Is it Vista? Logs

No it doesn't. If it did, you would not have been able to run ComboFix. Please run it and attach the log.

Also attach the requested log from MGtools.

 

Yes as I stated, it is a 32 bit OS. If it had been a 64 bit system, ComboFix would not have run.

Your MGtools log is incomplete. Did you let it run all the way? Did you follow the instructions for running it with Vista? UAC must be disabled. Did you see any error message or get any popups from your protection software? Try the below:

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the C:\MGlogs.zip file


Based on the logs attached thus far, it does not look like you are having malware problems. The slow PC issue may be due to having to little memory available. I recommend 2 GB with Vista and this PC only has 1 GB and on 154.27 MB is free.

 

There are dozens of non-malware reasons for Windows Update isuses. They happen all the time. If Windows keeps trying to install the same updates, it means the updates are failing and you need to figure out why. This is something you can work in the Software Forum. The below folder is probably even a sign of a failed Windows Update:

Code:

"C:\"
04D3C2~1      23 Jun 2009              "04d3c29c02d912732ff541542f"

The first thing to try is to shutdown ALL of McAfee especially the firewall while trying to complete the updates.

Also remove all the cracks and kegen software that has been installed and tell your client not to download them anymore. Perhaps the system will work better. For example I can still see the below trapped in MSconfig which you should not be using:

Your MGtools logs are also clean but I do recommend you do the below.

Uninstall the below:
Ad-Aware SE Personal <--- way out of date and not useful. SUPERAntiSpyware and Malwarebytes are much much better
Java(TM) SE Runtime Environment 6 <-- should have been removed and updated in step 1 of the READ & RUN ME.

And your client needs to be very careful with the below which has infected literally hundreds of thousands of PCs when people do not read the license agreement and allow the sponsor software to be installed. We don't like sneakware like this:
Messenger Plus! Live


Now reboot, and after reboot, now install the current version of Sun Java from: Sun Java Runtime Environment




Since you are not having malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
6. Go to add/remove programs and uninstall HijackThis.
7. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
8. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!