Jump to content

hijack this log...Malware bytes will not install


Recommended Posts

Here is my hijackthis log. I tried installing Malwarebyte 3 times and the install froze at the completing installation stage. I tried a normal install on the c: drive the first time, then I tried installing to another folder on a different drive the second time and the last time I tried renaming the application. Furthermore, the system freezes while trying to uninstall so i'm sure I have 3 partial installs on this system. Btw, I disabled Mcafee while trying to install. I have never had any of these issue in the many times I have used your product to clean machines.

Any help is appreciated!

Thank you.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:48:44 AM, on 2/3/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

C:\WINDOWS\system32\svchost.exe

c:\PROGRA~1\mcafee.com\vso\mcshield.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe

C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Real\RealPlayer\RealPlay.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe

c:\progra~1\mcafee.com\vso\mcvsescn.exe

C:\WINDOWS\system32\dlbxcoms.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\GetModule\GetModule30.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\Digital Line Detect\DLG.exe

c:\progra~1\mcafee.com\vso\mcvsftsn.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Malwarebytes' Anti-Malware\mbam.exe

C:\Malwarebytes' Anti-Malware\mbam.exe

C:\Malwarebytes' Anti-Malware\mbam.exe

C:\WINDOWS\system32\E30K1247.exe

F:\Whatever.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: (no name) - {8535c159-ec62-4549-bb61-6b8c7b3ae388} - C:\WINDOWS\system32\yuhisona.dll

O2 - BHO: (no name) - {A63E645F-13BD-45ED-B15F-6E8C1BD57279} - C:\WINDOWS\system32\hgGxVPGv.dll

O2 - BHO: (no name) - {AFF8BD2C-FA1A-438A-989F-EFF6E22622C5} - (no file)

O2 - BHO: (no name) - {B463B611-8D99-4EA5-B2F4-EEBE56C1DEEA} - (no file)

O2 - BHO: (no name) - {C58C83A6-F42A-4610-8EA5-00A6184D9A6C} - C:\WINDOWS\system32\cbXQiJdE.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"

O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u

O4 - HKLM\..\Run: [94702c36] rundll32.exe "C:\WINDOWS\system32\vonahoyo.dll",b

O4 - HKLM\..\Run: [ripuzoradi] Rundll32.exe "C:\WINDOWS\system32\metitalu.dll",s

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [GetModule30] C:\Program Files\GetModule\GetModule30.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [ripuzoradi] Rundll32.exe "C:\WINDOWS\system32\metitalu.dll",s (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [ripuzoradi] Rundll32.exe "C:\WINDOWS\system32\metitalu.dll",s (User 'NETWORK SERVICE')

O4 - Global Startup: Digital Line Detect.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab

O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab

O20 - AppInit_DLLs: nurfkc.dll dnvcnj.dll fzrqbu.dll nluwja.dll apnymi.dll rbnljq.dll iweawy.dll rzdztq.dll mnivrp.dll gcbldy.dll niscso.dll,C:\WINDOWS\system32\malusasu.dll

O20 - Winlogon Notify: hgGxVPGv - C:\WINDOWS\SYSTEM32\hgGxVPGv.dll

O20 - Winlogon Notify: modzlib - C:\WINDOWS\SYSTEM32\modzlib.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

--

End of file - 8035 bytes

Link to post
Share on other sites

Hi. :D

Download ComboFix from one of the locations below, and save it to your Desktop.

Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.

When finished, it shall produce a log for you. Post that log and a HijackThis log in your next reply

Note: Do not mouseclick Combofix's window while its running. That may cause it to stall

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.