Jump to content

Broken dll file

Basics11

By Basics11
in General Windows PC Help

 Share

Recommended Posts

Basics11

Basics11

Posted
Posted

A computer I am working on was infected with some trojan ms and agent.gen files. All have been removed and the computer is clean but every time that I boot the computer I get a RunDLL error. The exact message is "There was a problem starting C:\PROGRA~3\1ifow.dat The specified module could not be found." I have run CCleaner on the registry in attempts of resolving the error and it has been to no avail. Any help on this would greatly be appreciated.

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

Hi:

Until one of the staff or more expert members arrives....

Is this the same computer with which you are already working with MR C here: http://forums.malwar...owtopic=126275?

If it's the SAME rig, it would be advisable to continue over in that topic to remove malware and correct any malware-related damage.

When he gives you the "all clear" from an infection standpoint, if there are other, remaining, non-malware issues that need to be addressed, he'll refer you back here, as needed.

If it's a DIFFERENT rig, then please run the DDS scanner & post back here with both logs. Instructions are below. Also, to avoid further damage to the registry, it would be advisable NOT to run any more registry cleaners/optimizers/tweakers/utilities -- these sorts of programs can cause far more damage than they would ever fix.

HTH,

daledoc1

--------------------------

DDS Instructions

Download DDS from one of the locations below and save it to your Desktop:

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once it is downloaded, you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool.

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.


  • When done, DDS will open two (2) logs:

    1. DDS.txt
    2. Attach.txt

  • Save both reports to your desktop
  • Please attach both of the following logs to your next reply: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file in most cases.

Link to post
Share on other sites
Firefox

Firefox

Posted
Posted

This computer also seems to be infected or has some hardware/software conflicts, that could be due to an infection or previous infection. I also see you have either ran, or attempted to run combofix. Please seek expert help as you have with your other computer to get these issues resolved.


==== Event Viewer Messages From Past Week ========
.
5/14/2013 8:35:02 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR1.
5/14/2013 8:34:34 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
5/14/2013 8:32:41 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5/14/2013 8:32:41 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/14/2013 8:32:24 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
5/14/2013 8:32:19 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/14/2013 8:32:18 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaSvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
5/14/2013 8:32:11 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  discache MOBK400Filter spldr Wanarpv6
5/14/2013 8:32:11 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/14/2013 12:28:20 PM, Error: Service Control Manager [7030]  - The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
5/14/2013 12:27:43 PM, Error: Application Popup [1060]  - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
5/14/2013 12:06:23 PM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
5/14/2013 12:06:23 PM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
5/14/2013 12:05:49 PM, Error: Disk [11]  - The driver detected a controller error on \...\DR1.
5/14/2013 10:24:51 AM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
.
==== End Of File ===========================

Link to post
Share on other sites
daledoc1

daledoc1

Posted
Posted

@ Firefox:

Thanks for reviewing the logs & for your expert advice. :)

@ Basics11:

If you start a new topic in the malware removal section for this second computer as Firefox suggested, it would be a good idea in the subject line to clearly state that this is a different rig from the one with which you are already getting help. For example, "Second Computer - Also Might Be Infected".

That way, folks won't mistakenly think that you have duplicate topics for the same computer, as sometimes happens. :)

HTH,

daledoc1

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Though most of the errors are due to various issues that many computers run into these 2 are potential indicators of an infection, but not proof positive and why we have you get further analysis to see what's really going on.

5/14/2013 8:32:11 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MOBK400Filter spldr Wanarpv6

5/14/2013 10:24:51 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.