-08-10 380536]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2006-09-28 204800]
R2 CmdAgent;Comodo Application Agent; E:\Program Files\Comodo\Firewall\cmdagent.exe [2007-12-13 361040]
R2 ekrn;Eset Service; E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-06-10 468224]
R2 HidServ;HID Input Service; E:\WINNT\system32\hidserv.exe [2003-06-19 19728]
R2 InCDsrv;InCD Helper; E:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-25 876032]
R2 SBAMSvc;Sunbelt VIPRE Antivirus Service; E:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe [2008-08-26 869672]
S1 InCDFatRec;Ahead InCDFat FSD Recognizer; \??\E:\WINNT\system32\Drivers\InCDFatRec.sys []
S2 InCDsrvR;InCD Helper (read only); E:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-25 876032]
S2 NVSvc;NVIDIA Display Driver Service; E:\WINNT\System32\nvsvc32.exe [2004-07-15 114755]
S3 EhttpSrv;Eset HTTP Server; E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-06-10 19200]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 StiSvc;Still Image Service; E:\WINNT\system32\stisvc.exe [2003-06-19 61712]
S3 WmdmPmSN;Portable Media Serial Number Service; E:\WINNT\System32\svchost.exe [1999-12-07 7952]

-----------------EOF-----------------

mflynn · 2008/09/26

LOL!

You are surely fanatical about Malware thats good to a point.

Do this:

Reboot to Safe Mode With networking!

If it lets you get on the site then it will be your combination of Malware/Firewall/Virus cleaners that are preventing access.

In Safe Mode you may be able to download but not install, as the Windows installer does not run in Safe Mode and is required.

So if you can get to the Site in Safe Mode do the following.

Reboot to Normal Mode.

1. Turn off Comodo Firewall (very good Firewall)
2. Turn off all Virus Scanners
3. Turn off all other Malware protections
4. Run Taskmgr and kill all other Malware programs long enough to do Updates

Or download http://www.mlin.net/StartupCPL.shtml

Use it uncheck all of the above and reboot. May still need to Taskmgr kill in combo with Startupctl

When finished recheck them.

Mike

beejay · 2008/10/01

Am back on the case after a few days away ..............

I have realised I should have been slightly more precise about this issue from the start - the problem is not that my PC can't connect to the Windows Update site at all initially; after connecting to the Windows Update site I am presented with the choice of Express or Custom buttons to select, to check for updates. It is at that stage that the connection is lost, after I select the Express button (recommended).

Also, at no time can I connect to the page which lists previously installed updates.

Not sure if that changes any of the advice you have all given me. Sorry if I have not been clear enough.

I have now done a reboot into safe mode with networking and got to the same stage - choose Express or Custom buttons for updates. I chose Express (recommended).

I was then told that "The files required to use Windows Updates are no longer registered or installed on your computer." (!)

I therefore clicked on the button "Register" (recommended) but after a few minutes I was taken back to the old familiar page in one of my earliest posts saying that there is a problem and I am given 3 suggestions for troubleshooting.

So, if I do not have some files required to use Windows Updater how do I get them?

Log in or Sign up

Windows non-update

Arie Administrator Administrator Staff

beejay Inactive Thread Starter

beejay Inactive Thread Starter

mflynn Inactive

beejay Inactive Thread Starter

Share This Page

Log in or Sign up

Windows non-update

Arie Administrator Administrator Staff

beejay Inactive Thread Starter

beejay Inactive Thread Starter

mflynn Inactive

beejay Inactive Thread Starter

Share This Page

Useful Searches