Windows Update / services on XP

Please provide us with logs from the below tools per our cleaning process:

• Malwarebytes
• RogueKiller
• Hitman
• MGtools

 

Now download and save a copy of combofix.exe and save it directly onto your Desktop folder. Then double click on it to run it. Do not disturb it by clicking in the window that opens or it may stall. After it finishes, it may reboot your PC. Attach the C:\combofix.txt log that it creates.

If after running Combofix you discover none of your programs will open up because you receive the following error: Illegal operation attempted on a registry key that has been marked for deletion then you will need to reboot your computer which will normally fix this problem.

 

Other than Babylon Toolbar ( which you have not even complained about ) I'm not seeing any malware in your logs, but it is a quite hard to follow all of the date because your Windows version is a Spanish version which makes it hard for us to find expected information in your logs.

When you connect to Windows Update, try shutting down your protection software and tell me what happens. Provide exact word for word error messages if there are any.

Also since this is a laptop, are you using Wireless to connect or a wired connection? Try wired if that is not what you are using.



Also let's try updating the BITS registry entry with ComboFix because you may have use a registry key for Vista or Win7 not XP

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
• If ComboFix tells you it has expired or need to be updated to a new version, make sure you allow it to update.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

If after running Combofix you discover none of your programs will open up because you recieve the following error: Illegal operation attempted on a registry key that has been marked for deletion then you will need to reboot your computer which will normally fix this problem.

Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

Run MGtools.exe ( Note: If using Vista or Win7, make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )

Now attach the below log:

• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Okay the BITS service was added to the registry okay ( it was missing before ) but it did not start.
Also I see your Windows Update service is not running. Have you tried to enable automatic updates?

See >>http://windows.microsoft.com/en-US/windows-vista/Turn-automatic-updating-on-or-off

Also try doing the below.

Be patient while doing the below. The fixes can take quite awhile to run. Especially the permissions repairs. It may be best to kick it off and goto bed or do something else. It is better not to run anything while the repairs are going on.


Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.

• Now run Repair_Windows.exe by double clicking on it ( if you are running Vista or Win 7, use right click and select Run As Administrator)
• Now select the Start Repairs tab.
• The click the Start button.
• Create a System Restore point if prompted.
• On the next screen, click the Unselect All button to first deselect all repairs.
• Now select the following repair options:
  • Reset Registry Permissions
  • Reset File Permissions
  • Register System Files
  • Repair WMI
  • Repair Windows Firewall
  • Remove Policies Set By Infections
  • Repair Winsock & DNS Cache
  • Repair Proxy Settings
  • Repair Windows Updates
  • Set Windows Services To Default Startup
• Now on the lower right side check the box to Restart/Shutdown System When Finished
• Then make sure the Restart System radio button is enabled.
• Shutdown any other programs that you are running now before continuing.
• Now click the Start button.
• Be patient while the tool repairs the selected items.
• It should reboot automatically when finished.

Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

Run MGtools.exe ( Note: If using Vista or Win7, make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )


Now attach the below log:

• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Okay then let's see what happens if you try starting the service since it is stopped.

Click Start and type services.msc in the Run box and click OK.

On the Services form scroll down to Automatic Update and double click on it. Set the Startup Type to Automatic ( if not already set that way ) and change the Service Status to Started ( by clicking the Start button). Tell me if it Starts and remains started. If you receive any error messages, provide the EXACT details.

Try the same to start the Backgound Intelligent Transfer Service. Again tell me what happens.

 

This is not due to malware. You have a problem with Windows. Information on this error states

You may want to try performing a System Restore to a point before where your problems began.

 

Wait a second. Where did you get the patches you said you used in message #1 for the below?
wscsvc.reg
wuauserv.reg
BITS.reg
WinDefend.reg

 

This is a dangerous thing to do. All fixes are taylor to the particular operating system a user is running and what problems they are having. You may have installed registry patches that are not correct for your version of Windows. Are those the only registry patches you applied or did you use more than those? We may not be able to easily fix this.

Let's see if we can apply a couple new patches.


Copy the bold text below to notepad. Save it as fixWU.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now Copy the bold text below to notepad. Save it as fixBITS.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now reboot your PC and after reboot, run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Well although it said the patches worked, they do not appear to have worked correctly. Thus I'm going to modify them with the below fix. Overwrite the previous patch files with these new ones. Also, I'm adding one new patch file.​

Copy the bold text below to notepad. Save it as fixWU.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry. ​

Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it definitely did not work. ​

Now Copy the bold text below to notepad. Save it as fixBITS.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry. ​

​

Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it definitely did not work. ​

Copy the bold text below to notepad. Save it as fixWSCxp.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

​

Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it definitely did not work. ​

Now reboot your PC and after reboot, run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator). ​

​

Then attach the below logs:

• C:\MGlogs.zip

Make sure you tell me how things are working now!​

​

 

You're welcome.

Yes, see if you can install all of the recommended updates. Let me know what happens and if any of them do install, be sure to reboot afterwards. Then attach a new log from MGtools after running the C:\MGtools\GetLogs.bat program.

 

Try running IE without add-ons. Right click your IE icon on your Desktop and select the option Start Without Add-ons

See how it works this way. You will have to continue in the Software Forum soon as you are not having malware problems. You have Windows problems now. Also since you had and may still have many services broken ( again not a malware forum issue ) this may make it necessary to reinstall to get your PC into a stabile and reliable state.