3 replies to this topic

[evalowe]

Windows Vista Programs updates downloads, tries to update, then says update fails and removing info.  Also, continual Java update message.

 

Malware Threat Log:

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 4/22/2014

Scan Time: 7:50:00 PM

Logfile: Malware Threat Log.txt

Administrator: Yes

 

Version: 2.00.1.1004

Malware Database: v2014.04.22.07

Rootkit Database: v2014.03.27.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Chameleon: Disabled

 

OS: Windows Vista Service Pack 2

CPU: x86

File System: NTFS

User: elowe

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 236348

Time Elapsed: 39 min, 26 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Shuriken: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 44

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 

PUP.Optional.MindSpark.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 

PUP.Optional.MindSpark.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\INPROCSERVER32, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 

PUP.Optional.MindSpark.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00A6FAF6-072E-44CF-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 

Trojan.Vundo, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{56256A51-B582-467e-B8D4-7786EDA79AE0}, Quarantined, [025d66c7d9a21d19b4252d197e84ff01], 

Trojan.Vundo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{56256A51-B582-467E-B8D4-7786EDA79AE0}, Quarantined, [025d66c7d9a21d19b4252d197e84ff01], 

PUP.Optional.FunWebProducts.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}, Quarantined, [8cd3ee3f93e838fe0ddd27270cf64eb2], 

PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}, Quarantined, [8cd3ee3f93e838fe0ddd27270cf64eb2], 

PUP.Optional.uTorrentTB.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pacgpkgadgmibnhpdidcnfafllnmeomc, Quarantined, [1748d35af5863df9f82aadc2966c2bd5], 

PUP.Optional.PriceGong.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, Quarantined, [154ad15c3d3ec5715f3f5f1c5ea4ee12], 

Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{00A6FAF1-072E-44cf-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 

Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00A6FAF6-072E-44CF-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\INPROCSERVER32, Quarantined, [1649131a5a212e08f22b61cd92728b75], 

Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 

Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 

Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{07B18EA1-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\TYPELIB\{07B18EA0-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{07B18EAA-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{07B18EAC-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{AAA9C380-E19A-4436-88F6-02942C31CC9E}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{AAA9C381-E19A-4436-88F6-02942C31CC9E}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\MyWebSearchToolBar.SettingsPlugin.1, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\MyWebSearchToolBar.SettingsPlugin, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{07B18EAB-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{07B18EAB-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\MyWebSearchToolBar.ToolbarPlugin.1, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\MyWebSearchToolBar.ToolbarPlugin, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MyWebSearch bar Uninstall, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\INPROCSERVER32, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{07B18EA1-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{07B18EA1-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

 

Registry Values: 5

PUP.Optional.MindSpark.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{00A6FAF6-072E-44CF-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 

PUP.Optional.MindSpark.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{00A6FAF6-072E-44cf-8957-5838F569A31D}, Quarantined, [7ee11716d0ab290df1821a3609f945bb], 

PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|My Web Search Bar Search Scope Monitor, "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h, Quarantined, [ea75c7660675e551920e6b3909fa07f9]

Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{00A6FAF6-072E-44CF-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 

Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

 

Registry Data: 0

(No malicious items detected)

 

Folders: 3

PUP.Optional.FunWebProducts.A, C:\Program Files\FunWebProducts\Installr, Quarantined, [c798e8457dfed95d937b8ad7b74b47b9], 

PUP.Optional.FunWebProducts.A, C:\Program Files\FunWebProducts\Installr\1.bin, Quarantined, [c798e8457dfed95d937b8ad7b74b47b9], 

PUP.Optional.FunWebProducts.A, C:\Program Files\FunWebProducts\Installr\1.bin\chrome, Quarantined, [c798e8457dfed95d937b8ad7b74b47b9], 

 

Files: 5

PUP.Optional.MindSpark.A, C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 

Trojan.Agent, C:\Windows\System32\f3PSSavr.scr, Quarantined, [441b83aad2a9191d2bfbebe33ec4bc44], 

PUP.Optional.MindSpark, C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE, Quarantined, [ea75c7660675e551920e6b3909fa07f9], 

Trojan.BHO, C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL, Quarantined, [1649131a5a212e08f22b61cd92728b75], 

Trojan.BHO, C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL, Quarantined, [b7a889a4720989ad868e0826ed17db25], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

[evalowe]

dds Results:

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 8.0.6001.19518  BrowserJavaVersion: 10.51.2

Run by elowe at 19:52:56 on 2014-04-22

Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3573.1336 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Windows\system32\lxdxcoms.exe

C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Windows\system32\STacSV.exe

C:\Windows\system32\rundll32.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Dell\MediaDirect\PCMService.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE

C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe

C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\PROGRA~1\COMMON~1\McAfee\Platform\MSM\McSmtFwk.exe

C:\Windows\system32\mfevtps.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe

C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

C:\Program Files\McAfee\MSC\McAPExe.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\elowe\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\sdclt.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k SDRSVC

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8

uWindow Title = Internet Explorer provided by Dell

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.8.130\McAfeeMSS_IE.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll

BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"  /MINIMIZED

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [googletalk] "c:\program files\google\google talk\googletalk.exe" /autostart

uRun: [Google Update] "c:\users\elowe\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [ECenter] c:\dell\e-center\EULALauncher.exe

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [IgfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [Easy Dock] <no file>

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.8.130\SSScheduler.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TCP: NameServer = 10.0.0.1

TCP: Interfaces\{64C820C2-3F21-435A-9233-C82A670E2C81} : DHCPNameServer = 10.0.0.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Notify: igfxcui - igfxdev.dll

AppInit_DLLs= c:\progra~1\google\google~2\GOEC62~1.DLL

LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2014-3-17 573968]

R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2014-3-17 214856]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-6-13 73728]

R2 HomeNetSvc;McAfee Home Network;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]

R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-4-22 1809720]

R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-4-22 857912]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]

R2 McAPExe;McAfee AP Service;c:\program files\mcafee\msc\McAPExe.exe [2014-3-13 145568]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]

R2 mcpltsvc;McAfee Platform Services;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]

R2 mfecore;McAfee Anti-Malware Core;c:\program files\common files\mcafee\amcore\mcshield.exe [2014-3-13 644088]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2014-4-22 169800]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2014-4-22 175480]

R2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe [2012-2-4 34320]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2014-3-17 61400]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-4-22 23256]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-4-22 107736]

R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-4-22 51416]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2014-3-17 236480]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2014-3-17 367776]

R3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\drivers\mfencbdc.sys [2014-1-21 330248]

S2 0302941398207127mcinstcleanup;McAfee Application Installer Cleanup (0302941398207127);c:\windows\temp\030294~1.exe -cleanup -nolog --> c:\windows\temp\030294~1.EXE -cleanup -nolog [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdxserv.exe [2013-6-1 94208]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-6-13 30192]

S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2014-4-22 147912]

S3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-12-4 9216]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.8.130\McCHSvc.exe [2013-9-6 235216]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2014-3-17 66408]

S3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\drivers\mfencrk.sys [2014-1-21 81264]

S3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\drivers\PTDUBus.sys [2009-7-10 29824]

S3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\drivers\PTDUMdm.sys [2009-7-10 41344]

S3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\drivers\PTDUVsp.sys [2009-7-10 39936]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]

S3 ZTEusbgps;ZTE GPS Port;c:\windows\system32\drivers\ZTEusbgps.sys [2010-12-4 105856]

S3 ZTEusbnmeaext;ZTE NMEAExt Port;c:\windows\system32\drivers\ZTEusbnmeaext.sys [2010-12-4 105856]

.

=============== Created Last 30 ================

.

2014-04-22 23:50:32 52440 ----a-w- c:\windows\system32\drivers\lrkmm.sys

2014-04-22 23:09:11 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-04-22 23:04:16 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2014-04-22 23:04:16 51416 ----a-w- c:\windows\system32\drivers\mwac.sys

2014-04-22 23:04:15 23256 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-04-22 23:04:15 -------- d-----w- c:\programdata\Malwarebytes

2014-04-22 23:04:15 -------- d-----w- c:\program files\Malwarebytes Anti-Malware

2014-04-22 22:53:54 147912 ----a-w- c:\windows\system32\drivers\HipShieldK.sys

2014-04-22 22:51:46 175480 ----a-w- c:\windows\system32\mfevtps.exe

2014-03-28 22:57:15 2422272 ----a-w- c:\windows\system32\wucltux.dll

2014-03-28 22:56:42 88576 ----a-w- c:\windows\system32\wudriver.dll

2014-03-28 22:56:30 33792 ----a-w- c:\windows\system32\wuapp.exe

2014-03-28 22:56:30 171904 ----a-w- c:\windows\system32\wuwebv.dll

2014-03-26 18:51:20 -------- d-----w- c:\windows\system32\vi-VN

2014-03-26 18:51:20 -------- d-----w- c:\windows\system32\eu-ES

2014-03-26 18:51:20 -------- d-----w- c:\windows\system32\ca-ES

2014-03-26 16:30:51 -------- d-----w- c:\windows\system32\EventProviders

2014-03-26 16:30:48 -------- d-----w- C:\f985d54476a915c4140f

2014-03-26 16:28:59 88064 ----a-w- c:\windows\system32\fdBth.dll

2014-03-26 16:27:59 99840 ----a-w- c:\windows\system32\ulib.dll

2014-03-26 16:26:41 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll

2014-03-26 16:26:41 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll

2014-03-26 16:26:41 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll

2014-03-26 16:26:41 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll

2014-03-26 16:26:41 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll

2014-03-26 16:26:41 265728 ----a-w- c:\windows\system32\wbem\esscli.dll

2014-03-26 16:26:41 189440 ----a-w- c:\windows\system32\wbem\mofd.dll

2014-03-26 16:26:37 705536 ----a-w- c:\windows\system32\SmiEngine.dll

2014-03-26 16:26:33 218624 ----a-w- c:\windows\system32\wdscore.dll

2014-03-26 16:26:33 130560 ----a-w- c:\windows\system32\PkgMgr.exe

2014-03-26 16:26:22 247808 ----a-w- c:\windows\system32\drvstore.dll

.

==================== Find3M  ====================

.

2014-03-17 23:45:20 61400 ----a-w- c:\windows\system32\drivers\cfwids.sys

2014-03-17 23:38:00 214856 ----a-w- c:\windows\system32\drivers\mfewfpk.sys

2014-03-17 23:31:40 573968 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2014-03-17 23:29:28 367776 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2014-03-17 23:28:32 66408 ----a-w- c:\windows\system32\drivers\mfebopk.sys

2014-03-17 23:27:36 236480 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2014-03-17 23:26:14 134600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2014-03-13 23:49:35 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-02-23 10:53:03 916992 ----a-w- c:\windows\system32\wininet.dll

2014-02-23 10:47:19 43520 ----a-w- c:\windows\system32\licmgr10.dll

2014-02-23 10:46:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2014-02-23 10:46:38 71680 ----a-w- c:\windows\system32\iesetup.dll

2014-02-23 10:46:38 109056 ----a-w- c:\windows\system32\iesysprep.dll

2014-02-23 10:44:41 18944 ----a-w- c:\windows\system32\corpol.dll

2014-02-23 09:12:07 385024 ----a-w- c:\windows\system32\html.iec

2014-02-23 07:25:19 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2014-02-23 07:23:13 1638912 ----a-w- c:\windows\system32\mshtml.tlb

.

============= FINISH: 19:55:53.69 ===============

[TheJoker]

Hi evalowe, and welcome to SWI.
 

Windows Vista Programs updates downloads, tries to update, then says update fails and removing info.

 

Do you mean Windows Update is what's failing (Start > Control Panel > Windows Update)?

 

Please follow the directions in the order listed.
 

 

Please download AdwCleaner by Xplode onto your Desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click the Scan button and wait for the process to complete.
• Click the Report button and the report will open in Notepad.
• NOTE: If you get an error message, it means that nothing was found.  Exit from AdwCleaner.
• Click on the Clean button follow the prompts.
• A log file will automatically open after the scan has finished and the PC has rebooted.
• Please post the content of that log file with your next answer.
• You can find the log file at C:\AdwCleaner

 

Please download Junkware Removal Tool to your Desktop.

• Disconnect from the Internet (unplug your connection to your router or modem).
• Please close your security software to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete, depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
• Restart your security software and reconnect to the Internet.
• Please post the contents of JRT.txt into your reply.

 

Please scan your system with ESET Online Scanner

• Click the "Run ESET Online Scanner" button.
  • For browsers other than Internet Explorer such as Firefox, Chrome, or Opera (Microsoft Internet Explorer users can skip this step) another page will open to download the ESET Smart Installer
  • Click on esetsmartinstaller_enu.exe
  • Save it to your desktop, and double-click to run it.
• Check "YES, I accept the Terms of Use."
• Click the Start button.
• Accept any security warnings from your browser.
• Under scan settings, check "Scan Archives" and "Remove found threats"
• Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click List Threats
• Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• Click the Back button.
• Click the Finish button.

 

Download the below tool
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will create a log (FRST.txt) in the same directory the tool is run.
The first time the tool is run, it makes creates another log (Addition.txt).

Please post the contents of both, each in their own reply.

 

Please post the logs from AdwCleaner, Junkware Removal Tool, ESET Online Scanner, and then each in their own reply (due to length) the logs from FRST (FRST.txt and Addition.txt), and note any errors encountered.

[TheJoker]

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.