Please follow these instructions ver carefully, the following instructions are for a registry hack to repair Windows Update function. It is essential to backup the registry before it is implemented. Use System Restore and create a restore point or use ERUNT, get it
HERE Using Vista complicates things because of UAC. This is covered in the instructions at the site under Frequently Asked Questions
Please follow these instructions carefully after backing up the Registry as above:
Open Notepad by selecting the windows key and R together, and entering the word:
Notepad in the run box.
Next tap "Enter" . Open the Notepad Format Menu and uncheck Word Wrap. Then copy and paste the following code between the dotted lines to Notepad: Make sure you encapsulate the full code!!!
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Windows Registry Editor Version 5.00
Next, Click on the File Menu, then Save As ... and click on the drop down menu to change the file type to All Files.
Next navigate to your desktop, and enter the file name
fix.reg, and click Save.
You should now find a new file on your desktop named
fix.reg. Double click on
fix.reg. You will get a warning, agree to the merge, and then a message the file has been merged will immediately pop up.
Then reboot and try your update function. If this still doesn`t help I think your only option may be to re-install your OS, lets see how this goes and take it from there.
I've got some good news!!! I ran the hack and it didn't solve the problem but it didn't hurt anything either. :emotion-2:
As you recall, the error number 800b0109 would come up on attempts to update. Normally, it came with the message "windows could not search for new updates." I also got this error number when I tried to install SP2 (just for grins); however, it said "A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider."
So I went looking into root certificates and I messed around with the MMC's (Microsoft Management Console) snap ins and some other utility trying to connect the dots. I searched for certificates keynamed 'microsoft' in the system and I saw one labelled something like "Microsoft Root Certificate..." The certificate I was interested in said basically that it wasn't trusted but a subset component of it in the tree said it was a valid certificate. So I assumed THAT was the one I wanted.
So the problem then if it's a valid certificate is how do I install it; I wasn't getting anywhere with the console, et. al. After some more searching, I got pointed at "Update for Root Certificates" and KB931125:
When I tried to download for Vista, it failed the validation requirements, naturally, but that was method one (I basically had to have the validator installed In my case) then they had a second method where they gave me a code to download the validator and run the validation process again. Only then was I able to get the certificates updated and start getting the windows updates (41 in all). I couldn't believe it.
So I guess somewhere along the way, the certificate (table?) got deleted, corrupted, lost whatever, either through an update gone wrong or perhaps that's what some of these rootkits are in fact doing to their hosts to take them apart bit by bit.
Some other good news, and this is off topic a bit, I got Kaspersky to run on my desk top last night. Remember, I had problems with that and I'd installed the latest JRE runtime version? It turned out one of the add ons in IE's Manage Ad Ons for Java wasn't enabled and that's what kept it from running (I came out clean on Kaspersky BTW).
Thank you so much for ridding us of all the horrible malware and showing us a whole bunch of really great tools to add to our toolkit. Thank you especially for being so thorough and SO PATIENT and best of luck on all of your security certifications. If there's anything I can do, let me know.
BTW, the error I was getting from Kaspersky before enabling the Java Add On was "Launch of the java application is interrupted! Please establish an uninterrupted Internet connection for work with this program."
It was just dumb luck because Kaspersky said my system requirements were met but the Tools->Options->Advanced->Java said an applet needs to be relaunched so I went looking. Enabling the add on did the trick but really didn't change the aforementioned. But it did allow Kaspersky to start downloading.
Well, that takes a major, major load off of my mind. Hubby says his Vista system is running a lot faster and he says it's like having a new computer. He told me that will be his anniversary present. He is so happy.
Nice job you`ve done to track down that problem, I`ve included my standard closure for you, there are some good tips available. Please read the link to Tony Klein`s information near the end.
Here are some tips to reduce the potential for malware infection in the future; I strongly recommend that you read them and take them to heart so that you don't have to endure the process of cleaning your computer again.
Make proper use of your antivirus and firewall
Antivirus and Firewall programs are integral to your computer security. However, just having them installed isn't enough. The definitions of these programs are frequently updated to detect the latest malware, if you don't keep up with these updates then you'll be vulnerable to infection. Many antivirus and firewall programs have automatic update features, make use of those if you can. If your program doesn't, then get in the habit of routinely performing manual updates, because it's important. You should keep your antivirus and firewall guard enabled at all times,
NEVER turn them off unless there's a specific reason to do so. Also, regularly performing a full system scan with your antivirus program is a good idea to make sure you're system remains clean. Once a week should be adequate. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.
Use a safer web browser Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a few good free alternatives:
All of these are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these. If you wish to continue using Internet Explorer, it would be a good idea to follow the tutorial
HERE which will help you to make IE
MUCH safer.
These
browser add-ons will help to make your browser safer:
Web of Trust warns you about risky websites that try to scam visitors, deliver malware or send spam. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous ones:
Green to go,
Yellow for caution, and
Red to stop.
W.O.T is available for
Firefox and
Internet Explorer.
NoScript helps to block malicious scripts and in general gives you much better control over what types of things webpages can do to your computer while you're browsing. Available for
Firefox only. These are just a couple of the most popular add-ons, if you're interested in more, take a look at
THIS article.
Please read this excellent article by Tony Klein
So how did I get infected in the first place It reiterates some of the above advice and gives a lot of other top tips.
Please keep Malwarebytes for occasional scans, remember to always update first. Use CCleaner maybe weekly to get rid of all the clutter. Keeping your hard drive De-fragmented will also go along way to keeping your system at optimum performance. The free version of Auslogic Disk Defrag available
HERE will do the job nicely, that site also has an excellent tutorial.
Good to hear that hubby is pleased with the outcome, I think you worked harder than me on this one. The registry hack was courtesy of PCBruiser from SpywareHammer. He was my mentor during my training period, i`m fully fledged now but I guess you just never stopn learning.
If you have no other issues are you happy for me to close this one out.
Since this issue appears to be resolved the topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
The fixes and advice in this thread are for this System only. Do not apply the instructions from this thread to your own System. Please start a new thread describing your issue and someone will be along to assist you.
Since this issue appears to be resolved the topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
The fixes and advice in this thread are for this System only. Do not apply the instructions from this thread to your own System. Please start a new thread describing your issue and someone will be along to assist you.
chkn
41 Posts
0
June 15th, 2010 16:00
Should I reinstall McAfee before I run CCleaner?
kevinf80_1d0ac6
1.1K Posts
0
June 15th, 2010 16:00
Yes please....:emotion-5:
chkn
41 Posts
0
June 15th, 2010 19:00
I'm sorry to say it did not work. :emotion-6:
kevinf80_1d0ac6
1.1K Posts
0
June 16th, 2010 02:00
Please follow these instructions ver carefully, the following instructions are for a registry hack to repair Windows Update function. It is essential to backup the registry before it is implemented. Use System Restore and create a restore point or use ERUNT, get it HERE Using Vista complicates things because of UAC. This is covered in the instructions at the site under Frequently Asked Questions
Please follow these instructions carefully after backing up the Registry as above:
Open Notepad by selecting the windows key and R together, and entering the word:
Notepad in the run box.
Next tap "Enter" . Open the Notepad Format Menu and uncheck Word Wrap. Then copy and paste the following code between the dotted lines to Notepad: Make sure you encapsulate the full code!!!
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate\DisableWindowsUpdateAccess]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoWindowsUpdate"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoWindowsUpdate"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=dword:00000000
"AUOptions"=dword:00000000
[-HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WindowsUpdate]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDevMgrUpdate"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"NoUpdateCheck"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate]
"DisableWindowsUpdateAccess"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoWindowsUpdate"=dword:00000000
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Next, Click on the File Menu, then Save As ... and click on the drop down menu to change the file type to All Files.
Next navigate to your desktop, and enter the file name fix.reg, and click Save.
You should now find a new file on your desktop named fix.reg. Double click on fix.reg. You will get a warning, agree to the merge, and then a message the file has been merged will immediately pop up.
Then reboot and try your update function. If this still doesn`t help I think your only option may be to re-install your OS, lets see how this goes and take it from there.
Kevin.
chkn
41 Posts
0
June 16th, 2010 18:00
Hi Kevin:
I've got some good news!!! I ran the hack and it didn't solve the problem but it didn't hurt anything either. :emotion-2:
As you recall, the error number 800b0109 would come up on attempts to update. Normally, it came with the message "windows could not search for new updates." I also got this error number when I tried to install SP2 (just for grins); however, it said "A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider."
So I went looking into root certificates and I messed around with the MMC's (Microsoft Management Console) snap ins and some other utility trying to connect the dots. I searched for certificates keynamed 'microsoft' in the system and I saw one labelled something like "Microsoft Root Certificate..." The certificate I was interested in said basically that it wasn't trusted but a subset component of it in the tree said it was a valid certificate. So I assumed THAT was the one I wanted.
So the problem then if it's a valid certificate is how do I install it; I wasn't getting anywhere with the console, et. al. After some more searching, I got pointed at "Update for Root Certificates" and KB931125:
http://www.microsoft.com/downloads/details.aspx?FamilyID=f814ec0e-ee7e-435e-99f8-20b44d4531b0&DisplayLang=en
When I tried to download for Vista, it failed the validation requirements, naturally, but that was method one (I basically had to have the validator installed In my case) then they had a second method where they gave me a code to download the validator and run the validation process again. Only then was I able to get the certificates updated and start getting the windows updates (41 in all). I couldn't believe it.
So I guess somewhere along the way, the certificate (table?) got deleted, corrupted, lost whatever, either through an update gone wrong or perhaps that's what some of these rootkits are in fact doing to their hosts to take them apart bit by bit.
Some other good news, and this is off topic a bit, I got Kaspersky to run on my desk top last night. Remember, I had problems with that and I'd installed the latest JRE runtime version? It turned out one of the add ons in IE's Manage Ad Ons for Java wasn't enabled and that's what kept it from running (I came out clean on Kaspersky BTW).
Thank you so much for ridding us of all the horrible malware and showing us a whole bunch of really great tools to add to our toolkit. Thank you especially for being so thorough and SO PATIENT and best of luck on all of your security certifications. If there's anything I can do, let me know.
Laurie
chkn
41 Posts
0
June 16th, 2010 23:00
Hi Kevin:
BTW, the error I was getting from Kaspersky before enabling the Java Add On was "Launch of the java application is interrupted! Please establish an uninterrupted Internet connection for work with this program."
It was just dumb luck because Kaspersky said my system requirements were met but the Tools->Options->Advanced->Java said an applet needs to be relaunched so I went looking. Enabling the add on did the trick but really didn't change the aforementioned. But it did allow Kaspersky to start downloading.
Well, that takes a major, major load off of my mind. Hubby says his Vista system is running a lot faster and he says it's like having a new computer. He told me that will be his anniversary present. He is so happy.
Thanks again,
Laurie
kevinf80_1d0ac6
1.1K Posts
0
June 16th, 2010 23:00
Nice job you`ve done to track down that problem, I`ve included my standard closure for you, there are some good tips available. Please read the link to Tony Klein`s information near the end.
Here are some tips to reduce the potential for malware infection in the future; I strongly recommend that you read them and take them to heart so that you don't have to endure the process of cleaning your computer again.
Make proper use of your antivirus and firewall
Antivirus and Firewall programs are integral to your computer security. However, just having them installed isn't enough. The definitions of these programs are frequently updated to detect the latest malware, if you don't keep up with these updates then you'll be vulnerable to infection. Many antivirus and firewall programs have automatic update features, make use of those if you can. If your program doesn't, then get in the habit of routinely performing manual updates, because it's important. You should keep your antivirus and firewall guard enabled at all times, NEVER turn them off unless there's a specific reason to do so. Also, regularly performing a full system scan with your antivirus program is a good idea to make sure you're system remains clean. Once a week should be adequate. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.
Use a safer web browser Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a few good free alternatives:
Firefox,
Opera, and
Chrome.
All of these are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these. If you wish to continue using Internet Explorer, it would be a good idea to follow the tutorial HERE which will help you to make IE MUCH safer.
These browser add-ons will help to make your browser safer: Web of Trust warns you about risky websites that try to scam visitors, deliver malware or send spam. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous ones:
Green to go,
Yellow for caution, and
Red to stop.
W.O.T is available for Firefox and Internet Explorer.
NoScript helps to block malicious scripts and in general gives you much better control over what types of things webpages can do to your computer while you're browsing. Available for Firefox only. These are just a couple of the most popular add-ons, if you're interested in more, take a look at THIS article.
Please read this excellent article by Tony Klein So how did I get infected in the first place It reiterates some of the above advice and gives a lot of other top tips.
Please keep Malwarebytes for occasional scans, remember to always update first. Use CCleaner maybe weekly to get rid of all the clutter. Keeping your hard drive De-fragmented will also go along way to keeping your system at optimum performance. The free version of Auslogic Disk Defrag available HERE will do the job nicely, that site also has an excellent tutorial.
Best regards,
Kevin
kevinf80_1d0ac6
1.1K Posts
0
June 17th, 2010 09:00
Hi Laurie,
Good to hear that hubby is pleased with the outcome, I think you worked harder than me on this one. The registry hack was courtesy of PCBruiser from SpywareHammer. He was my mentor during my training period, i`m fully fledged now but I guess you just never stopn learning.
If you have no other issues are you happy for me to close this one out.
Best regards,
Kevin
chkn
41 Posts
0
June 17th, 2010 10:00
:emotion-21:
kevinf80_1d0ac6
1.1K Posts
0
June 17th, 2010 11:00
Since this issue appears to be resolved the topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
The fixes and advice in this thread are for this System only. Do not apply the instructions from this thread to your own System. Please start a new thread describing your issue and someone will be along to assist you.
kevinf80_1d0ac6
1.1K Posts
0
June 17th, 2010 11:00
Since this issue appears to be resolved the topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
The fixes and advice in this thread are for this System only. Do not apply the instructions from this thread to your own System. Please start a new thread describing your issue and someone will be along to assist you.