Windows can't update

Hi there castingman

Before we continue I would like for you to use MSConfig to put this machine back into normal start up mode.

ErrorEND <<< Uninstall this please.


Re run HitmanPro and have it remove these:

Delete this:
C:\Program Files (x86)\sweetpacks bundle uninstaller


Please download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
• Vista/Windows 7/8 users right-click and select Run As Administrator
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
• Attach the logfile to your next next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Re run RogueKiller now, just a scan, and attach log.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista, Windows7 or Win8) Then attach the new C:\MGlogs.zip file that will be created by running this.

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!

 

Well, now that you are actually in normal start up I can see some things that were hiding from us before. So let's do this:


Fix items using RogueKiller.

Double-click RogueKiller.exe to run. (Vista/7/8 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the Registry tab and locate these 3 detections:

• [RUN][SUSP PATH] HKCU\[...]\RunOnce : Del2108790 (cmd.exe /Q /D /c del "C:\Users\User\AppData\Local\Temp\0.del" [x]) -> FOUND
• [RUN][SUSP PATH] HKCU\[...]\RunOnce : Del2133204 (cmd.exe /Q /D /c del "C:\Users\User\AppData\Local\Temp\0.del" [x]) -> FOUND
• [RUN][SUSP PATH] HKUS\S-1-5-21-464283873-704157363-334102629-1000\[...]\RunOnce : Del2108790 (cmd.exe /Q /D /c del "C:\Users\User\AppData\Local\Temp\0.del" [x]) -> FOUND
• [RUN][SUSP PATH] HKUS\S-1-5-21-464283873-704157363-334102629-1000\[...]\RunOnce : Del2133204 (cmd.exe /Q /D /c del "C:\Users\User\AppData\Local\Temp\0.del" [x]) -> FOUND
• [RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\RunOnce : Del2108805 (cmd.exe /Q /D /c del "C:\Users\User\AppData\Local\Temp\0.del" [x]) -> FOUND
• [RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\RunOnce : Del2133204 (cmd.exe /Q /D /c del "C:\Users\User\AppData\Local\Temp\0.del" [x]) -> FOUND
• [V1][SUSP PATH] Digital Sites.job : C:\Users\User\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND
• [V2][SUSP PATH] Digital Sites : C:\Users\User\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND

Place a checkmark next to each of these items, leave the others unchecked.
Now press the Delete button.
When it is finished, there will be a log on your desktop called: RKreport[2].txt
Attach RKreport[2].txt to your next message. (How to attach)
Reboot the machine.



Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.

• Now run Repair_Windows.exe by double clicking on it ( if you are running Vista or Win 7, use right click and select Run As Administrator)
• Now select the Start Repairs tab.
• The click the Start button.
• Create a System Restore point if prompted.
• On the next screen, click the Unselect All button to first deselect all repairs.
• Now select the following repair options:
  • Reset Registry Permissions
  • Reset File Permissions
  • Register System Files
  • Repair WMI
  • Repair Windows Firewall
  • Remove Policies Set By Infections
  • Repair Winsock & DNS Cache
  • Repair Proxy Settings
  • Repair Windows Updates
  • Set Windows Services To Default Startup
• Now on the lower right side check the box to Restart/Shutdown System When Finished
• Then make sure the Restart System radio button is enabled.
• Shutdown any other programs that you are running now before continuing.
• Now click the Start button.
• Be patient while the tool repairs the selected items.
• It should reboot automatically when finished.

After reboot, check to see if updates are working.



Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista, Windows7 or Win8) Then attach the new C:\MGlogs.zip file that will be created by running this.


Note: After removing all malware, if you still have the error with Windows Updates, then I may have to refer you to the software forum.

 

That's my standard template, I forgot to adjust it. My apologies, but at least you could see what I wanted gone.

Can you re run it please and attach the log in the correct format this time. Thanks.

Yes, you may have to be referred onto the software forum then.

 

Yes you can have it remove those. Let me know how you get on. Rescan with it afterwards and see if it picks anything else up.

 

Then you will have to post about this in the software forum.



If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
2. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
4. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
   
6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
   
   
7. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!