Update failures

Status
Not open for further replies.
M

MarkC

Joined
Jul 10, 2003
Messages
9,461
Location
Not Seattle, but close.
Since Tuesday or so, nothing on my laptop will update--AVG Free 8.5, Malaware, or Windows automatic updates. The error message is always along the lines of "Update failed, couldn't connect to server".
I haven't made any changes to anything, I was able today to successfully get a partial Windows update by running it with the Windows firewall disabled.
AVG and Malaware still won't.
I ran the Windows scanner and it found a Trojan:win32/seekwel.A virus and claims to have deleted it, as well as fixing some registry errors, but when I ran it it again today, it found the trojan again. I don't know that this is the problem, I'm able to open any website I want, just as always, though a bit slower than usual.
My browser is Firefox, and the OS is XP.
Any help?
 
I has this same Trojan. It's a pain in the arse to get rid of. On the second computer I had to reinstall windows because it really messed things up.
 
Boot your computer in safe mode then manually delete the virus. Then reboot in normal mode and it should be gone. The virus is likely feeding and regenerating off of your operating system which goes dormant in safe mode.
 
Last edited:
What most trojans do now is point update servers to their own servers. So when you run updates for windows, (most) anti-virus programs and anti-spyware programs, it just downloads their little programs, or just points to a different space out there where the files don't exist.


Spybot is generally pretty good, but you might want to check your hosts file:
c:\%systemroot%\system32\drivers\etc\hosts

Unless you used another program to edit this file, it should be pretty empty. Spybot Immunization tool adds quite a few entries to this file though.

You might want to run HiJackThis! and see if anything altered the DNS entries too.
 
Originally Posted By: aquariuscsm
Boot your computer in safe mode then manually delete the virus. Then reboot in normal mode and it should be gone. The virus is likely feeding and regenerating off of your operating system which goes dormant in safe mode.


Since I admit to be a computer [censored], how do I manually delete the virus in safe mode? For that matter, I don't remember how to get it into safe mode.
 
Originally Posted By: MarkC
Originally Posted By: aquariuscsm
Boot your computer in safe mode then manually delete the virus. Then reboot in normal mode and it should be gone. The virus is likely feeding and regenerating off of your operating system which goes dormant in safe mode.


Since I admit to be a computer [censored], how do I manually delete the virus in safe mode? For that matter, I don't remember how to get it into safe mode.


Reboot and when the POST screen comes up, start hitting F8.

NOTE: Depending on the motherboard (this is common with many ASUS boards) the F8 key may also trigger a boot device selection screen, in which case, choose your hard drive from the list and as soon as you hit enter, start hitting F8 again. This should bring up the Windows boot mode selection menu, from which you can choose safe mode.

You would be wise to disable System Restore as well, as this is a common method of reinfection.
 
Your antivirus software should have told you where it was. Alternatively, running something like Malwarebytes, SAS or Spybot in safe mode tends to be more effective.

Don't forget to disable system restore.
 
Originally Posted By: MarkC
Thanks. After that, how do I find and delete the trojan?


If you know the name of the trojan (run a systen scan and wrire down the names of the viruses it finds),once you boot your computer in safe mode,type the name of the virus in "search" (hit the start key,then you`ll see the search function).

The search results will tell you where the virus is,for example.....it will say,my computer/c/ducuments and settings/"trojan".........which that means the trojan is in the documents and settings folder

Once you locate the viruses just open up the folder it`s in,right click on the name of the trojan/virus,and click "delete"

Hopefully that will kill the virus. Since you`re in safe mode,it can`t feed off your operating system to regenerate,which is dormant during same mode,and it will be gone once you reboot in normal mode.
 
So... when I reboot and hit F8, I get a black screen with a list of options. I choose either Safe Mode or Safe Mode with Command Prompts, and the result is the same: a black screen with the words Safe Mode at each lower corner. I can see and move the cursor, but nothing else, just sits there.
 
Okay, so I got it into safe mode, disabled System Restore, found the folder where the trojan was (c:\windows\oge.bnw) and deleted it, but it kept popping back up after a few seconds. I double-checked and System restore was still disabled. So, I had downloaded the 30-day trial of A-squared and ran the scan in Safe mode. It found the trojan and blocked it, rather than deleting. Subsequent scans in both Safe and Normal modes find nothing
but the symptoms remain. No AVG, Malaware, or Windows updates will work, all say something about not being able to, or forbidden to access the server.

Any next steps?
 
I could if I downloaded it. Will it do anything that Malaware, AVG, and A-squared don't?
According to A-squared, everything's clean.
I think I have too many AS/AV programs now. The computer is verrrrry slow now.
 
Well, I did uninstall AVG and Malaware, and turned off A-squared, to try Vipre. Computer is "fast" again(relatively speaking), but the [censored] thing erased my bookmarks, and won't enable it's active protection.
Fun times.
 
Status
Not open for further replies.

Similar threads

paulri
Windows 11 laptop can't detect my microphone
Replies
10
Views
537
Jetronic
dogememe
Used EV Tax Credit Issues
Replies
10
Views
589
dogememe
O
3rd PC build, very strange issue. I'm out of tricks. Long read.
2 3
Replies
41
Views
2K
OilMagnate
ZeeOSix
Windows 10 Update Error Message
Replies
5
Views
653
ZeeOSix
OVERKILL
old Mac adventures!
Replies
8
Views
909
bunnspecial
Back
Top