Jump to content

Cannot install MB


gailee

Recommended Posts

This was my original post to the general forum:

All programs are missing from the start menu and cannot be viewed in my computer (run through usb drive). Avast scanning shows all programs being scanned. Ran cmd through task manager and only docs & settings showing on c drive. Tried to install MB from usb drive and get access denied, set up not complete please correct the problem and try again. Tried several times, one error popped up: mbam_error_expanding_variable (0,453),please report to support team. When trying to install Super Antispyware I am asked to modify, repair or remove so obviously it is in the system but I cant get to it to run it. Ran tuneup utilities and cc cleaner. All installed programs are listed in cc cleaner and windows install cleanup. This is a dell optiplex 330 running winxp sp3

Before reading the forum reply to come to the removal forum, the following was performed:

1. Ran mbam-clean and reintalled MB, yeah! Found 5 items and quarantined.

2. Ran superantispyware and cleaned the spyware

3. Ran unhide and all the folders fixed

4. Recreated all items on the start menu (control panel, run, etc)

Ran dds as instructed in this forum for malware removal. Files attached

Current problems:

Some start program items are empty but the programs are on the c drive

Links within programs (superanti spyware to update, logmein to log in) do not work

In internet explorer, only home page will open and function. Favorties do nothing and typing in the address box results in the following: "The requested lookup key was not found in any active activation context".

Cannot download IE 8 or access windows update. (downloaded from other comp to usb drive but it would not install; didn't write down the error)

print screen and paste to notepad did not work.

That's as far as I got today.

attach2.txt

dds2.txt

Link to post
Share on other sites

yesterday I uninstalled ie8 and it reverted back to ie6 and all the favorites worked. Before that was unable to print emails in outlook but can after uninstalling ie8. It was doing 105 windows updates when I left it yesterday-it's at another location. But i've had no response to what the attached files showed.

Link to post
Share on other sites

The DDS scan results?

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 6.0.2900.2180

Run by rich at 16:12:45 on 2012-01-23

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1499 [GMT -5:00]

.

AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: avast! Internet Security *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\Program Files\Alwil Software\Avast5\afwServ.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Nuance\dgnsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

C:\Program Files\LogMeIn\x86\RaMaint.exe

C:\Program Files\LogMeIn\x86\LogMeIn.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\System32\TUProgSt.exe

C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet\Connect\11\ISUSPM.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\notepad.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = salemdeeds.com/

mStart Page = hxxp://www.yahoo.com

uInternet Connection Wizard,ShellNext = hxxp://shell.windows.com/fileassoc/0409/xml/redir.asp?Ext=pdf

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [iSUSPM] c:\documents and settings\all users.windows\application data\flexnet\connect\11\ISUSPM.exe -scheduler

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"

mPolicies-explorer: NoWelcomeScreen = 1 (0x1)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

DPF: {32505657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab

DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB

DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.2

TCP: Interfaces\{C06B72F9-4550-48D2-89BD-151871AB23A0} : DhcpNameServer = 192.168.1.2

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll

Notify: LMIinit - LMIinit.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

============= SERVICES / DRIVERS ===============

.

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2011-9-15 12112]

R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2011-9-15 195416]

R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2011-9-15 111320]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-9-12 435032]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-21 314456]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-11-23 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-11-23 67656]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-21 20568]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-21 44768]

R2 avast! Firewall;avast! Firewall;c:\program files\alwil software\avast5\afwServ.exe [2011-9-15 127192]

R2 DragonSvc;Dragon Service;c:\program files\common files\nuance\dgnsvc.exe [2010-7-23 296808]

R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-12-8 374152]

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-9-17 12856]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2011-1-21 47640]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-23 304464]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2011-12-8 1527104]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-23 20952]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2011-7-7 10064]

S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-11-23 12872]

S4 LMIRfsClientNP;LMIRfsClientNP; [x]

.

=============== Created Last 30 ================

.

