Jump to content


Photo

Windows Vista Updater Not Working


  • This topic is locked This topic is locked
3 replies to this topic

#1 evalowe

evalowe

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 22 April 2014 - 06:10 PM

Windows Vista Programs updates downloads, tries to update, then says update fails and removing info.  Also, continual Java update message.

 

Malware Threat Log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 4/22/2014
Scan Time: 7:50:00 PM
Logfile: Malware Threat Log.txt
Administrator: Yes
 
Version: 2.00.1.1004
Malware Database: v2014.04.22.07
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: elowe
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 236348
Time Elapsed: 39 min, 26 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 44
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\INPROCSERVER32, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00A6FAF6-072E-44CF-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 
Trojan.Vundo, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{56256A51-B582-467e-B8D4-7786EDA79AE0}, Quarantined, [025d66c7d9a21d19b4252d197e84ff01], 
Trojan.Vundo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{56256A51-B582-467E-B8D4-7786EDA79AE0}, Quarantined, [025d66c7d9a21d19b4252d197e84ff01], 
PUP.Optional.FunWebProducts.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}, Quarantined, [8cd3ee3f93e838fe0ddd27270cf64eb2], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}, Quarantined, [8cd3ee3f93e838fe0ddd27270cf64eb2], 
PUP.Optional.uTorrentTB.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pacgpkgadgmibnhpdidcnfafllnmeomc, Quarantined, [1748d35af5863df9f82aadc2966c2bd5], 
PUP.Optional.PriceGong.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, Quarantined, [154ad15c3d3ec5715f3f5f1c5ea4ee12], 
Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{00A6FAF1-072E-44cf-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 
Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00A6FAF6-072E-44CF-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\INPROCSERVER32, Quarantined, [1649131a5a212e08f22b61cd92728b75], 
Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 
Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00A6FAF1-072E-44CF-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 
Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{07B18EA1-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\TYPELIB\{07B18EA0-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{07B18EAA-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{07B18EAC-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{AAA9C380-E19A-4436-88F6-02942C31CC9E}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{AAA9C381-E19A-4436-88F6-02942C31CC9E}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\INTERFACE\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\MyWebSearchToolBar.SettingsPlugin.1, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\MyWebSearchToolBar.SettingsPlugin, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{07B18EAB-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{07B18EAB-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\MyWebSearchToolBar.ToolbarPlugin.1, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\MyWebSearchToolBar.ToolbarPlugin, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MyWebSearch bar Uninstall, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\INPROCSERVER32, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{07B18EA1-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{07B18EA1-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
 
Registry Values: 5
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{00A6FAF6-072E-44CF-8957-5838F569A31D}, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{00A6FAF6-072E-44cf-8957-5838F569A31D}, Quarantined, [7ee11716d0ab290df1821a3609f945bb], 
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|My Web Search Bar Search Scope Monitor, "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h, Quarantined, [ea75c7660675e551920e6b3909fa07f9]
Trojan.BHO, HKU\S-1-5-21-3401004667-2012719248-4099272287-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{00A6FAF6-072E-44CF-8957-5838F569A31D}, Quarantined, [1649131a5a212e08f22b61cd92728b75], 
Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{07B18EA9-A523-4961-B6BB-170DE4475CCA}, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
 
Registry Data: 0
(No malicious items detected)
 
Folders: 3
PUP.Optional.FunWebProducts.A, C:\Program Files\FunWebProducts\Installr, Quarantined, [c798e8457dfed95d937b8ad7b74b47b9], 
PUP.Optional.FunWebProducts.A, C:\Program Files\FunWebProducts\Installr\1.bin, Quarantined, [c798e8457dfed95d937b8ad7b74b47b9], 
PUP.Optional.FunWebProducts.A, C:\Program Files\FunWebProducts\Installr\1.bin\chrome, Quarantined, [c798e8457dfed95d937b8ad7b74b47b9], 
 
Files: 5
PUP.Optional.MindSpark.A, C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL, Quarantined, [a4bbdd502f4c7bbb4e255af6fe04c937], 
Trojan.Agent, C:\Windows\System32\f3PSSavr.scr, Quarantined, [441b83aad2a9191d2bfbebe33ec4bc44], 
PUP.Optional.MindSpark, C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE, Quarantined, [ea75c7660675e551920e6b3909fa07f9], 
Trojan.BHO, C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL, Quarantined, [1649131a5a212e08f22b61cd92728b75], 
Trojan.BHO, C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL, Quarantined, [b7a889a4720989ad868e0826ed17db25], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#2 evalowe

evalowe

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 22 April 2014 - 06:13 PM

dds Results:

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.19518  BrowserJavaVersion: 10.51.2
Run by elowe at 19:52:56 on 2014-04-22
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3573.1336 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\system32\lxdxcoms.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\PROGRA~1\COMMON~1\McAfee\Platform\MSM\McSmtFwk.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\elowe\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sdclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8
uWindow Title = Internet Explorer provided by Dell
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.8.130\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"  /MINIMIZED
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [googletalk] "c:\program files\google\google talk\googletalk.exe" /autostart
uRun: [Google Update] "c:\users\elowe\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Easy Dock] <no file>
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.8.130\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{64C820C2-3F21-435A-9233-C82A670E2C81} : DHCPNameServer = 10.0.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\google\google~2\GOEC62~1.DLL
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2014-3-17 573968]
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2014-3-17 214856]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-6-13 73728]
R2 HomeNetSvc;McAfee Home Network;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]
R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-4-22 1809720]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-4-22 857912]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]
R2 McAPExe;McAfee AP Service;c:\program files\mcafee\msc\McAPExe.exe [2014-3-13 145568]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]
R2 mcpltsvc;McAfee Platform Services;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2014-3-13 281560]
R2 mfecore;McAfee Anti-Malware Core;c:\program files\common files\mcafee\amcore\mcshield.exe [2014-3-13 644088]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2014-4-22 169800]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2014-4-22 175480]
R2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe [2012-2-4 34320]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2014-3-17 61400]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-4-22 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-4-22 107736]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-4-22 51416]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2014-3-17 236480]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2014-3-17 367776]
R3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\drivers\mfencbdc.sys [2014-1-21 330248]
S2 0302941398207127mcinstcleanup;McAfee Application Installer Cleanup (0302941398207127);c:\windows\temp\030294~1.exe -cleanup -nolog --> c:\windows\temp\030294~1.EXE -cleanup -nolog [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdxserv.exe [2013-6-1 94208]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-6-13 30192]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2014-4-22 147912]
S3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-12-4 9216]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.8.130\McCHSvc.exe [2013-9-6 235216]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2014-3-17 66408]
S3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\drivers\mfencrk.sys [2014-1-21 81264]
S3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\drivers\PTDUBus.sys [2009-7-10 29824]
S3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\drivers\PTDUMdm.sys [2009-7-10 41344]
S3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\drivers\PTDUVsp.sys [2009-7-10 39936]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S3 ZTEusbgps;ZTE GPS Port;c:\windows\system32\drivers\ZTEusbgps.sys [2010-12-4 105856]
S3 ZTEusbnmeaext;ZTE NMEAExt Port;c:\windows\system32\drivers\ZTEusbnmeaext.sys [2010-12-4 105856]
.
=============== Created Last 30 ================
.
2014-04-22 23:50:32 52440 ----a-w- c:\windows\system32\drivers\lrkmm.sys
2014-04-22 23:09:11 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-22 23:04:16 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-22 23:04:16 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-22 23:04:15 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-22 23:04:15 -------- d-----w- c:\programdata\Malwarebytes
2014-04-22 23:04:15 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-04-22 22:53:54 147912 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2014-04-22 22:51:46 175480 ----a-w- c:\windows\system32\mfevtps.exe
2014-03-28 22:57:15 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-03-28 22:56:42 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-03-28 22:56:30 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-03-28 22:56:30 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-03-26 18:51:20 -------- d-----w- c:\windows\system32\vi-VN
2014-03-26 18:51:20 -------- d-----w- c:\windows\system32\eu-ES
2014-03-26 18:51:20 -------- d-----w- c:\windows\system32\ca-ES
2014-03-26 16:30:51 -------- d-----w- c:\windows\system32\EventProviders
2014-03-26 16:30:48 -------- d-----w- C:\f985d54476a915c4140f
2014-03-26 16:28:59 88064 ----a-w- c:\windows\system32\fdBth.dll
2014-03-26 16:27:59 99840 ----a-w- c:\windows\system32\ulib.dll
2014-03-26 16:26:41 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2014-03-26 16:26:41 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2014-03-26 16:26:41 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2014-03-26 16:26:41 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2014-03-26 16:26:41 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2014-03-26 16:26:41 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2014-03-26 16:26:41 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2014-03-26 16:26:37 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2014-03-26 16:26:33 218624 ----a-w- c:\windows\system32\wdscore.dll
2014-03-26 16:26:33 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2014-03-26 16:26:22 247808 ----a-w- c:\windows\system32\drvstore.dll
.
==================== Find3M  ====================
.
2014-03-17 23:45:20 61400 ----a-w- c:\windows\system32\drivers\cfwids.sys
2014-03-17 23:38:00 214856 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2014-03-17 23:31:40 573968 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2014-03-17 23:29:28 367776 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2014-03-17 23:28:32 66408 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2014-03-17 23:27:36 236480 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2014-03-17 23:26:14 134600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2014-03-13 23:49:35 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-02-23 10:53:03 916992 ----a-w- c:\windows\system32\wininet.dll
2014-02-23 10:47:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-23 10:46:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-23 10:46:38 71680 ----a-w- c:\windows\system32\iesetup.dll
2014-02-23 10:46:38 109056 ----a-w- c:\windows\system32\iesysprep.dll
2014-02-23 10:44:41 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-23 09:12:07 385024 ----a-w- c:\windows\system32\html.iec
2014-02-23 07:25:19 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2014-02-23 07:23:13 1638912 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 19:55:53.69 ===============


