New
#21
Great - while I'm looking through that, please run another CheckSUR and post the new CheckSUR.log file
Great - while I'm looking through that, please run another CheckSUR and post the new CheckSUR.log file
Awesome, hopefully everything will work out now. Here's the new logs:
Also several new things. I opened up the Windows Update Panel, and apparently the SP1 Update is not there anymore. I'm just wondering if this was somehow fixed by all the CheckSUR's, etc because the update is not listed in the update history. The IE9 update however is still there waiting to be installed. Also my settings are not set to automatically update, I set it to manual after repeated failures in the past with those 2 updates.
Another thing that is more urgent and not sure if related to my problems is that I opened Internet Explorer after many months if not years of not using it. And I noticed the front page is redirected to search.conduit which I heard is some sort of spyware. Not sure exactly how worried I should be over this but just thought I'd let you know.
That's fixed a few 'new' problems!
CheckSUR results...
All errors relate to original RTM Win7 files.Code:Summary: Seconds executed: 2274 Found 4 errors Fixed 4 errors CBS MUM Missing Total count: 4 Fixed: CBS MUM Missing. Total count: 4 Fixed: CBS Paired File. Total count: 4
If we're lucky, this may cure the problem. - please try ONLY the oldest update, and see what happens - post any error message, the CBS.log file, and the C:\Windows\windowsupdate.log file.
That's kind of what I'm saying in my last post, the SP1 was the oldest update but is not showing anymore in the list of things to update. But neither does it say that was successfully installed in the update history. So I'm not sure whether this was intended through all the hotfixes done or whether something went wrong. I'll attach a screenshot of what I mean.
As for the search.conduit, should I start a new thread after this is finished or could this be somehow related?
search.conduit is adware/spyware.
Please download and install Malwarebytes Anti-malware (free version) from http://www.malwarebytes.org/products/malwarebytes_free/ - UNtick 'Enable free trial of MBAM PRO' at the end of the installation - and update it, then run a full scan in your main account, and Quick scans in any other user accounts.
Delete everything it finds
You may be able to install SP1 using the standalone installer from here...
Download Windows 7 and Windows Server 2008 R2 Service Pack 1 (KB976932) from Official Microsoft Download Center
ok ran about 4 Scans up til now with Malwarebytes. 2 Threat scans, and 2 Custom Scans with everything checked off. The last one I did came up clean. The first 2 caught a lot of the garbage PUP's (PUP.Optional.Counduit, PUP.Optional.Conduit.A, PUP.Optional.PriceGong.A, PUP.Optional.InstallCore.A)which I believe are all gone now, though am not sure how they got there in the first place since I'm always careful when installing things.
However, the 3rd scan caught Trojan.FakeMS (C:\Windows\System32\audiodg.exe) which I believe is a False Positive, as it appears to be an audio file and audio isn't working anymore. I have only quarantined all files and haven't deleted any yet. I'll upload the logs for confirmation on the Trojan and the go ahead to install SP1. Thanks Noel.
Conduit, PriceGong, and the like are easy access points for malware, and may attract it like magnets attract iron filings.
They are often installed as 'by-blows' with software that you may actually want - and may or may not be announced along the way, depending on the source of the installer.
As far as your audiodg file is concerned, I'd suggest running SFC /SCANNOW again, and posting the resulting CBS.log file - we can then see whether Windows thinks it's legit or not.
The SFC scan appears to have found errors this time. Attaching CBS log.
Also it appears the option to install SP1 through Windows Update is back again (will post screenshot). Although it has this weird size range which was not there before. After the Trojan thing is sorted out, should I install it from Windows Update or the link your provided. Many thanks again.
It looks like the file may well have been infected.
I'll post a fix protocol for it later.Code:2014-06-05 20:33:37, Info CSI 00000305 [SR] Cannot repair member file [l:22{11}]"audiodg.exe" of Microsoft-Windows-Audio-AudioCore, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2014-06-05 20:33:37, Info CSI 00000306 Hashes for file member \SystemRoot\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.1.7600.16385_none_d294b5cdfe50c681\audiodg.exe do not match actual file [l:22{11}]"audiodg.exe" : Found: {l:32 b:2vDz6WtbJPDWZR+YzMuOzFdsK2NFty7hAxZNGb1kqV8=} Expected: {l:32 b:sDLMfL1xUZa+w7C3wt/R1habZswXcN1LcIlRzIfdhxs=}