Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

cannot update any program.


  • This topic is locked This topic is locked
2 replies to this topic

#1 mashadow

mashadow

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 23 March 2009 - 06:39 PM

ok so im using windows vista and noticed the past week
both vista update and av wont update
and if i go to windowsupdate.com it takes me to google.com
and i sometimes get a blue screen of death to but i do not know where my cds are to reinstall


DDS (Ver_09-03-16.01) - NTFSx86  
Run by mashadow at 23:25:31.25 on 23/03/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_12
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.44.1033.18.766.120 [GMT 0:00]

AV: ZoneAlarm Security Suite Antivirus *On-access scanning enabled* (Outdated)
FW: ZoneAlarm Security Suite Firewall *enabled*

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\ZoneLabs\avsys\ScanningProcess.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\ZoneLabs\avsys\ScanningProcess.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\WButton.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\mashadow\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://internetsearchservice.com
uStart Page = hxxp://hotmail.com/
uSearch Bar = hxxp://internetsearchservice.com/ie6.html
uSearchMigratedDefaultURL = hxxp://internetsearchservice.com/search?q={searchTerms}
uDefault_Search_URL = hxxp://internetsearchservice.com
mDefault_Search_URL = hxxp://internetsearchservice.com
mSearch Page = hxxp://internetsearchservice.com
mSearch Bar = hxxp://internetsearchservice.com/ie6.html
mSearchMigratedDefaultURL = hxxp://internetsearchservice.com/search?q={searchTerms}
uInternet Settings,ProxyServer = 127.0.0.1:8081
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://internetsearchservice.com
mSearchURL = hxxp://internetsearchservice.com
mSearchAssistant = hxxp://internetsearchservice.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Veoh Browser Plug-in: {d0943516-5076-4020-a3b5-aefaf26ab263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: {4064EA35-578D-4073-A834-C96D82CBCF40} - No File
uRun: [<NO NAME>] 
uRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
uRun: [CROCS] c:\program files\crocs\CROCS.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [LaunchAp] c:\program files\launch manager\LaunchAp.exe
mRun: [HotkeyApp] c:\program files\launch manager\HotkeyApp.exe
mRun: [LMgrVolOSD] c:\program files\launch manager\OSD.exe
mRun: [LMgrOSD] c:\program files\launch manager\OSDCtrl.exe
mRun: [Wbutton] "c:\program files\launch manager\Wbutton.exe"
mRun: [CtrlVol] c:\program files\launch manager\CtrlVol.exe
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
StartupFolder: c:\users\mashadow\appdata\roaming\micros~1\windows\startm~1\programs\startup\ccc.lnk - c:\program files\ati technologies\ati.ace\core-static\CCC.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.4.2\gears.dll
Trusted Zone: live.com\login
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: microsoft.com\update
Trusted Zone: windowsupdate.com
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
TCP: NameServer = 85.255.116.133,85.255.112.195
TCP: {9392C741-8C23-4FDF-824F-ADFE0B0D387D} = 85.255.116.133,85.255.112.195

================= FIREFOX ===================

FF - ProfilePath - c:\users\mashadow\appdata\roaming\mozilla\firefox\profiles\xoout85w.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: network.proxy.type - 2
FF - component: c:\program files\mozilla firefox\components\CheckTudouVa.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll

============= SERVICES / DRIVERS ===============

R1 Hotkey;Hotkey;c:\windows\system32\drivers\HOTKEY.sys [2008-4-3 9867]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]

=============== Created Last 30 ================

2009-03-23 17:31	153,512,329	a-------	c:\windows\MEMORY.DMP
2009-03-22 20:23	<DIR>	--d-----	c:\users\mashadow\appdata\roaming\MailFrontier
2009-03-22 20:19	<DIR>	--d-----	c:\programdata\Kaspersky SDK
2009-03-22 20:19	<DIR>	--d-----	c:\progra~2\Kaspersky SDK
2009-03-22 20:18	8,454,112	a--sh---	c:\windows\system32\drivers\fidbox.dat
2009-03-22 20:18	82,664	a--sh---	c:\windows\system32\drivers\fidbox.idx
2009-03-22 20:11	170,496	a-------	c:\windows\system32\tcpipcfg.dll
2009-03-22 20:11	22,528	a-------	c:\windows\system32\netiougc.exe
2009-03-22 20:09	72,584	a-------	c:\windows\zllsputility.exe
2009-03-22 20:07	1,221,512	a-------	c:\windows\system32\zpeng25.dll
2009-03-22 20:07	<DIR>	--d-----	c:\program files\Zone Labs
2009-03-22 20:05	351,219	a---h---	c:\windows\system32\drivers\vsconfig.xml
2009-03-22 20:05	293,528	a-------	c:\windows\system32\drivers\vsdatant.sys
2009-03-19 14:12	<DIR>	--d-----	c:\program files\common files\NSV
2009-03-17 00:46	<DIR>	--d-----	c:\programdata\ESET
2009-03-05 06:02	87	----h---	C:\Links.ini
2009-03-05 06:02	21	----h---	C:\Settings.ini
2009-03-04 06:15	454	---shr--	C:\autorun.inf
2009-03-02 04:43	<DIR>	--d-----	c:\programdata\Yahoo!
2009-03-02 04:42	<DIR>	--d-----	c:\program files\Yahoo!
2009-02-26 18:46	42,320	a-------	c:\windows\system32\xfcodec.dll
2009-02-26 02:56	8,147,456	a-------	c:\windows\system32\wmploc.DLL
2009-02-26 02:56	7,680	a-------	c:\windows\system32\spwmp.dll
2009-02-26 02:56	4,096	a-------	c:\windows\system32\msdxm.ocx
2009-02-26 02:56	4,096	a-------	c:\windows\system32\dxmasf.dll

==================== Find3M  ====================

2009-03-22 20:06	51,200	a-------	c:\windows\inf\infpub.dat
2009-03-22 20:06	86,016	a-------	c:\windows\inf\infstrng.dat
2009-03-22 20:06	86,016	a-------	c:\windows\inf\infstor.dat
2009-03-05 17:14	410,984	a-------	c:\windows\system32\deploytk.dll
2009-02-06 18:52	49,504	a-------	c:\windows\system32\sirenacm.dll
2009-01-15 06:11	827,392	a-------	c:\windows\system32\wininet.dll
2009-01-12 03:49	174	a--sh---	c:\program files\desktop.ini
2009-01-12 03:38	665,600	a-------	c:\windows\inf\drvindex.dat
2009-01-12 03:25	101,888	a-------	c:\windows\system32\ifxcardm.dll
2009-01-12 03:25	82,432	a-------	c:\windows\system32\axaltocm.dll
2009-01-12 02:50	152,576	a-------	c:\windows\system32\SPWizUI.dll
2009-01-12 02:50	47,560	a-------	c:\windows\system32\SPReview.exe
2008-07-04 16:22	4,516,593	a-------	c:\program files\HLSW.rar
2006-11-02 12:42	287,440	a-------	c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42	287,440	a-------	c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 12:42	30,674	a-------	c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42	30,674	a-------	c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 09:20	287,440	a-------	c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20	287,440	a-------	c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20	30,674	a-------	c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20	30,674	a-------	c:\windows\inf\perflib\0000\perfc.dat
2008-12-22 03:18	16,384	a--sh---	c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-12-22 03:18	32,768	a--sh---	c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-12-22 03:18	16,384	a--sh---	c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 23:33:32.01 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:10:43 PM

Posted 31 March 2009 - 06:32 PM

Hello mashadow,

Posted Image

Sorry about the delay.:thumbup2: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Please do this:
1. Download HijackThis™ here:
http://www.trendsecure.com/portal/en-US/th.../hijackthis.php

2. Click 'Do a System Scan and Save log'.
The HJT log will open in notepad.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:10:43 PM

Posted 08 April 2009 - 08:35 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users