#3 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,474 posts

Posted 22 April 2014 - 07:56 PM

Hi evalowe, and welcome to SWI.
 

Windows Vista Programs updates downloads, tries to update, then says update fails and removing info.

 

Do you mean Windows Update is what's failing (Start > Control Panel > Windows Update)?

 

Please follow the directions in the order listed.
 

 

Please download AdwCleaner by Xplode onto your Desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found.  Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner

 

Please download Junkware Removal Tool to your Desktop.

  • Disconnect from the Internet (unplug your connection to your router or modem).
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Restart your security software and reconnect to the Internet.
  • Please post the contents of JRT.txt into your reply.

 

Please scan your system with ESET Online Scanner

  • Click the "Run ESET Online Scanner" button.
    • For browsers other than Internet Explorer such as Firefox, Chrome, or Opera (Microsoft Internet Explorer users can skip this step) another page will open to download the ESET Smart Installer
    • Click on esetsmartinstaller_enu.exe
    • Save it to your desktop, and double-click to run it.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

Download the below tool
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will create a log (FRST.txt) in the same directory the tool is run.
The first time the tool is run, it makes creates another log (Addition.txt).

Please post the contents of both, each in their own reply.

 

Please post the logs from AdwCleaner, Junkware Removal Tool, ESET Online Scanner, and then each in their own reply (due to length) the logs from FRST (FRST.txt and Addition.txt), and note any errors encountered.


Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#4 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,474 posts

Posted 15 May 2014 - 05:32 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005





Member of UNITE
Support SpywareInfo Forum - click the button