19 replies to this topic

[coltcommando]

Cant update this particular update, every other one installed successfully.


Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2698023) A security issue has been identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system

Error Code: 0x643

Talked to some windows tech but didn't get anywhere with the suggestions. I have had a good experience here on the forum and hope to see a solution being offered once again

[AdvancedSetup]

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

When done, DDS will open two (2) logs:

• DDS.txt
  
• Attach.txt

• Save both reports to your desktop
  
• Please include the following logs in your next reply: DDS.txt and Attach.txt
  You can ignore the note about zipping the Attach.txt file in most cases.

[coltcommando]

Attach:


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/18/2008 9:23:16 AM
System Uptime: 11/15/2012 5:57:16 AM (4 hours ago)
.
Motherboard: Dell Inc. | | 0HN341
Processor: Intel® Core™2 Duo CPU T7500 @ 2.20GHz | Microprocessor | 2193/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 85.391 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader XI
Adobe Shockwave Player 11.6
Apple Software Update
Audacity 1.2.6
AutoUpdate
Broadcom Gigabit Integrated Controller
CCleaner (remove only)
Conexant HDA D330 MDC V.92 Modem
Dell Resource CD
Dell Touchpad
DivX Codec
DivX Converter
DivX Plus Web Player
DivX Version Checker
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB954550-v5)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Intel® PROSet/Wireless Software
James Bond 007: Nightfire
Java 7 Update 9
Java Auto Updater
JavaFX 2.1.1
Lexmark 2600 Series
Lexmark Fax Solutions
Lexmark Toolbar
Lexmark Tools for Office
Malwarebytes Anti-Malware version 1.65.1.1000
mCore
mDriver
mDrWiFi
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
mIWA
mLogView
mMHouse
Move Networks Media Player for Internet Explorer
mp2_screensaver_1024x768 Screen Saver
mPfMgr
mPfWiz
mProSafe
mSCfg
mSSO
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
mWlsSafe
mWMI
mZConfig
Novell iPrint Client v04.32.00
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Only Astrology
PC Tools Firewall Plus 7.0
PowerDVD
QuickTime
RealPlayer Enterprise
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
SigmaTel Audio
Sonic Activation Module
swMSM
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
VC80CRTRedist - 8.0.50727.4053
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
11/14/2012 9:54:27 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the SigmaTel Audio Service service to connect.
11/14/2012 9:54:27 AM, error: Service Control Manager [7000] - The SigmaTel Audio Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/13/2012 9:17:39 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2698023).
.
==== End Of File ===========================

DDS:

DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by WCC User at 9:26:44 on 2012-11-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1042 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: PC Tools Firewall Plus *Enabled*
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\SCardSvr.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINNT\System32\spool\DRIVERS\W32X86\3\lxdnserv.exe
C:\WINNT\system32\lxdncoms.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINNT\System32\alg.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINNT\system32\SNDVOL32.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINNT\system32\wbem\wmiprvse.exe
C:\WINNT\system32\svchost.exe -k DcomLaunch
C:\WINNT\system32\svchost.exe -k rpcss
C:\WINNT\System32\svchost.exe -k netsvcs
C:\WINNT\system32\svchost.exe -k WudfServiceGroup
C:\WINNT\system32\svchost.exe -k NetworkService
C:\WINNT\system32\svchost.exe -k LocalService
C:\WINNT\system32\svchost.exe -k LocalService
C:\WINNT\system32\svchost.exe -k imgsvc
C:\WINNT\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - c:\program files\lexmark toolbar\toolband.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\winnt\system32\ctfmon.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [NPSStartup] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1342226348787
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342226341053
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{609D51A0-9452-488C-862B-B2E3B5300C72} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{609D51A0-9452-488C-862B-B2E3B5300C72} : DHCPNameServer = 192.168.1.254
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\winnt\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DwProt;DrWeb Protection;c:\winnt\system32\drivers\dwprot.sys [2012-8-17 149272]
R0 MpFilter;Microsoft Malware Protection Driver;c:\winnt\system32\drivers\MpFilter.sys [2012-8-30 193552]
R1 nipplpt2;Novell iCapture Lpt Redirector 2;c:\winnt\system32\drivers\nipplpt.sys [2008-8-28 34671]
R1 pctgntdi;pctgntdi;c:\winnt\system32\drivers\pctgntdi.sys [2012-10-27 251560]
R2 lxdn_device;lxdn_device;c:\winnt\system32\lxdncoms.exe -service --> c:\winnt\system32\lxdncoms.exe -service [?]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\winnt\system32\spool\drivers\w32x86\3\lxdnserv.exe [2011-5-17 98984]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-18 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-4-26 676936]
R2 PCTAppEvent;PCTAppEvent Driver;c:\winnt\system32\drivers\PCTAppEvent.sys [2012-10-27 160576]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus;c:\program files\pc tools firewall plus\FWService.exe [2012-10-27 286000]
R3 MBAMProtector;MBAMProtector;c:\winnt\system32\drivers\mbam.sys [2011-4-26 22856]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\winnt\system32\drivers\pctNdis-PacketFilter.sys [2012-10-27 89472]
R3 pctNdisMP;PC Tools Driver;c:\winnt\system32\drivers\pctNdis.sys [2012-10-27 57536]
R3 pctplfw;pctplfw;c:\winnt\system32\drivers\pctplfw.sys [2012-10-27 125248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\winnt\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 FsUsbExDisk;FsUsbExDisk;\??\c:\winnt\system32\fsusbexdisk.sys --> c:\winnt\system32\FsUsbExDisk.SYS [?]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\winnt\system32\drivers\pctNdis.sys [2012-10-27 57536]
S3 WinRM;Windows Remote Management (WS-Management);c:\winnt\system32\svchost.exe -k WINRM [1979-12-31 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\winnt\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-11-15 04:36:36 6918632 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fef523f6-81ec-496c-b791-cdfd1e63783b}\mpengine.dll
2012-11-14 15:59:02 -------- d-----w- c:\documents and settings\wcc user\local settings\application data\PCHealth
2012-11-13 20:21:45 6918632 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-10-28 03:57:42 -------- d-----w- c:\documents and settings\wcc user\application data\PCToolsFirewallPlus
2012-10-28 03:57:09 218592 ----a-w- c:\winnt\system32\drivers\PCTCore.sys
2012-10-28 03:57:09 160576 ----a-w- c:\winnt\system32\drivers\PCTAppEvent.sys
2012-10-28 03:57:05 251560 ----a-w- c:\winnt\system32\drivers\pctgntdi.sys
2012-10-28 03:55:44 89472 ----a-w- c:\winnt\system32\drivers\pctNdis-PacketFilter.sys
2012-10-28 03:55:44 57536 ----a-w- c:\winnt\system32\drivers\pctNdis.sys
2012-10-28 03:55:44 32808 ----a-w- c:\winnt\system32\drivers\pctNdis-DNS.sys
2012-10-28 03:55:44 -------- d-----w- c:\program files\common files\PC Tools
2012-10-28 03:55:39 125248 ----a-w- c:\winnt\system32\drivers\pctplfw.sys
2012-10-28 03:55:22 -------- d-----w- c:\program files\PC Tools Firewall Plus
2012-10-27 22:49:49 237072 ------w- c:\winnt\system32\MpSigStub.exe
2012-10-27 22:44:29 -------- d-----w- c:\program files\Microsoft Security Client
2012-10-20 20:07:35 -------- d-----w- c:\documents and settings\wcc user\application data\Samsung
2012-10-20 20:06:33 -------- d-----w- c:\program files\Samsung
2012-10-20 20:05:58 -------- d-----w- c:\documents and settings\all users\application data\Samsung
2012-10-20 20:05:38 -------- d-----w- c:\documents and settings\wcc user\local settings\application data\Downloaded Installations
2012-10-19 16:37:43 93672 ----a-w- c:\winnt\system32\WindowsAccessBridge.dll
2012-10-16 17:51:35 -------- d-----w- c:\program files\ESET
.
==================== Find3M ====================
.
2012-11-14 16:02:00 73656 ----a-w- c:\winnt\system32\FlashPlayerCPLApp.cpl
2012-11-14 16:02:00 697272 ----a-w- c:\winnt\system32\FlashPlayerApp.exe
2012-10-22 08:37:31 1866368 ----a-w- c:\winnt\system32\win32k.sys
2012-10-14 01:00:01 290304 ----a-w- C:\subinacl.exe
2012-10-02 18:04:21 58368 ----a-w- c:\winnt\system32\synceng.dll
2012-09-30 00:54:26 22856 ----a-w- c:\winnt\system32\drivers\mbam.sys
2012-09-05 20:00:08 821736 ----a-w- c:\winnt\system32\npDeployJava1.dll
2012-09-05 20:00:08 746984 ----a-w- c:\winnt\system32\deployJava1.dll
2012-08-31 03:03:50 193552 ----a-w- c:\winnt\system32\drivers\MpFilter.sys
2012-08-28 15:14:53 916992 ----a-w- c:\winnt\system32\wininet.dll
2012-08-28 15:14:53 43520 ------w- c:\winnt\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\winnt\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ------w- c:\winnt\system32\html.iec
2012-08-24 13:53:22 177664 ----a-w- c:\winnt\system32\wintrust.dll
2012-08-21 13:33:26 2148864 ----a-w- c:\winnt\system32\ntoskrnl.exe
2012-08-21 12:58:09 2027520 ----a-w- c:\winnt\system32\ntkrnlpa.exe
2012-08-18 04:33:36 149272 ----a-w- c:\winnt\system32\drivers\dwprot.sys
.
============= FINISH: 9:27:59.73 ===============

[AdvancedSetup]

Please see if this Microsoft KB article addresses the issue for you.

http://support.microsoft.com/kb/976982

[coltcommando]

Will try the solution either tomorrow or over the weekend.

[coltcommando]

I'm still encountering the problem, I've tried manually repairing the .NET Framework but only the first of these successfully downloaded... The 2nd one failed to download. I also restarted the computer and got a loud weird beep noise from the computer and the update cannot still download, its driving me nuts. Below is the failed downloads...


