Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

DOS/Alureon.A Trojan (and other variants) Infection and possible Maste


  • This topic is locked This topic is locked

#76
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Let's make sure your settings for file renaming are correct.


Click Start >> Computer >> Organize (Top left) >> Folder and search options

Click the View Tab

Under Hidden files and folders place the Dot next to Show hidden, files, folders, and drives

Go down a little further in the list and Uncheck Hide extensions for known file types

Now click Apply and finally click OK

Stay in the computer window and Go to that directory:

C:\ProgramData\Microsoft\Network\Downloader

and tell me what files are in it.
  • 0

Advertisements


#77
cleftuppercut

cleftuppercut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts
it appears that there are no files in c:\programdata\microsoft\network\downloader
  • 0

#78
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
OK we will go on to the next two steps.

Step 1.

The steps that I am about to suggest involve modifying the registry. Modifying the registry can be dangerous so we will make a backup of the registry first.


Backing Up Your Registry
  • Download ERUNT
    (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
  • Install ERUNT by following the prompts
    (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
  • Start ERUNT
    (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
  • Choose a location for the backup
    (the default location is C:\WINDOWS\ERDNT which is acceptable).
  • Make sure that at least the first two check boxes are ticked
  • Press OK
  • Press YES to create the folder.
Posted Image


Step 2.

Reset fully Windows Updates

Please run this MS Fix 50202 in AGGRESSIVE MODE (image)

Posted Image


Step 3.

Try updates both Microsoft Security Essentials and the general updates and let me know the error message and codes if they do not work.

Then run MiniToolBox again and post it.

If they work no need to post the MiniToolBox. :)
  • 0

#79
cleftuppercut

cleftuppercut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts
In the middle of running fixit, i received a popup that said "Service 'Background Intelligent Transfer Service' (BITS) failed to start. Verify that you have sufficient privilages to start system services." It offers a 'try again' and 'cancel' button. I clicked try again, and after ~10 seconds the message appeared again.
  • 0

#80
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Rerun the fixit and see if it does it again.
  • 0

#81
cleftuppercut

cleftuppercut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts
Same thing. Although I noticed that in your image of the 'run in aggressive mode' the "Next" button has the little administrator shield next to it, but there us no little administrator shield next to it when I run the program and get to that screen. Could that be indicative of a problem?
  • 0

#82
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Make sure when you run the tool that you have right clicked it and selected Run as administrator.
  • 0

#83
cleftuppercut

cleftuppercut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts
Ok, I ran the program again in administrator mode, and it clearly was different (there was the little shield present, and it asked for permission to make changes to the computer), but even so, the same popup appeared again regarding the BITS. :/
  • 0

#84
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Reboot into safe mode with networking and use the Admin account if you can, if not use yours and try to run it again.
  • 0

#85
cleftuppercut

cleftuppercut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts
Rebooted in safe mode, but apparently, the program is not completely installed, so it cant be launched because windows installer is not working. Im going to reboot in regular mode and see if i can get fixit to be actually installed.
  • 0

Advertisements


#86
cleftuppercut

cleftuppercut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts
Sorry, How do I set fixit up as an installed program, and not just the installer?
  • 0

#87
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
HMMMM good question.

I will discuss this one with the experts.

Do you have another account on this computer with admin privileges?
  • 0

#88
cleftuppercut

cleftuppercut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts
unfortunately not. just the one account
  • 0

#89
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Well you have a hidden built in administrator account. Here is what we will do:

  • Enable the hidden administrator account.
  • Log out of your current account.
  • Log on to the Administrator account.
  • Go to Post #78 and download the MS fixit in step 2.
  • Run the fixit in normal mode, check if updates work, if they do stop and post.
  • Run the fixit in Aggressive mode, check if updates work, post either way an update.




Open the Start Menu.

In the Start Menu search box area type cmd, then right click on cmd.exe (at top), and click on Run as administrator. (see screenshot below)
Posted Image

1. To Enable the Hidden Built-in Administrator Account

A) In the elevated command prompt, copy and paste the command below and press Enter. (See screenshot below)

net user administrator /active:yes

Posted Image

B) Go to step 3.

2. To Disable the Hidden Built-in Administrator Account

A) In the elevated command prompt, copy and paste the command below and press Enter. (See screenshot below)

net user administrator /active:no

Posted Image

3. Close the elevated command prompt.

4. Log off, and you will now see the built-in Administrator account log on icon added (enabled) or removed (disabled) from the log on screen. (See screeenshot below)
NOTE: Click on the Administrator icon to log on to the built-in Administrator account.

Posted Image


Then log on to GeekstoGo and go to Post #78

Download the MS fixit.

Run the fixit in normal mode, check if updates work, if they do stop and post.

Run the fixit in Aggressive mode, check if updates work, post either way an update.
  • 0

#90
cleftuppercut

cleftuppercut

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts
I am attempting to follow these directions, but I am having several problems and would like to ask for clarification on several things. First, I need to use the MS Fixit found in Post 78 of this thread, correct? Second, when using the administrator profile, should the "run this program in administrative mode" prompts still come up, or are they automatically applied without notification? At the moment, I have attempted to run the version of MS Fixit from post 78 of this thread in normal mode, and have received the same prompt regarding lacking permissions to change BITS that I had on my own profile. Additionally, I have received no prompts regarding the program being allowed to make changes to the system, or any other indication that the program is being run in admin mode.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP