Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Lavasoft Search redirect hijack

(In Progress)
(!)

Tartansprite's Avatar
Tartansprite Tartansprite is offline
Member with 45 posts.
THREAD STARTER
 
Join Date: Feb 2013
28-Feb-2013, 07:10 PM #16
ps.. just being nosey Mark, do you get paid for this somehow on this site, or do you also work on other sites for which you do get paid for, or is this an expert hobby of yours or ...??!
Mark1956's Avatar
Malware Removal Specialist with 13,961 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
28-Feb-2013, 07:51 PM #17
It's just a hobby as is the case for all the helpers.

How is the system running now, the logs indicate the redirect has been removed.
Tartansprite's Avatar
Tartansprite Tartansprite is offline
Member with 45 posts.
THREAD STARTER
 
Join Date: Feb 2013
01-Mar-2013, 04:04 AM #18
ps I still can't install Vista Service Pack 2 but everything else looks good to me and the hijack has indeed been cleared out!
Mark1956's Avatar
Malware Removal Specialist with 13,961 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
01-Mar-2013, 04:40 AM #19
Good news with the hijack, there are some other things that need to be dealt with then we shall see about the update issue. You have multiple outdated versions of Java installed, please run this scan which will also show us if anything else that poses a security risk needs updating.

Download Security Check by screen317 from Here or Here.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please Copy & Paste the contents of that document into your next reply.
__________________
Please Copy & Paste scan results into your replies, DO NOT send them as attachments or in Code or Quote boxes unless asked to.
Tartansprite's Avatar
Tartansprite Tartansprite is offline
Member with 45 posts.
THREAD STARTER
 
Join Date: Feb 2013
01-Mar-2013, 05:48 PM #20
Thank you very much Mark for your continued voluntary assistance!


Results of screen317's Security Check version 0.99.60
Windows Vista Service Pack 1 x86 (UAC is enabled)
Out of date service pack!!
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.70.0.1100
CCleaner
Java(TM) 6 Update 22
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java version out of Date!
Adobe Reader 10.1.6 Adobe Reader out of Date!
Google Chrome 24.0.1312.57
Google Chrome 25.0.1364.97
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSASCui.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Windows Defender MSASCui.exe
Kaspersky Lab Kaspersky Internet Security 2012 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````
Mark1956's Avatar
Malware Removal Specialist with 13,961 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
01-Mar-2013, 09:24 PM #21
You're most welcome.

Follow these guides to update Adobe Reader and Java, you can leave IE9 until after we fix the SP2 issue.

Let me know when done and we shall continue.

Adobe
Close any programs you may have running - especially your web browser.
Click on Start > Control Panel, double-click on Programs and Features and uninstall the following Adobe entries:

Adobe Reader 10.1.6

NOTE: For XP click on > Control Panel, double-click on Add or Remove Programs and continue as above.

Then go to this link Adobe Downloads and select the latest version to download and install. You will see this page below, click on the appropriate button for for the Adobe product that was just removed.



You will now see a page similar to this one:



All four Adobe products, Reader, Flash Player, Air and Shockwave Player are set by default to download the version for Windows Operating Systems and for Internet Explorer in English. If you are using a Macintosh, or you want to use the Adobe product with a different Browser or language you must click on the line (as indicated in the above image) to make further selections to meet your requirements.

As you will see in the above image the Adobe Reader is set for Windows 7, please click (as indicated) if you are using a different version of Windows to make further selections. All the other Adobe products are universal and you will only need to change the selection for different Browsers, Languages or for Macintosh.
NOTE: In all the downloads look out for the Google Toolbar and uncheck the box if you do not need it.

Some additional instructions may appear for XP installations. In all cases save the download to your desktop, then close your browser and double click on the Adobe icon on your desktop to install it. If you have any problems installing, disconnect from the internet and disable your Anti Virus and any other security software, instructions for most AV's, etc. can be found here: How to disable security software.

============================================================

How to update Java:
Be aware that the act of downloading any Java installer means that you have read and agree to abide by the end users license agreement.
End user licence agreement

First uninstall all existing versions of Java.
  • Go to Start > Control Panel double-click on Add/Remove programs (or Programs and Features) and click on any item with Java, Java(TM), JRE or J2SE in the name.
  • Click the Uninstall, Remove or Change/Remove button and allow it to uninstall.
  • If a User Account Control warning appears click on Allow.
  • Repeat as many times as necessary to remove each and every item.
  • Reboot your computer once all Java components are removed.

NOTE: If you have a 64bit version of Windows and are using the 64bit version of Internet Explorer the Java site will automatically give you the correct Java version using the instructions below,
but it is recommended that you use only 32bit browsers and versions of Java. Please read this for further information: Which Java download should I choose for my 64bit operating system?.
If you install Java for the 64bit version of Internet Explorer and you use any other browser you will also need to repeat the installation while using your other browser which will most likely be 32bit. If in doubt please ask.


How to install the latest version.
  • Open the browser that you normally use and click on this link: Java Download
  • Click on the big red button Free Java Download
  • On the next page click on the big red button Agree and Start Free Download
  • Select Run whenever the option appears. If no Run option appears click on Save and then when the download completes click on Run. If a User Account Control warning appears click on Continue.
  • When the Welcome to Java window appears click on Install.
  • It may takes several minutes to download the installer depending on the speed of your connection, allow it to complete.
  • If any error messages appear click on OK and then click on the Agree and start free download button again.
  • Please wait for the Java Setup window to appear. Uncheck the box to install the Ask Toolbar and then click on Next.
  • NOTE: The Ask Toolbar option may change without notice to something different, please make sure you uncheck the box for anything else that is offered. On some systems this offer may not appear, in which case, continue with the next instruction.
  • You will then see the Java Setup Progress window and another will appear for JavaFX (on some systems the JavaFX will not appear or be installed). Finally the Java Setup Complete window will appear, click on Close.
  • If a Java page then appears with a button to Verify Java Version click on it and it will verify the installation.
  • The Installation is now complete, please reboot the system.
  • NOTE: The JavaFX component is not required unless you are developing Java applications. It is perfectly safe to keep on your system, but if you wish to uninstall it please do so.
Tartansprite's Avatar
Tartansprite Tartansprite is offline
Member with 45 posts.
THREAD STARTER
 
Join Date: Feb 2013
02-Mar-2013, 09:52 AM #22
Ok so that is done. Adobe would not install so i both disabled Kaspersky and moved to Explorer from Chrome. I missed out putting it into desktop but it installed anyway.

The bad news - using internet explorer meant that I was facing Lavasoft secure search again

I managed to change the settings though and it doesn't seem to have come back. Phew!
Mark1956's Avatar
Malware Removal Specialist with 13,961 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
02-Mar-2013, 11:02 AM #23
So the Lavasoft bug is still on the system, you didn't state what settings you changed, but go into IE, click on Tools then Manage Add-ons, see if there is anything showing for Lavasoft or Ad-Aware and disable it. Let me know what you find.

Now lets see if we can fix the update problem. We will start with this:

Step 1: Verify the relevant Windows Update services
=======================================
  • Click on Start, type services.msc in the open box and click OK.
  • Double click the service Background Intelligent Transfer Service.
  • Click on the General tab; make sure the Startup Type is set to Automatic. Then please click the Start button under Service Status to start the service.
  • Please repeat the above steps with another service: Windows Update

NOTE: If one of the two services is missing, please let me know.

Step 2: Rename the Windows Update Softwaredistribution folder
=================================================
One possible cause is that Windows Update's temporary folder contains corrupted files. This step will remove the Download folder, which contains the update installation files. After renaming this folder a new one will automatically be created. This will have no negative effect on your computer's performance.

  • Click Start and type cmd in the Search box then right click on cmd in the pop up and select Run as Administrator. This will open the Command Prompt window, at the Command Prompt, type net stop wuauserv and press Enter (Leave the Command Prompt open).
  • Click Start and type %windir% in the Search box and press Enter.
  • Double-click the SoftwareDistribution folder.
  • In the opened folder, rename the folder Download to Download.old.
  • Go back to the Command Prompt and type net start WuAuServ and press Enter.
  • Close all the open windows and see if the update problem is resolved.

NOTE: After resolving this Windows Update issue, please feel free to delete the Download.old folder.

If that fails, click on Start and type:

%windir%\WindowsUpdate.log

in the search box & press Enter, Copy & Paste the last 100-150 lines in your next reply.
Tartansprite's Avatar
Tartansprite Tartansprite is offline
Member with 45 posts.
THREAD STARTER
 
Join Date: Feb 2013
02-Mar-2013, 03:50 PM #24
uh oh ... I see AddLyrics come up under the tools section !!! Do I need to cancel my bank card since I used it on Chrome thinking I was now safe?
Tartansprite's Avatar
Tartansprite Tartansprite is offline
Member with 45 posts.
THREAD STARTER
 
Join Date: Feb 2013
02-Mar-2013, 04:30 PM #25
ps... Windows still failed to install updates after carrying out above instructions. Eagerly awaiting next advice re this and AddLyrics! Never a dull moment!

2013-03-02 20:22:42:282 1260 8cc AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:43:296 1260 bfc AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:43:325 1260 bfc AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:44:310 1260 bfc AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:45:324 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:45:337 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:46:338 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:47:351 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:47:371 1260 1750 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:48:365 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:49:363 1260 1750 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:49:379 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:50:394 1260 1750 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:51:374 1260 1750 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:51:407 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:52:421 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:53:388 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:53:435 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:54:459 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:55:401 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:55:462 1260 1750 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:56:477 1260 1750 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:57:384 1260 1268 Agent * Added update {A6BB1C02-B874-4A1C-9B00-16E9B1C42473}.103 to search result
2013-03-02 20:22:57:384 1260 1268 Agent * Added update {0BC0E502-52B6-492E-8856-14B84973C615}.106 to search result
2013-03-02 20:22:57:384 1260 1268 Agent * Added update {7A25C7EC-3798-4413-A493-57A259D18959}.104 to search result
2013-03-02 20:22:57:384 1260 1268 Agent Update {FF434E78-8B6A-4860-BD0F-4AC472E29063}.101 is pruned out due to potential supersedence
2013-03-02 20:22:57:384 1260 1268 Agent Update {566B95D4-66F6-47BA-8953-02CAEA29022C}.101 is pruned out due to potential supersedence
2013-03-02 20:22:57:384 1260 1268 Agent Update {B932D155-4C7F-4CBC-8527-D5DF17B0A220}.101 is pruned out due to potential supersedence
2013-03-02 20:22:57:384 1260 1268 Agent Update {B6C0F3C6-C368-4A76-A3BF-BE068C7358F0}.101 is pruned out due to potential supersedence
2013-03-02 20:22:57:384 1260 1268 Agent * Added update {3A780427-54C3-4BD3-815C-2E2B1095DE45}.103 to search result
2013-03-02 20:22:57:384 1260 1268 Agent * Added update {AAE5E2C7-3498-4F43-AF66-AEC06A59713F}.102 to search result
2013-03-02 20:22:57:385 1260 1268 Agent * Added update {2E15FA43-F122-4FD5-9EB0-D46E430A7439}.111 to search result
2013-03-02 20:22:57:385 1260 1268 Agent * Added update {87E3E2FA-70E5-4B90-83EE-A16F41569A11}.111 to search result
2013-03-02 20:22:57:385 1260 1268 Agent * Added update {58342C71-E20B-47F1-A04A-BC973A3B9F2E}.103 to search result
2013-03-02 20:22:57:385 1260 1268 Agent Update {D6F5EEF2-B0B3-4939-8E72-52DF78032FA4}.102 is pruned out due to potential supersedence
2013-03-02 20:22:57:385 1260 1268 Agent * Added update {3A434D1C-BC51-4762-A37F-50ECACD9CEF4}.102 to search result
2013-03-02 20:22:57:385 1260 1268 Agent * Added update {7EB1975D-D046-486B-B6C3-328BDDFC6AF3}.200 to search result
2013-03-02 20:22:57:385 1260 1268 Agent * Added update {C291A8B1-7657-47ED-B7C5-D4F4A9CD1E28}.203 to search result
2013-03-02 20:22:57:385 1260 1268 Agent * Added update {B9337BD8-6297-477A-BB03-3E10BF677D8C}.104 to search result
2013-03-02 20:22:57:385 1260 1268 Agent * Added update {5BD72FC8-8BDB-458A-95B8-4372212FE3CE}.201 to search result
2013-03-02 20:22:57:385 1260 1268 Agent * Found 13 updates and 78 categories in search; evaluated appl. rules of 1273 out of 2588 deployed entities
2013-03-02 20:22:57:412 1260 1750 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:57:490 1260 1750 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:59:223 1260 1750 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:59:423 1260 1750 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:22:59:519 1260 1750 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:00:419 1260 1268 Agent *********
2013-03-02 20:23:00:419 1260 1268 Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-03-02 20:23:00:419 1260 1268 Agent *************
2013-03-02 20:23:00:450 1260 1664 AU >>## RESUMED ## AU: Search for updates [CallId = {C9A2F978-C271-40B9-BA23-635CBA4DE8A7}]
2013-03-02 20:23:00:467 1260 1268 Report REPORT EVENT: {F552E738-9926-426D-8F75-40EE61628ABA} 2013-03-02 20:21:13:546-0000 1 188 102 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Content Install Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on ‎03 ‎March ‎2013 at 03:00: - Security Update for Microsoft Office 2007 suites (KB2596615) - Security Update for Microsoft Office 2007 suites (KB2596785) - Update for Microsoft Office 2007 suites (KB2596848) - Security Update for Microsoft Office 2007 suites (KB2596672) - Security Update for Microsoft Office 2007 suites (KB2687499) - Security Update for Microsoft Office PowerPoint 2007 (KB2596843)
2013-03-02 20:23:00:467 1260 1268 Report REPORT EVENT: {C813D9D5-99FF-4DE2-BB80-6DB85D510D1D} 2013-03-02 20:21:16:180-0000 1 202 102 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Content Install Reboot completed.
2013-03-02 20:23:00:468 1260 1664 AU # 13 updates detected
2013-03-02 20:23:00:526 1260 1664 AU #########
2013-03-02 20:23:00:526 1260 1664 AU ## END ## AU: Search for updates [CallId = {C9A2F978-C271-40B9-BA23-635CBA4DE8A7}]
2013-03-02 20:23:00:526 1260 1664 AU #############
2013-03-02 20:23:00:526 1260 1664 AU No featured updates notifications to show
2013-03-02 20:23:00:527 1260 1664 AU Currently showing Progress UX client - so not launching any other client
2013-03-02 20:23:02:689 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:02:713 1260 8d8 AU Getting featured update notifications. fIncludeDismissed = true
2013-03-02 20:23:02:713 1260 8d8 AU No featured updates available.
2013-03-02 20:23:02:940 1260 1268 Report CWERReporter finishing event handling. (00000000)
2013-03-02 20:23:03:320 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:03:322 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:03:325 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:03:335 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:03:450 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:03:576 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:03:997 1260 e50 DnldMgr WARNING: Preparing update for install, updateId = {B37927ED-A1B4-4269-B132-A3D2CC63FB9A}.102 (using payload from revision 101).
2013-03-02 20:23:04:232 1260 e50 DnldMgr WARNING: Update invalid. Error is 0x80246007.
2013-03-02 20:23:04:234 1260 1664 AU >>## RESUMED ## AU: Installing update [UpdateId = {3A434D1C-BC51-4762-A37F-50ECACD9CEF4}]
2013-03-02 20:23:04:235 1260 1664 AU # WARNING: Install failed, error = 0x80246007 / 0x80246007
2013-03-02 20:23:04:589 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:05:460 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:05:603 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:05:828 1260 e50 DnldMgr WARNING: Preparing update for install, updateId = {FEF8DF4E-E48C-49B0-8970-C9722CC10D29}.111 (using payload from revision 106).
2013-03-02 20:23:05:834 1260 e50 DnldMgr WARNING: Update invalid. Error is 0x80246007.
2013-03-02 20:23:05:838 1260 1664 AU >>## RESUMED ## AU: Installing update [UpdateId = {2E15FA43-F122-4FD5-9EB0-D46E430A7439}]
2013-03-02 20:23:05:838 1260 1664 AU # WARNING: Install failed, error = 0x80246007 / 0x80246007
2013-03-02 20:23:05:875 1260 e50 DnldMgr Preparing update for install, updateId = {A090C88E-5E6F-4BE0-A9D3-604DD20720F0}.200.
2013-03-02 20:23:05:878 1260 e50 DnldMgr WARNING: Update invalid. Error is 0x80246007.
2013-03-02 20:23:05:879 1260 1664 AU >>## RESUMED ## AU: Installing update [UpdateId = {7EB1975D-D046-486B-B6C3-328BDDFC6AF3}]
2013-03-02 20:23:05:879 1260 1664 AU # WARNING: Install failed, error = 0x80246007 / 0x80246007
2013-03-02 20:23:05:968 1260 e50 DnldMgr WARNING: Preparing update for install, updateId = {1A45A928-F39F-4118-9434-E8336A889535}.103 (using payload from revision 102).
2013-03-02 20:23:05:990 1260 e50 DnldMgr WARNING: Update invalid. Error is 0x80246007.
2013-03-02 20:23:05:993 1260 1664 AU >>## RESUMED ## AU: Installing update [UpdateId = {58342C71-E20B-47F1-A04A-BC973A3B9F2E}]
2013-03-02 20:23:05:993 1260 1664 AU # WARNING: Install failed, error = 0x80246007 / 0x80246007
