Windows Update Service Missing

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by JuVuDu, Aug 5, 2012.

  1. JuVuDu

    JuVuDu Private E-2

    I am working on a Windows 7 Toshiba Satellite L775d laptop (64-bit Home Premium Service Pack 1)


    The Windows Update Service is missing from the services list, on running command services.msc

    Also, System Restore will not successfully restore to any previous point.

    Norton Security claims that a Trojan.Patchep!sys was found, but wanted payment to fix it. Since this is a customer's machine, I could not allow Norton to fix.

    I then Uninstalled Norton Security Center.

    Prior to finding your Forum, I had scanned the system with Spybot S&D, MalwareBytes, Eset online and Avast.

    Their respective scans found and dealt with various threats, however they had no effect on the missing Windows Update service or System Restore problems.


    I have now followed the Win 7 Malware Removal/Cleaning Procedure, but I am still having the same problems, so I have attached the Roguekiller, Hitman, MBAM and MGTools scan logs.

    I am looking forward to your reply!

    Thank you!

    Jeff
     

    Attached Files:

  2. thisisu

    thisisu Malware Consultant

    Welcome to MajorGeeks, Jeff :)

    [​IMG] Please download Farbar Service Scanner and run it on the computer with the issue.
    • Make sure all the options are checked
    • Press Scan.
    • It will create a log (FSS.txt) in the same directory the tool was run.
    • Please attach FSS.txt to your next message. (How to attach)
     
  3. JuVuDu

    JuVuDu Private E-2

    Thank you, ThisIsU, for your quick reply!

    Attached is the FSS.txt file requested

    -Jeff
     
  4. thisisu

    thisisu Malware Consultant

    Hi Jeff,

    It didn't attach. Try once more.
     
  5. JuVuDu

    JuVuDu Private E-2

    Sorry!
     

    Attached Files:

    • FSS.txt
      File size:
      4.8 KB
      Views:
      18
  6. thisisu

    thisisu Malware Consultant

    [​IMG] From Programs and Features (via Control Panel), please uninstall the below:
    • Java(TM) 6 Update 20


    [​IMG] Delete items using RogueKiller.

    Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
    When it opens, press the Scan button
    Once the scan is complete, go to the Registry tab and checkmark everything except the below items:
    • [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0)
    • [HJ] HKLM\[...]\System : EnableLUA (0)
    Now press the Delete button.
    When it is finished, attach the very latest RogueKiller log on yoru desktop. (How to attach)

    __

    Completely delete these two folders manually using Windows Explorer:
    • c:\windows\installer\{819b7943-6966-3e91-3662-8a5576bc5bb1}
    • c:\users\jacquelyn kadilak\appdata\local\{819b7943-6966-3e91-3662-8a5576bc5bb1}
    Let me know if successful or not.
     
  7. thisisu

    thisisu Malware Consultant

    [​IMG] Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.
    • Now open Repair_Windows.exe
    • Go to the Start Repairs tab.
    • Press the Start button
    • Create a System Restore point if prompted.
    • In the Repair Options window, choose the following repairs:
      • Reset Registry Permissions
      • Repair Windows Firewall
    • Place a checkmark in Restart/Shutdown System When Finished
    • Fill in the Restart System bubble
    • Now click the Start button.
    • Be patient while the tool repairs the selected items. Your computer should automatically restart when finished.

    __

    Once the computer has been rebooted, test to see if the Windows Firewall is now working.

    Then do the following:

    • Download each of the 4 files below onto the desktop of the computer with the issues:
    • Now double-click each of them, one at a time, and allow each one to merge into the Windows registry.
    • Let me know if you received a successful message for all four files.
    • If all were successful, reboot your computer.

    __

    [​IMG] Rescan with Farbar Service Scanner.
    Attach its latest log upon completion. (How to attach)
     
  8. JuVuDu

    JuVuDu Private E-2

    Hello Thisisu!

    This is in response to your message #6

    Attached is latest Roguekiller report following steps taken in message #6

    Windows still not updating before or after Restart

    Windows Update still missing from services.msc list

    Moving on to steps to take in message #7

    Thanks!

    Jeff
     

    Attached Files:

  9. JuVuDu

    JuVuDu Private E-2

    In response to message #7...

    Repair_Windows.exe was run

    Computer rebooted and Windows Firewall working.

    The 4 registry files were run with successful messages for all four files.

    Computer rebooted.

    Rescanned with Farbar Service Scanner.

    Latest log attached

    -Jeff
     

    Attached Files:

    • FSS.txt
      File size:
      2.6 KB
      Views:
      6
  10. thisisu

    thisisu Malware Consultant

    Ok it looks like all the repairs were successful. Are you experiencing any issues now? Test Windows Update to verify that it is working.
     
  11. JuVuDu

    JuVuDu Private E-2

    Hello Thisiu!!!

    Windows Update is working once again!

    4 updates were waiting, downloaded and installed!

    Thank you so much for your time and expertise...

    this was my first time using a forum vehicle and I want to thank you also for making it a pleasant and worthwhile experience!!!

    Jeff (JuVuDu)
     
  12. thisisu

    thisisu Malware Consultant

    You're welcome Jeff :)

    If you are not having any other malware related problems, it is time to do our final steps:
    • Any programs we had you download and/or install can be removed at this time.
    • If we had you download and run ComboFix, here is how to uninstall it:
      • Press and hold the Windows key [​IMG] and then press the letter R on your keyboard.
      • This opens the Run dialog box.
      • Copy and paste the below text inside the text-field:
        • "%userprofile%\desktop\ComboFix" /uninstall
      • Now press ENTER
      • ComboFix will extract its files one last time and you should receive a notification that ComboFix has been uninstalled shortly after.
    • You can re-enable your Disk Emulation software at this time via DeFogger.
    • If we had you create or download a registry patch or "fix" script, these can be deleted at this time.
    • Go into the C:\MGtools folder and run the MGclean.bat file to remove additional traces of our tools.
    • Now we will toggle System Restore to remove any infected system restore points.
    • Lastly, here is a guide to protect you from future infections: How to Protect yourself from malware!
    • Be safe :)
     
  13. JuVuDu

    JuVuDu Private E-2

    Done!

    Thanks again, T!!

    Extremely appreciated!!!

    J
     
  14. thisisu

    thisisu Malware Consultant

    My pleasure :)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds