Windows Update won't run and Can't Download in IE

Hello, major-ly wonderful people! I'm trying to help a friend with his computer (Windows 7, Internet Explorer 10). He's been having problems for about a year, and it's been gradually getting worse.

Continuing Problems:

1. Can't access Windows Update. It gives this message: "Windows Update cannot currently check for updates, because the service is not running. You may need to restart your computer." Restarting does not help. Also, no update history shows.
   
2. Can't download anything using Internet Explorer.
   
3. His system is slow, especially when opening programs.

MajorGeeks Protocols that have been Run so Far:

1. Fixing Google Redirection/hijacking and other redirection problems (Steps 1 & 4 only, since at that point redirection problems seemed to have gone away)
2. READ & RUN ME FIRST. Malware Removal Guide. But I made this MISTAKE: I didn't read ALL the directions (so sorry!) and so I also ran CCleaner Registry Scan and Fix. If this messes things up too badly, I am willing to restore his system to the time of all the problems and run your protocols again. Please let me know what needs to be done.
3. Vista & Windows 7 Malware Removal/Cleaning Procedure (Steps 1-4, since problems still exist). Note that I ran TDSSkiller a total of 4 times during the protocol, since I had trouble finding the logs. I'm only attaching the first log to this post, but would be glad to attach the other three if you need them.

History of the Problem:

The first thing my friend noticed, about a year ago, was that a LOT more ads began popping up when he was on the internet (using Internet Explorer 10). Then, when he would click on a link, a full-screen ad would come up instead of the page he requested. When he would close that window, the page he wanted would come up. Then when he was finished and tried to close the browser, there would be three or four more full-screen ad windows also waiting to be closed.

Next, he started having problems getting into certain web pages at all. The cursor would "just sit there and spin." Sometimes, simply trying a few more times would get it to work. Sometimes, he would run his cleaner programs (CCleaner, Optimizer Pro, Norton 360's cleaner), then restart his computer, and this would work. Sometimes. At other times, he would wait a day then try again and it would work then.

These things gradually started happening more and more often, until it was nearly constant. His computer in general was also running more and more slowly.

Then, about a week ago, he tried to access a YouTube video, but couldn't. He would just get a black rectangle. He tried to go into System Restore, but there were no restore points! That's when he called me in to look at it. ​

Steps I have Taken to Try to Fix the Problems:

I looked at System Restore and there was one restore point, but the description was in something like Japanese or Korean. I created a manual restore point and it displayed okay. The next morning, the Japanese/Korean restore point had disappeared, but my manual one was still there. I have created two more since then and they still appear on the list.

I witnessed the redirection/hijacking phenomenon and ran part of your Google Redirection/hijacking protocol (Steps 1 & 4 only). This seemed to eliminate the redirection, but he still got many pop-up and pop-under ads. I changed his IE Internet Options/Privacy/Turn on Popup Block/Settings/Blocking level to High. This seemed to get rid of the excess ad problem.

The YouTube problem seemed to be caused by lack of the Flash Player utility. But I couldn't download Flash Player (or anything else in IE). Since IE was his only browser, I installed Opera (using a flash drive). Using Opera, I downloaded and installed the IE version of Flash Player. This fixed the YouTube-not-playing-in-IE problem, but I still can't get it to download anything from IE.

The next day, I tried to update his Windows 7 system using Windows Update and got the following message: "Windows Update cannot currently check for updates, because the service is not running. You may need to restart your computer." Restarting has not helped. Also, no Windows Update history is shown although his system is set to automatically download and install Windows updates.

Therefore, I ran your READ & RUN ME FIRST protocol. When I ran RogueKiller, it killed something in the pre-scan mode and Windows Update popped up to say my friend's system needed updating. I wanted to wait until I had finished your protocol. But, by then (possibly because of the restarting needed by mbam?) Windows Update quit working again. Also, when I ran mbam, it found more than 200 problems. As per your instructions, I asked it to "quarantine all". But I'm not sure this shows in the log.​

Since this has taken me several days, he has continued to use his computer in the meantime. Even with Opera, he has had trouble getting into two of the websites where he pays his bills. Each time, though, he tried again the next morning and could get in.

Any help you can provide would be MOST APPRECIATED!!!!

 

Kestrel13! Thank you so much for your help.

I have taken the steps you so generously outlined, with these exceptions:

MGtolls\analyse.exe -- I couldn't find the following entries (but had it fix the two O6's you listed):

• O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
• O20 - AppInit_DLLs: c:\progra~2\optimi~1\optpro~1.dll

RogueKiller -- I couldn't find your first entry and found two versions of the second, which it deleted. RK made two logs; I'm attaching both.

Junkware Removal Tool -- This utility seemed to run okay, but

• I cannot attach the log you requested because Manage Attachments says, "JRT.txt: Your file of 445.9 KB bytes exceeds the forum's limit of 375.0 KB for this filetype."
• So I cut the log in half and am attaching it as JRT-1.txt and JRT-2.txt
• Please let me know if you have a better work-around to get it to you.

​

After finishing your protocol, I checked how my friend's computer was doing with the original list of issues:

1. I attempted to use Windows Update. And it was able to install all updates successfully!
2. I was able to download an app with Internet Explorer (which Windows Update upgraded from IE10 to IE11).
3. My friend's system seems to be running at typical Windows 7 speed again.

Is there anything else I need to do?

My friend's only concern is the loss of Optimizer Pro, a utility he paid for. He currently has CCleaner, JetClean, and Norton 360. But Optimizer Pro was finding files that all three of those missed. He uses the internet a lot and his doing so quickly bogs down his system. So, is there another cleaner you would recommend for him?

 

Thank you again, Kestrel13! Yes, I re-ran Hitman Pro as you instructed and had it do the repair (as I recall, there was only one listed). But my friend is now out of town for a few days, so it might be early next week before I can get that log to you. But I'll get back to you with it as soon as I can.

And thank you so much for your comment about Optimizer Pro being undesirable. Coming from you, I hope he'll listen.

 

Hi, thank you for your patience, Kestrel13! Bottom line is: I have attached the missing Hitman Pro log you requested.

What happened: I guess I have a memory like a steel sieve these days. When I got back to my friend's computer, I couldn't find a log that I ran during your protocol. But I do vaguely remember re-running the utility and that it found only one thing and that I told it to fix that. But exactly what that was, I have no idea since I didn't write it down. So. I reran Hitman Pro today--making sure to do it as "Run as administrator." And it found about 408 problems! I couldn't find anything like the "Repairs heading" you mentioned, so I just chose "Next" and, after I activated the 30-day trial subscription, let it have its head. I saved lots of logs this time, but am attaching only the one from right after the fixes.

I trust you'll let me know if I need to do anything further.

Also, my friend is very grateful and is making a donation.

 

Okay, here's the current Hitman Pro scan log.

 

Hi. Well, he says everything seems to be running fine now. He hasn't needed to pay any more bills online lately. But he was able to do another kind of online payment with no problem. So it looks like things are okay.

 

Yes, Windows Update still seems to be okay, too. I went over and checked his system history, just to be sure. Windows Update has been running and automatically installing updates every day since running your initial custom-fix protocol on 5/9. It has had only one "failed" install--on a Windows Defender update on 5/13--but then successfully installed an update to it, automatically, early this morning. Windows Defender says that it's fine and that its definitions are up-to-date.

 

Oops, further update. All may NOT be well with my friend's computer. As I was packing up to leave, the slight sluggishness of his system was nagging at me. So I thought to check if Windows Update had created any more System Restore points. It had, BUT there was also a restore point created for Trusteer's Rapport installation (on 5/14). I recognized that as one of the things you had helped me get rid of!

So I restored his computer to the Restore Point before that. It took a LONG time to run, but eventually finished. But then his Norton 360 discovered an error in itself and rebuilt itself. It says it's fine now, but his system still seems a little slow. So I also ran CCleaner (just cleaner, not registry piece) and JetClean--which helped, but not much.

Do you want me to re-run the READ & RUN ME FIRST protocol again?

 

Hi. Thank you for your patience. I have attached the new logs.

• RogueKiller: wouldn't run the first time. Ran the second time, but died and disappeared during the pre-scan phase. Workaround used: Using Windows Taskmanager, I killed the Process Tree of both "Rapport Management (System)" and "Rapport Services ([User])". Then re-ran RogueKiller and got a log. It is attached.
  
• Mbam: Ran. Quarantined one item. Log attached.
  
• Tdsskiller: Ran. Said it didn't find anything, so cut and paste the activity to create a log for you. It is attached.
  
• Hitman Pro: Ran. Log attached.
  
• MGtools: Ran. Log zip attached.

Note that "Rapport Management" and "Rapport Services" come back every time the computer is restarted and use up to 97% of available CPU.

Thanks for your help!

 

Thank you so much for your ongoing help. Here are the results from following your instructions:

• RogueKiller:
  
  Registry item deleted uneventfully, log ATTACHED.​
• Reboot:
  
  Uneventful. But please note that Windows Task Manager again shows "Rapport Mgmt Service.exe *32 [SYSTEM]" and "Rapport Services.exe *32 [(User)]" under Processes and these two processes continue to chew up a significant amount of CPU and noticeably slow down my friend's system.​
• Delete this folder:
  
  FAILED to find the folder not only in the location you listed, but anywhere on the machine. Since "No items match your search", this Delete could not be performed.​
• Reset Firefox:
  
  FAILED to find Firefox. My friend says he has never used it on this computer. So skipped this step.​
• Zip system file:
  
  Had to first add "Run command" in Customize Start Menu. Zip file ATTACHED.​

Thank you again for your help.