2013-03-02 20:23:06:029 1260 e50 DnldMgr Preparing update for install, updateId = {23F516A7-9724-4A1D-B181-DA197C4BD994}.201.
2013-03-02 20:23:06:046 1260 e50 DnldMgr WARNING: Update invalid. Error is 0x80246007.
2013-03-02 20:23:06:049 1260 1664 AU >>## RESUMED ## AU: Installing update [UpdateId = {5BD72FC8-8BDB-458A-95B8-4372212FE3CE}]
2013-03-02 20:23:06:050 1260 1664 AU # WARNING: Install failed, error = 0x80246007 / 0x80246007
2013-03-02 20:23:06:051 1260 1268 Report REPORT EVENT: {709891A5-38BE-4CAD-A4EB-07F85370AEE8} 2013-03-02 20:23:04:233-0000 1 182 101 {3A434D1C-BC51-4762-A37F-50ECACD9CEF4} 102 80246007 AutomaticUpdates Failure Content Install Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft Office 2007 suites (KB2596615).
2013-03-02 20:23:06:051 1260 1268 Report REPORT EVENT: {CD775C44-DC18-42AF-96C7-E91423A2F083} 2013-03-02 20:23:05:835-0000 1 182 101 {2E15FA43-F122-4FD5-9EB0-D46E430A7439} 111 80246007 AutomaticUpdates Failure Content Install Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft Office 2007 suites (KB2596785).
2013-03-02 20:23:06:051 1260 1268 Report REPORT EVENT: {16513D2F-8C9E-48C0-93E7-2DAE07A10C4C} 2013-03-02 20:23:05:879-0000 1 182 101 {7EB1975D-D046-486B-B6C3-328BDDFC6AF3} 200 80246007 AutomaticUpdates Failure Content Install Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Microsoft Office 2007 suites (KB2596848).
2013-03-02 20:23:06:051 1260 1268 Report REPORT EVENT: {F62D84AB-C1B4-4161-B2BE-2A14B5D791F7} 2013-03-02 20:23:05:992-0000 1 182 101 {58342C71-E20B-47F1-A04A-BC973A3B9F2E} 103 80246007 AutomaticUpdates Failure Content Install Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft Office 2007 suites (KB2596672).
2013-03-02 20:23:06:051 1260 1268 Report REPORT EVENT: {F347FF22-3BEC-4A93-9026-9B9913679E37} 2013-03-02 20:23:06:047-0000 1 182 101 {5BD72FC8-8BDB-458A-95B8-4372212FE3CE} 201 80246007 AutomaticUpdates Failure Content Install Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft Office 2007 suites (KB2687499).
2013-03-02 20:23:06:080 1260 e50 DnldMgr WARNING: Preparing update for install, updateId = {73837D4F-8B1D-45BB-AC0C-1AD28EB982C2}.111 (using payload from revision 106).
2013-03-02 20:23:06:108 1260 e50 DnldMgr WARNING: Update invalid. Error is 0x80246007.
2013-03-02 20:23:06:110 1260 1664 AU >>## RESUMED ## AU: Installing update [UpdateId = {87E3E2FA-70E5-4B90-83EE-A16F41569A11}]
2013-03-02 20:23:06:110 1260 1664 AU # WARNING: Install failed, error = 0x80246007 / 0x80246007
2013-03-02 20:23:06:141 1260 e50 Agent *********
2013-03-02 20:23:06:141 1260 1664 AU Install call completed.
2013-03-02 20:23:06:141 1260 e50 Agent ** END ** Agent: Installing updates [CallerId = AutomaticUpdates]
2013-03-02 20:23:06:142 1260 1664 AU # WARNING: Install call completed, reboot required = No, error = 0x00000000
2013-03-02 20:23:06:142 1260 e50 Agent *************
2013-03-02 20:23:06:142 1260 1664 AU #########
2013-03-02 20:23:06:142 1260 1664 AU ## END ## AU: Installing updates [CallId = {F8F5B4C8-9F21-41CE-ADD8-FBC3CA811136}]
2013-03-02 20:23:06:142 1260 1664 AU #############
2013-03-02 20:23:06:142 1260 1664 AU Install complete for all calls, reboot NOT needed
2013-03-02 20:23:06:143 1260 1664 AU Setting AU scheduled install time to 2013-03-03 03:00:00
2013-03-02 20:23:06:200 1260 8d8 AU Getting featured update notifications. fIncludeDismissed = true
2013-03-02 20:23:06:200 1260 8d8 AU No featured updates available.
2013-03-02 20:23:06:284 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:06:704 1260 1268 Report CWERReporter::HandleEvents - WER report upload completed with status 0x8
2013-03-02 20:23:06:704 1260 1268 Report WER Report sent: 7.4.7600.226 0x80246007 3A434D1C-BC51-4762-A37F-50ECACD9CEF4 Install 101 Unmanaged
2013-03-02 20:23:06:778 1260 1268 Report CWERReporter::HandleEvents - WER report upload completed with status 0x8
2013-03-02 20:23:06:779 1260 1268 Report WER Report sent: 7.4.7600.226 0x80246007 2E15FA43-F122-4FD5-9EB0-D46E430A7439 Install 101 Unmanaged
2013-03-02 20:23:06:874 1260 1268 Report CWERReporter::HandleEvents - WER report upload completed with status 0x8
2013-03-02 20:23:06:874 1260 1268 Report WER Report sent: 7.4.7600.226 0x80246007 7EB1975D-D046-486B-B6C3-328BDDFC6AF3 Install 101 Unmanaged
2013-03-02 20:23:06:954 1260 1268 Report CWERReporter::HandleEvents - WER report upload completed with status 0x8
2013-03-02 20:23:06:954 1260 1268 Report WER Report sent: 7.4.7600.226 0x80246007 58342C71-E20B-47F1-A04A-BC973A3B9F2E Install 101 Unmanaged
2013-03-02 20:23:07:037 1260 1268 Report CWERReporter::HandleEvents - WER report upload completed with status 0x8
2013-03-02 20:23:07:037 1260 1268 Report WER Report sent: 7.4.7600.226 0x80246007 5BD72FC8-8BDB-458A-95B8-4372212FE3CE Install 101 Unmanaged
2013-03-02 20:23:07:037 1260 1268 Report CWERReporter finishing event handling. (00000000)
2013-03-02 20:23:07:473 1260 8d8 AU All updates already downloaded, setting percent complete to 100
2013-03-02 20:23:07:476 1260 1750 AU No featured updates notifications to show
2013-03-02 20:23:07:482 1260 1750 AU UpdateDownloadProperties: 0 download(s) are still in progress.
2013-03-02 20:23:07:494 1260 1750 AU Triggering Offline detection (non-interactive)
2013-03-02 20:23:07:498 1260 1750 AU AU setting pending client directive to 'Install Complete Ux'
2013-03-02 20:23:07:508 1260 1750 AU Changing existing AU client directive from 'Progress Ux' to 'Install Complete Ux', session id = 0x1
2013-03-02 20:23:07:512 1260 1750 AU AU setting pending client directive to 'Install Approval'
2013-03-02 20:23:07:520 1260 1750 AU Changing existing AU client directive from 'Install Complete Ux' to 'Install Approval', session id = 0x1
2013-03-02 20:23:07:651 1260 16cc AU #############
2013-03-02 20:23:07:651 1260 16cc AU ## START ## AU: Search for updates
2013-03-02 20:23:07:651 1260 16cc AU #########
2013-03-02 20:23:07:661 1260 16cc AU <<## SUBMITTED ## AU: Search for updates [CallId = {2456DC49-B702-42FD-9A22-5E6922966A22}]
2013-03-02 20:23:07:662 1260 1268 Agent *************
2013-03-02 20:23:07:662 1260 1268 Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-03-02 20:23:07:662 1260 1268 Agent *********
2013-03-02 20:23:07:662 1260 1268 Agent * Online = No; Ignore download priority = No
2013-03-02 20:23:07:662 1260 1268 Agent * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
2013-03-02 20:23:07:662 1260 1268 Agent * ServiceID = {7971F918-A847-4430-9279-4A52D1EFE18D} Third party service
2013-03-02 20:23:07:662 1260 1268 Agent * Search Scope = {Machine}
2013-03-02 20:23:45:645 1260 1268 Driver Matched driver to device PCI\VEN_8086&DEV_29C2&SUBSYS_020D1028&REV_02
2013-03-02 20:23:45:645 1260 1268 Driver Status: 0x180200a, ProblemNumber: 00000000
2013-03-02 20:23:45:646 1260 1268 Driver Matched driver to device HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_1028020D&REV_1000
2013-03-02 20:23:45:646 1260 1268 Driver Status: 0x180200a, ProblemNumber: 00000000
2013-03-02 20:23:45:646 1260 1268 Driver Matched driver to device MONITOR\DELD017
2013-03-02 20:23:45:646 1260 1268 Driver Status: 0x180600a, ProblemNumber: 00000000
2013-03-02 20:23:47:285 1260 1268 Agent WARNING: Failed to evaluate Installable rule, updateId = {DEA79BA4-19AA-4013-903E-AD2A16AE96D0}.101, hr = 80070663
2013-03-02 20:23:50:353 1260 1268 Agent WARNING: Failed to evaluate Installable rule, updateId = {99BFDF7D-BF40-4E12-BA30-FD74DF6097CA}.102, hr = 80070663
2013-03-02 20:23:50:584 1260 1268 Agent WARNING: Failed to evaluate Installable rule, updateId = {E5F58086-4B7B-4395-BC39-5009AAA81AB4}.111, hr = 80070663
2013-03-02 20:23:50:613 1260 1268 Agent WARNING: Failed to evaluate Installable rule, updateId = {180A5369-1037-4E82-B720-527D8A86C5BF}.101, hr = 80070663
2013-03-02 20:23:50:633 1260 1268 Agent WARNING: Failed to evaluate Installable rule, updateId = {F7DD590E-C8D4-4474-B619-3B80A0D04CE9}.103, hr = 80070663
2013-03-02 20:23:51:220 1260 1268 Agent WARNING: Failed to evaluate Installable rule, updateId = {A671CE03-B748-4EE3-B961-13C925E1D381}.200, hr = 80070663
Mark1956's Avatar
Malware Removal Specialist with 13,961 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
02-Mar-2013, 07:16 PM #26
First thing, you didn't fully respond to this: So the Lavasoft bug is still on the system, you didn't state what settings you changed, but go into IE, click on Tools then Manage Add-ons, see if there is anything showing for Lavasoft or Ad-Aware and disable it. Let me know what you find.