2012-01-23 20:36:21 -------- d-----w- c:\documents and settings\rich.ipswich\application data\SUPERAntiSpyware.com

2012-01-23 20:28:39 -------- d-----w- c:\documents and settings\rich.ipswich\local settings\application data\Identities

2012-01-23 19:41:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-01-23 19:41:54 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-01-22 19:54:40 -------- d-----w- c:\documents and settings\rich.ipswich\local settings\application data\PCHealth

2012-01-22 19:30:56 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll

2012-01-22 19:29:57 42496 -c--a-w- c:\windows\system32\dllcache\davcdata.exe

2012-01-22 19:28:31 221184 ----a-w- c:\windows\system32\wmpns.dll

2012-01-22 19:27:07 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe

2012-01-22 19:27:07 16384 ----a-w- c:\program files\internet explorer\connection wizard\isignup.exe

2012-01-22 19:12:39 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll

2012-01-22 19:12:39 24661 ----a-w- c:\windows\system32\spxcoins.dll

2012-01-22 19:12:39 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll

2012-01-22 19:12:39 13312 ----a-w- c:\windows\system32\irclass.dll

2012-01-22 19:12:33 10559 ----a-r- c:\windows\SET11C.tmp

2012-01-22 19:12:32 22339 ----a-r- c:\windows\SET11B.tmp

2012-01-22 19:12:25 13753 ----a-r- c:\windows\SETE0.tmp

2012-01-22 19:12:23 1086058 ----a-r- c:\windows\SETD4.tmp

2012-01-22 19:12:22 1042903 ----a-r- c:\windows\SETD1.tmp

2012-01-22 17:23:15 -------- d-----w- c:\windows\system32\XPSViewer

2012-01-22 17:22:51 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

2012-01-22 17:22:51 -------- d-----w- c:\windows\system32\Dell

2012-01-22 17:22:36 597504 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

2012-01-22 17:22:36 117760 ----a-w- c:\windows\system32\prntvpt.dll

2012-01-22 17:22:35 575488 ----a-w- c:\windows\system32\xpsshhdr.dll

2012-01-22 17:22:35 1676288 ----a-w- c:\windows\system32\xpssvcs.dll

2012-01-22 17:22:35 -------- d-----w- C:\1eab4a7936352482cca020e2b89ccc

2012-01-22 17:21:55 364746 ----a-w- c:\windows\system32\PerfStringBackup.TMP

2012-01-22 17:17:54 -------- d-----w- c:\documents and settings\rich.ipswich\application data\PCDr

2012-01-22 17:04:11 3584 ----a-r- c:\documents and settings\rich.ipswich\application data\microsoft\installer\{121634b0-2f4a-11d3-ada3-00c04f52dd53}\Icon386ED4E3.exe

2012-01-22 16:52:24 -------- d-----w- c:\program files\Enigma Software Group

2012-01-22 16:25:49 31552 ----a-w- c:\windows\system32\TURegOpt.exe

2012-01-22 16:25:00 -------- d-----w- c:\program files\TuneUp Utilities 2011

2012-01-22 16:24:49 -------- d-sh--w- c:\documents and settings\all users.windows\application data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}

.

==================== Find3M ====================

.

2011-12-19 17:06:07 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll

2011-12-19 17:06:06 87424 ----a-w- c:\windows\system32\LMIinit.dll

2011-12-19 17:06:06 52096 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll

2011-12-19 17:06:06 30592 ----a-w- c:\windows\system32\LMIport.dll

2011-12-08 22:31:34 29504 ----a-w- c:\windows\system32\uxtuneup.dll

2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr

2011-11-28 17:54:38 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys

2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-11-28 17:53:22 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys

2011-10-28 01:38:32 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak

2011-10-28 01:38:31 87424 ----a-w- c:\windows\system32\LMIinit.dll.000.bak

.

============= FINISH: 16:15:02.33 ===============

Link to post
Share on other sites

Other than a few temporary files, I don't see anything bad in the scan.

For IE8, try running it without add-ons and see if that helps.

To temporarily disable all add-ons

1.Click the Start button , click All Programs, click Accessories, click System Tools, and then click Internet Explorer (No Add-ons).

If it does, then look at each add-on

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.