Not letting me update

Status
Not open for further replies.

artt313

Posts: 8   +0
Hi guys,

I'm new to these forums and I have a problem.
I'm trying to follow the 8 steps but I encounter a problem when I try to update the anti-virus software.
I downloaded Avira and when I try to update, it gives me a status code 403 error and says update didnt complete. CCleaner seems to be running fine but Malware bytes doesnt update either, just says update failed right off the bat. I have used Malware bytes in the past to remove malware but all of a sudden it doesnt allow me to update.
It seems or at least I think, the problem started happening when I downloaded the free avg anti-virus software. After 3 days of having this software I ran the updater and Bam ! access forbidden by the server and ever since I cannot update any anti-virus software. Also, regedit command freezes my computer and I cannot access task manager, basically nothing happens when I hit Ctrl Alt Delete.
Definately something fishy going on here.
Any help would be appreciated.
 
Hello artt313

Please download combofix here -> https://www.techspot.com/downloads/5587-combofix.html

Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.

Now, please make sure no other programs are running, close all other windows.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post
 
Thanks Touch,

It seems to have fixed the update problem as my Avira is updating now.
I attached the combofix file.
I will do the 8 step process when I get home from work and see where it takes me.
Thanks Kimsland also.

ok.

After completing the 8 step process I got this :

Malwarebytes anti-malware came up with nothing.
I included the log anyway as well as the super anti spyware log and the hijack this log.
The 8 step process seemed to clean up a bunch of spyware and trojans but I feel like some are still lingering.

Thanks in advance, you guys have been great.

Art
 
Download and Run the Viewpoint Removal Tool

Download and Run the Norton Removal tool or direct download h e r e

Uninstall SuperAntiSpyware (User Choice)
Any issues uninstalling this, download the SUPERAntiSpyware Uninstaller Assistant

Uninstall Spyware Sweeper (User Choice)
Any issues uninstalling this, download the Spyware Sweeper Uninstall Tool, an older removal tool is Here

Restart (possibly the tools above also requested a restart as well)

  • Download Combofix to your desktop.
  • Double click ComboFix & follow the prompts.
  • A window will open with a warning. (please read it and continue)
  • When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.
Warning: Avira may popup with Virus found during the scan, please select ignore (this is a false positive)
 
Thanks Kimsland,

Attached are the 2 logs you requested.

Is there a reason to remove super antispyware ? you put user choice so just wanted to know if this program will cause problems down the road ( I removed it btw ).
Also, is Avira sufficient enough as a deterent ?
Right now I guess I'll use Avira and CCleaner but I did purchase Panda internet security 2009 ( it was only $20 ) but I havent opened it yet.
Just wanted your opinion.

Thanks again ;)
 
The following seem to be still present:
RegCure (Just uninstall this, unless you are highly technical)
Symantec (You seem to have Symantec Firewall is this correct?)
Viewpoint (Did you run the Removal Tool?)
Vuze (? According to the 8-Step Guide bittorrent client software should have been uninstalled first !)


Please run HJT Scan Only, and place a tick next to the following entries, and then select Fix
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - Global Startup: officejet 6100.lnk = ?
O24 - Desktop Component 1: Privacy Protection - (no file)

popcinfo.dat, presently it exists in C:\Windows folder
It is to stop users cracking: Bejeweled shareware version
If you don't play this Shareware game any longer, please uninstall it, and then delete: popcinfo.dat

Restart

Un-install Combofix
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK
  • CF_Cleanup.png
  • Any popup errors about Antivirus just ok or close
Note #1: 1 space after ComboFix in that uninstall command


The biggest issue here is the bittorrent client software
Personally I cannot help you further with this installed

Info on using P2P Programs => https://www.techspot.com/vb/topic124748.html
More info supplied here => https://www.techspot.com/vb/post752079-4.html
 
Kimsland,

I deleted the entries in hijack this.

As far as those programs you mentioned :

1. RegCure - unistalled prior to beggining this process
2. Firewall should be Microsoft Firewall ( I'm unaware of a symantec firewall ).
3. Viewpoint - I used the removal tool ( not sure why it's still showing up )
4 . Vuze - Was unistalled prior to this process .

ComboFix unistalled.

Not sure why issues 1-4 are still showing up, I thought I had uninstalled them.
 
Please do the below again
I've added one word in Bold
Download and Run the Viewpoint Removal Tool

Download and Run the Norton Removal tool

RESTART

  • Download Combofix to your desktop.
  • Double click ComboFix & follow the prompts.
  • A window will open with a warning. (please read it and continue)
  • When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.
Warning: Avira may popup with Virus found during the scan, please select ignore (this is a false positive)
 
Hmm they all still show in the logs
I'm thinking possibly empty folders :confused:
There was another one as well, that I didn't catch before either:

Trend Micro Antivirus

*Start->Run-> C:\Program Files\Trend Micro\Internet Security 12\TISSuprt.exe
The Trend Micro Diagnostic Toolkit window will appear. Click on the Uninstall tab
Click on the Un-install button
Click on the Un-install button again when asked if you want to continue with the un-installation
Restart your computer

* Note: If the Trend Micro Diagnostic Toolkit window does not appear
Run: C:\Program Files\Trend Micro\Internet Security 12\PCCTool.exe

Or read here for more info: http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1036064&id=EN-1036064

--------

Just check Add\Remove Programs again for:
Trend
Symantec
RegCure
Vuze

If they are not there so be it

Un-install Combofix again
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK
  • CF_Cleanup.png
  • Any popup errors about Antivirus just ok or close
Note #1: 1 space after ComboFix in that uninstall command

--------------

I'm going to suggest one more thing, then that's it !

Please download and run SDFix
(I must refer you to t h i s tutorial on its use, scroll down to "SDFix Instructions")

Download, and run the "RunThis.bat" in Safe Mode, as advised
Then attach the log to a new reply
it should take about 20mins to scan approx
 
Bear in mind what the logs are telling you.

The Find3M report is telling you the files or folders that have been modified in the past 3 months.

And this, Files Created from 2009-04-15 to 2009-05-15 ,shows what was created. If the programs where unistalled then they may well be leftover folders.

Just delete them then.

If you want to see whats in the add/remove programs list use HijackThis, it generates a log for you.
 
Oh yes 30 days, good point ;)

But I still feel the Program Folders should have automatically been removed
But I understand that this is not always the case
So how to confirm is the question :confused:
 
CFScript has a DirLook:: function, systemlook by jpshortstuff, or, ask.

Also,

Uninstall List
To get an Uninstall List from HijackThis:
  • Open HijackThis, click Config, click Misc Tools
  • Click "Open Uninstall Manager"
  • Click "Save List" (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.
 
ok.

Attached are the two reports.
Sdfix log and the Hijack this uninstall list

I guess since my SDFix didnt find anything I'm clean ?

Anyway, thanks for your guidance - appreciate it :)
 
Status
Not open for further replies.
Back