I see AddLyrics come up under the tools section
. Under the Tools section where? Or do you mean in the Add-ons list in IE, did you uninstall/disable it?

Your credit card details should be quite safe, it is only bad Malware like Rootkits that can steel personal details.

Follow this guide and see if doing a manual install will work: SP2

On the bottom of this page it shows the site time, are you on the same time zone, if not how far before or after?
Tartansprite's Avatar
Tartansprite Tartansprite is offline
Member with 45 posts.
THREAD STARTER
 
Join Date: Feb 2013
02-Mar-2013, 09:49 PM #27
Easy answers first... Time zone is GMT. Greenwich is up the road 15 miles away.

AddLyrics came up under tool bars and extensions. It is enabled and the disable option is disabled. There is nothing about lavasoft/delta search or add aware under tool bars or search providers. I disabled the lavasoft search by right click over Search and left click over the spanner bringing up search options. I think a couple of boxes were unticked. Set and keep google as default search engine, and make Google my home page. My recollection is I had to tick both in that order to finally rid the Lavasoft,

That's a relief re the bank cards.
Tartansprite's Avatar
Tartansprite Tartansprite is offline
Member with 45 posts.
THREAD STARTER
 
Join Date: Feb 2013
03-Mar-2013, 06:06 AM #28
ps Good news Windows updated successfully overnight.
Mark1956's Avatar
Malware Removal Specialist with 13,961 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
03-Mar-2013, 08:36 AM #29
Great news about SP2, now go into Windows update and check for any new updates that might be available and see if it will install them.

AddLyrics is known Adware so we need to deal with it, have a look in Programs & Features and see if it shows in the list, if so uninstall it. Regardless of you finding it, then run ADWCleaner and post the log.
Tartansprite's Avatar
Tartansprite Tartansprite is offline
Member with 45 posts.
THREAD STARTER
 
Join Date: Feb 2013
03-Mar-2013, 12:50 PM #30
Here's ADW log then. Addlyrics is hiding from programs and features so nothing to report from there. What next I wonder? Also are you in sunny Spain as reported by Tech Guy.....noseyme!


# AdwCleaner v2.113 - Logfile created 03/03/2013 at 15:57:38
# Updated 23/02/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : millymatt - MILLYMATT-PC
# Boot Mode : Normal
# Running from : C:\Users\millymatt\Desktop\adwcleaner (4).exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : HKU\S-1-5-21-3469522661-2701585936-2328360242-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19088

[OK] Registry is clean.

-\\ Google Chrome v25.0.1364.97

File : C:\Users\millymatt\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1292 octets] - [03/03/2013 15:57:38]
AdwCleaner[S1].txt - [4645 octets] - [28/02/2013 18:54:48]
AdwCleaner[S2].txt - [870 octets] - [28/02/2013 18:59:02]

########## EOF - C:\AdwCleaner[R1].txt - [1471 octets] ##########
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