Hi -
I've got an HP Probook 4520s (Laptop) with windows 7 pro. I cannot 'update' two windows security files (KB2722913 and KB2731847). I get a fail message.

I contacted Microsoft, they ran 'scan now' and found a few 'corrupt' or missing windows files, fixed those then ran 'fixnow' and 'hotfix' - took a while fixed a few more and still could not load updates. In fact whenever IE9 ran in lost internet connection. We uninstalled IE( but IE8 was still on system and did same thing. Then he ran Malware bytes full scan- WENT THROUGH 445,000 items - took about TWO hours - found one infection. Adware - Then went to kaspertsky - downloaded tdsskiller - ran scan found a rootkit (safeboot.sys dated 2/1/2010) - he said was the WORST kind of virus - set to purposely destroy computer. He skipped it then copied it to quarantine, still didn't work then deleted the file - then rebooted. Screen said on boot damaged - asked to try repair it, but just went to restore point - rebooted, but put back the safeboot.sys file.
The MS person said probably have to reformat & reinstall regular win 7 pro and reinstall programs.

But I researched a bit and found that Safeboot.sys may be part of HP Security Suite.

I also use retrospect backup and have a number of backups available from 4/22 to 8/23. I did run retrospects reformat disc and reinstalled a backup from 7/13. But I am still not able to instal the two windows updates.

... I have had some problems with virus, Trojans in the past. My computer still functions fine and I DREAD having to reinstall everything for this ... but I think the situation will get worse unless I figure it out.

Thanks

Hello AlbertFlorida,

The FAQ for this forum: http://forums.spybot.info/showthread.php?t=288

However,

Hi -
I've got an HP Probook 4520s (Laptop) with windows 7 pro. I cannot 'update' two windows security files (KB2722913 and KB2731847). I get a fail message.

I contacted Microsoft, they ran 'scan now' and found a few 'corrupt' or missing windows files, fixed those then ran 'fixnow' and 'hotfix' - took a while fixed a few more and still could not load updates. In fact whenever IE9 ran in lost internet connection. We uninstalled IE( but IE8 was still on system and did same thing. Then he ran Malware bytes full scan- WENT THROUGH 445,000 items - took about TWO hours - found one infection. Adware - Then went to kaspertsky - downloaded tdsskiller - ran scan found a rootkit (safeboot.sys dated 2/1/2010) - he said was the WORST kind of virus - set to purposely destroy computer. He skipped it then copied it to quarantine, still didn't work then deleted the file - then rebooted. Screen said on boot damaged - asked to try repair it, but just went to restore point - rebooted, but put back the safeboot.sys file.
The MS person said probably have to reformat & reinstall regular win 7 pro and reinstall programs.

But I researched a bit and found that Safeboot.sys may be part of HP Security Suite.

I also use retrospect backup and have a number of backups available from 4/22 to 8/23. I did run retrospects reformat disc and reinstalled a backup from 7/13. But I am still not able to instal the two windows updates.

... I have had some problems with virus, Trojans in the past. My computer still functions fine and I DREAD having to reinstall everything for this ... but I think the situation will get worse unless I figure it out.

Thanks

That sounds like a bit of a mess, are you sure you contacted Microsoft? By what method?

KBs failing to install for one reason or another are not uncommon issues. For example, Windows Answers forum (http://answers.microsoft.com/en-us/windows/forum/windows_xp-windows_update/updates-fail-to-install-kb2723135-kb2731847/7e7c2ad8-ec5a-440b-8c06-4ed5f7c9601a)

Have you tried "Check for Updates" and installing only 1 at a time. http://answers.microsoft.com/en-us/windows/forum/windows_7-windows_update/windows-updates-fail-15aug2012-kb2732500-kb2729094/116c0816-c456-4dd4-859b-acf53ca25404

Best regards,

HI -
Yes my 'method' of contacting Microsoft was by phone ... I was on the phone with someone for 3 hours. And yes I did try installing the updates one by one, so did Microsoft. Their conclusion was that it was a rootkit (safeboot.sys) - but like I said I looked around a bit and it seems this file may be part of the HP Security Suite. Not sure why TDSSKILLER shows it as "Suspicious Object - medium risk", but the guy at MS was sure it was a rootkit, and that was what was preventing the update (and problems w/explorer - which I don't use).

I am not so sure, I just know I do NOT want to reformat and load all my programs and data again. They 'tweeking' is sooooooo time consuming!
Albert

Hello AlbertFlorida,

It would make sense if you reported that Microsoft had asked you to run their products, Microsoft Security Essentials or Windows Defender off-line rather than someone else's tools.


Yes my 'method' of contacting Microsoft was by phone ... I was on the phone with someone for 3 hours.

Were you charged for the service or was it free?

Is this a business, corporate, institutional computer or used in such an environment?

Best regards.

??? I called MS, they then simultaneously took 'control' of my laptop and ran the programs I mentioned. I already had 'Microsoft Security Essentials' installed and running fine.

I was not charged 'a fee' amazingly ... not sure why.

I have a business, but this is just my home laptop.

Albert

Hello AlbertFlorida,

There's been a lot of Microsoft imitators hence my query. For instance: http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx

Please see the sticky which includes guidelines for this forum and instructions in post #2 on how to provide the preliminary logs used for analysis.

http://forums.spybot.info/showthread.php?t=288

Then start a new topic providing the logs as shown in that sticky and a link back to this thread. A volunteer analyst will advise when available. :)

Best regards.