Microsoft .NET Framework Version 1.1 Redistributable Package


Microsoft .NET Framework 1.1 Service Pack 1

[coltcommando]

Microsoft .NET Framework 1.1 Service Pack 1

Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2698023)

[AdvancedSetup]

Please run the following steps and ATTACH all the logs by clicking on the More Reply Options - Do not copy/paste back the logs directly to your post.

STEP 1

You may have corrupted files on your disk. Please try running the following.
First close ALL Applications as this routine will automatically restart your computer.
Click on START - RUN and copy / paste the following entry into the box and click OK

CMD /C ECHO Y|CHKDSK C: /F | SHUTDOWN /R /T 30

STEP 2
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

• Flush DNS
  
• Report IE Proxy Settings
  
• Reset IE Proxy Settings
  
• Report FF Proxy Settings
  
• Reset FF Proxy Settings
  
• List content of Hosts
  
• List IP configuration
  
• List Winsock Entries
  
• List last 10 Event Viewer log
  
• List Installed Programs
  
• List Devices
  
• List Users, Partitions and Memory size.
  
• List Minidump Files

Click Go and send back the Result.txt.
A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


STEP 3
Please download Farbar Service Scanner and run it on the computer with the issue.

Make sure the following options are checked:

• Internet Services
  
• Windows Firewall
  
• System Restore
  
• Security Center/Action Center
  
• Windows Update
  
• Windows Defender

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

STEP 4
Please click this link to download the ESET ServicesRepair utility. and save it to your Desktop

Double-click on the ServicesRepair.exe file that you saved to your computer.

If security notifications appear, click Continue or Run and then click Yes when asked if you want to proceed.
Once the tool has finished, you will be prompted to restart your computer. Click Yes to restart.
A log will be saved in the CCSupport folder under Logs that the tool created on your desktop, please attach that log in your next reply.

[coltcommando]

Will try tomorrow or the following day...

[AdvancedSetup]

Okay, we'll be here.

[coltcommando]

Did all the steps above, having problems when i restart or shut down my p.c as my desktop disappears completely and sometimes does not load at all.. Here are the logs i acquired on safe mode on my laptop.

Attached Files

•  FSS.txt   2.69KB   44 downloads
•  Result.txt   20.5KB   108 downloads
•  SvcRepair.log   4.1KB   41 downloads

[AdvancedSetup]

Yes, those were only logs to get information.

Please download and run the following tools.

STEP 0
You may have corrupted files on your disk. Please try running the following.
First close ALL Applications as this routine will automatically restart your computer.
Click on START - RUN and copy / paste the following entry into the box and click OK

CMD /C ECHO Y|CHKDSK C: /R | SHUTDOWN /R /T 30

STEP 1
restoredefaultperms.exe

STEP 2
RepairCryptographicServicesXP.exe

STEP 3
Restart the computer one more time and then run the following tool.

Please download the adwCleaner

Direct from Author
http://general-chang...de/2-adwcleaner

From BleepingComputer
http://www.bleepingc...oad/adwcleaner/

Run the Tool
Windows Vista and Windows 7 users
Right click on the adwCleaner.exe program and select the option "Run as administrator"
Select the Delete button.
When the scan completes, it will open a notepad document.
Please save this file somewhere you can remember where it is and attach it on your next reply.

STEP 4
Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

When done, DDS will open two (2) logs:

• DDS.txt
  
• Attach.txt

• Save both reports to your desktop
  
• Please include the following logs in your next reply: DDS.txt and Attach.txt
  You can ignore the note about zipping the Attach.txt file in most cases.

Thank you

[coltcommando]

Do i have to do step 0?

[Firefox]

Till AdvancedSetup returns, yes start with Step 0....

[AdvancedSetup]

Yes - we need to ensure that the integrity of the hard drive is good.

Thanks

[AdvancedSetup]

Quote

Please run the following steps and ATTACH all the logs by clicking on the More Reply Options - Do not copy/paste back the logs directly to your post.

[coltcommando]

Requested Logs...

Attached Files

•  AdwCleanerS1.txt   2.15KB   87 downloads
•  dds.txt   11.29KB   47 downloads
•  attach.txt   14.36KB   52 downloads

[AdvancedSetup]

Well you have what looks like you may possibly have an infection (not enough information to tell at this time) and you have entries for running Dr Web but it's not listed as running or in your Add/Remove for programs.

Can't say for sure that you're infected but you should either go to the Hijackthis forum and have someone assist you in checking further for an infection or if you like you can contact me on the Help Desk and I'll assist you with scanning for infections. If you do use the help desk please make sure you link this post and ask for me.

Thanks

[coltcommando]

Where is the help desk located in the forum?
Never Mind, found it... I submitted a request u can look for it on the help desk, i hope u can find it. Its under Failed Windows Update/ Possible Infection



#290840 Failed Windows Update/ Possible Infection

Edited by coltcommando, 19 November 2012 - 03:35 PM.

[AdvancedSetup]

I have replied to your help desk ticket and will close this topic now.

Thanks