1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

grandchild messed with registry...uggghhh

Discussion in 'Windows Vista' started by nonstick48, Jan 10, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. nonstick48

    nonstick48 Thread Starter

    Joined:
    Dec 15, 2005
    Messages:
    137
    I am running Vista business on a Dell Inspirion 530S. It will not update windows, it has corrupted registry....I just ran hijack this, I am not sure it got everything I was signed in as administrator but there was some message stating to go back and download to another computer file, but here it is...
    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 10:56:06 AM, on 1/10/2015
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)

    FIREFOX: 32.0 (x86 en-US)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Users\Pam\AppData\Local\Apps\2.0\XHLOVPV4.R2P\LWYMRD77.G1Q\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_235_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\Pam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MA4X8KX\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:49174;https=127.0.0.1:49174
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\Pam\AppData\Local\Apps\2.0\XHLOVPV4.R2P\LWYMRD77.G1Q\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: *.dell.com
    O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - https://support.dell.com/systemprofiler/SysProExe.CAB
    O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Coupon Printer Service (CouponPrinterService) - Coupons.com Inc. - C:\Program Files\Coupons\CouponPrinterService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

    --
    End of file - 6112 bytes
    Please help if possible
     
  2. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,791
    Hi, first try System Restore.
    Start button > Search box.
    Type
    System Restore
    Choose a date prior to the problem.
    http://windows.microsoft.com/en-gb/...ur-pc-undo-system-changes-with-system-restore
    ======
    Check and post
    TSG System Information Utility - found here.
    http://static.techguy.org/download/SysInfo.exe
    ======
    Download Security Check by screen317 from.
    http://screen317.spywareinfoforum.org/
    Or
    http://www.bleepingcomputer.com/download/securitycheck/dl/123/

    Save it to your Desktop.
    Double click the install icon.
    If using Vista - Win 7 - right click the install icon and select "Run as Administrator"
    A command Prompt window will open.
    Let it scan the Pc - press any key when asked.
    It should now open in Notepad.
    Copy and Paste the result of the scan in the reply box below.
     
  3. nonstick48

    nonstick48 Thread Starter

    Joined:
    Dec 15, 2005
    Messages:
    137



    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft® Windows Vista™ Business, Service Pack 2, 32 bit
    Processor: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz, x64 Family 6 Model 15 Stepping 13
    Processor Count: 2
    RAM: 2036 Mb
    Graphics Card: Intel(R) G33/G31 Express Chipset Family, 320 Mb
    Hard Drives: C: Total - 228121 MB, Free - 163343 MB; D: Total - 10239 MB, Free - 8942 MB;
    Motherboard: Dell Inc., 0RY007
    Antivirus: Microsoft Security Essentials, Updated and Enabled


    Results of screen317's Security Check version 0.99.93
    Windows Vista Service Pack 2 x86 (UAC is enabled)
    Internet Explorer 5 Out of date!
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Microsoft Security Essentials
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Java version 32-bit out of Date!
    Adobe Flash Player 16.0.0.235
    Adobe Reader 10.1.13 Adobe Reader out of Date!
    Mozilla Firefox 32.0 Firefox out of Date!
    ````````Process Check: objlist.exe by Laurent````````
    Microsoft Security Essentials MSMpEng.exe
    Microsoft Security Essentials msseces.exe
    MalwareProtection360 malwareprotection360.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````
     
  4. nonstick48

    nonstick48 Thread Starter

    Joined:
    Dec 15, 2005
    Messages:
    137
    my computer refuses to do back up...might be not enough room?.....if you see anything I should or could delete...that is fine
     
  5. nonstick48

    nonstick48 Thread Starter

    Joined:
    Dec 15, 2005
    Messages:
    137
    Results of screen317's Security Check version 0.99.93
    Windows Vista Service Pack 2 x86 (UAC is enabled)
    Internet Explorer 5 Out of date!
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Microsoft Security Essentials
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Java version 32-bit out of Date!
    Adobe Flash Player 16.0.0.235
    Adobe Reader 10.1.13 Adobe Reader out of Date!
    Mozilla Firefox 32.0 Firefox out of Date!
    ````````Process Check: objlist.exe by Laurent````````
    Microsoft Security Essentials MSMpEng.exe
    Microsoft Security Essentials msseces.exe
    MalwareProtection360 malwareprotection360.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````
     
  6. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Please download AdwCleaner.

    • Double-click the adwcleaner.exe to run the tool.
    • Click Scan.
    • When the scan is finished, click Clean.
    • When the cleaning process is over, click Report and a Notepad window will be opened.
    • Please post the contents here in your topic.
     
  7. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,791
    Internet Explorer 5 Out of date!
    IE 5 came with Windows 98se - when did you last run Automatic Updates from Microsoft?

    Please follow Phantom010's suggestion.
    Download AdwCleaner.
     
  8. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,367
    First Name:
    Derek
    Firstly get rid of the malicious proxy that almost certainly will be blocking windows update


    In IE: Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.

    In Firefox in Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection and uncheck the proxyserver, set it to No Proxy.

    then try windows update and tell us what happens
     
  9. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    I was hoping AdwCleaner would get rid of it, as it may have been put there by adware/malware. Rocket Tab, installed along YTD video downloader, has a tendency to do that these days... If that's the case, removing the check won't help, since the adware will recheck it right back... :)
     
  10. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Why are you showing us that?
     
  11. nonstick48

    nonstick48 Thread Starter

    Joined:
    Dec 15, 2005
    Messages:
    137
    it will not let me update..i have internet explorer 9 on computer...something seriously wrong
     
  12. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Please download AdwCleaner.

    • Double-click the adwcleaner.exe to run the tool.
    • Click Scan.
    • When the scan is finished, click Clean.
    • When the cleaning process is over, click Report and a Notepad window will be opened.
    • Please post the contents here in your topic.
     
  13. nonstick48

    nonstick48 Thread Starter

    Joined:
    Dec 15, 2005
    Messages:
    137
    I tried to run update again and I get an error 8000ffff
     
  14. nonstick48

    nonstick48 Thread Starter

    Joined:
    Dec 15, 2005
    Messages:
    137
    i am unable to open microsoft office programs get error message that states....network resource is not available
     
  15. nonstick48

    nonstick48 Thread Starter

    Joined:
    Dec 15, 2005
    Messages:
    137
    i will try and run it again..last time I did it .... i had to figure out how to get back on internet browser..received errors..
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1140919

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice