Unable to execute file

[carrollst23]

Hello..I have been infected with the active security problem and wanted to download malwarebites to hopefully fix it. My computer won't allow me to download Malwarebites due to the following error:

Unable to execute file

Create process failed code 2

Can't find specified file.

the following are the two files HELP!!!

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Setup

Shadow Copy Client

Symantec AntiVirus

TAPI

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

URL Assistant

VC80CRTRedist - 8.0.50727.4053

WebFldrs XP

Windows Defender

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Live OneCare safety scanner

Windows XP Service Pack 3

WinRAR archiver

Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

1/31/2010 3:51:32 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}

1/31/2010 3:44:36 AM, error: Dhcp [1002] - The IP address lease 72.185.80.70 for the Network Card with network address 00188B8B38F0 has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).

1/31/2010 12:53:22 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

1/31/2010 12:46:49 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: eeCtrl Fips intelppm SAVRT SAVRTPEL SPBBCDrv SYMTDI

1/31/2010 12:45:55 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

1/30/2010 9:56:05 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}

1/30/2010 7:48:20 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

1/30/2010 5:45:45 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\DivX\DivX Converter\Microsoft.VC80.MFC\MFC80U.DLL. Reference error message: The operation completed successfully. .

1/28/2010 6:42:00 PM, error: Service Control Manager [7034] - The VNC Server Version 4 service terminated unexpectedly. It has done this 1 time(s).

1/27/2010 8:30:26 PM, error: Dhcp [1002] - The IP address lease 173.168.234.6 for the Network Card with network address 00188B8B38F0 has been denied by the DHCP server 65.32.22.102 (The DHCP Server sent a DHCPNACK message).

1/27/2010 4:44:39 PM, error: System Error [1003] - Error code 1000000a, parameter1 fa7710bc, parameter2 00000001, parameter3 00000000, parameter4 80505f17.

1/27/2010 4:42:21 PM, error: NETLOGON [5719] - No Domain Controller is available for domain ALLIEDTAMPA due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

1/27/2010 12:21:28 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .

1/27/2010 12:21:28 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\MFC80U.DLL. Reference error message: The operation completed successfully. .

1/27/2010 12:21:28 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

==== End Of File ===========================

DDS (Ver_09-12-01.01) - NTFSx86 NETWORK

Run by Administrator at 13:14:57.53 on Mon 02/01/2010

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.990.700 [GMT -5:00]

AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Outdated) {FB06448E-52B8-493A-90F3-E43226D3305C}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\RR3UWJCR\dds[1].scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us

uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk-rel/en/side.html?channel=us

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyServer = http=127.0.0.1:5555

uInternet Settings,ProxyOverride = <local>

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [<NO NAME>]

mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto

mRun: [tudafabed] Rundll32.exe "c:\windows\system32\vetajume.dll",a

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

mPolicies-explorer: NoWelcomeScreen = 1 (0x1)

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264101474687

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1264101465671

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Notify: NavLogon - c:\windows\system32\NavLogon.dll

AppInit_DLLs: mijejabe.dll c:\windows\system32\vetajume.dll

SSODL: tozovotuf - {70a40017-e788-4a97-8888-164cad3c5747} - c:\windows\system32\vetajume.dll

STS: jugezatag: {70a40017-e788-4a97-8888-164cad3c5747} - c:\windows\system32\vetajume.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll

LSA: Notification Packages = scecli nifayoga.dll

============= SERVICES / DRIVERS ===============

R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2007-1-8 3456]

S1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2005-12-19 337592]

S1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2005-12-19 54968]

S2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-3-24 192160]

S2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-3-24 169632]

S2 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-6-15 115952]

S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2007-1-29 102712]

S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20070127.007\naveng.sys [2007-1-29 80472]

S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20070127.007\navex15.sys [2007-1-29 852280]

S4 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-6-15 1829616]

=============== Created Last 30 ================

2010-01-31 21:27:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-01-31 21:27:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-01-31 21:27:07 0 d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-01-31 21:10:38 1394000 ----a-w- c:\program files\Nf7M0F7wg.exe

2010-01-31 19:13:21 0 d-sh--w- c:\documents and settings\administrator\IECompatCache

2010-01-31 02:02:35 0 d-----w- c:\program files\Reg-Tool

2010-01-31 01:50:15 0 d-----w- c:\windows\system32\wbem\Repository

2010-01-31 00:51:00 0 d-----w- c:\docume~1\admini~1\applic~1\MSNInstaller

2010-01-31 00:37:28 0 d-----w- c:\program files\VideoLAN

2010-01-31 00:35:32 0 d-----w- c:\program files\Free Offers from Freeze.com

2010-01-30 19:43:02 2392 ----a-w- C:\AUTORUN_USB(1).PNF

2010-01-30 19:43:00 2360 ----a-w- C:\AUTORUN(1).PNF

2010-01-28 23:38:00 181120 ------w- c:\windows\system32\MpSigStub.exe

2010-01-28 13:28:58 0 d-----w- c:\windows\pss

2010-01-28 08:14:06 0 d-----w- c:\program files\Trend Micro

2010-01-28 07:45:43 0 d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes

2010-01-28 07:45:37 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2010-01-28 06:21:48 0 d-sh--w- c:\documents and settings\administrator\PrivacIE

2010-01-28 06:16:45 868 ----a-w- C:\WELCOME(1).MSG

2010-01-28 06:16:45 6661936 ----a-w- C:\VMLINUZ(1)

2010-01-28 06:16:45 564 ----a-w- C:\ISOLINUX(1).CFG

2010-01-28 06:16:45 10588 ----a-w- C:\ISOLINUX(1).BIN

2010-01-28 06:16:43 71 ----a-w- C:\AUTORUN_USB(1).INF

2010-01-28 06:16:43 52 ----a-w- C:\AUTORUN(1).INF

2010-01-28 06:16:43 29926 ----a-w- C:\AVIRA(1).ICO

2010-01-28 06:16:43 2048 ----a-w- C:\BOOT(1).CAT

2010-01-28 06:16:43 202 ----a-w- C:\INDEX(1).HTML

2010-01-28 06:16:43 19033629 ----a-w- C:\INITRD(1).GZ

2010-01-28 06:10:15 0 d-sh--w- c:\documents and settings\administrator\IETldCache

2010-01-27 20:35:20 0 d-----w- c:\program files\MSXML 4.0

2010-01-27 20:29:09 0 d-----w- c:\windows\ie8updates

2010-01-27 20:11:33 0 d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2

2010-01-27 20:11:15 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll

2010-01-27 20:11:15 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll

2010-01-27 20:11:15 12800 ------w- c:\windows\system32\dllcache\xpshims.dll

2010-01-27 20:11:14 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll

2010-01-27 20:11:14 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll

2010-01-27 20:11:12 11070464 ------w- c:\windows\system32\dllcache\ieframe.dll

2010-01-27 20:10:40 81920 ------w- c:\windows\system32\dllcache\fontsub.dll

2010-01-27 20:10:40 119808 ------w- c:\windows\system32\dllcache\t2embed.dll

2010-01-27 20:10:11 471552 ------w- c:\windows\system32\dllcache\aclayers.dll

2010-01-27 20:06:41 153088 ------w- c:\windows\system32\dllcache\triedit.dll

2010-01-27 20:05:41 1315328 ------w- c:\windows\system32\dllcache\msoe.dll

2010-01-27 20:05:26 128512 ------w- c:\windows\system32\dllcache\dhtmled.ocx

2010-01-27 20:02:59 2560 ------w- c:\windows\system32\xpsp4res.dll

2010-01-27 20:02:59 1206508 ------w- c:\windows\system32\dllcache\sysmain.sdb

2010-01-27 20:02:58 215552 ------w- c:\windows\system32\dllcache\wordpad.exe

2010-01-27 20:02:19 1089593 ------w- c:\windows\system32\dllcache\ntprint.cat

2010-01-27 20:02:15 333952 ------w- c:\windows\system32\dllcache\srv.sys

2010-01-27 20:01:50 455296 ------w- c:\windows\system32\dllcache\mrxsmb.sys

2010-01-27 20:01:34 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll

2010-01-27 20:01:28 337408 ------w- c:\windows\system32\dllcache\netapi32.dll

2010-01-27 20:00:34 331776 ------w- c:\windows\system32\dllcache\msadce.dll

2010-01-27 20:00:04 691712 ------w- c:\windows\system32\dllcache\inetcomm.dll

2010-01-27 19:59:17 272128 ------w- c:\windows\system32\dllcache\bthport.sys

2010-01-27 19:59:12 203136 ------w- c:\windows\system32\dllcache\rmcast.sys

2010-01-27 19:40:56 0 d-----w- c:\windows\system32\XPSViewer

2010-01-27 19:40:16 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2010-01-27 19:40:16 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2010-01-27 19:40:16 575488 ------w- c:\windows\system32\xpsshhdr.dll

2010-01-27 19:40:16 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll

2010-01-27 19:40:16 1676288 ------w- c:\windows\system32\xpssvcs.dll

2010-01-27 19:40:16 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll

2010-01-27 19:40:16 117760 ------w- c:\windows\system32\prntvpt.dll

2010-01-27 19:40:15 0 d-----w- C:\6bf1d91c0f294ca696639007

2010-01-27 19:07:26 0 d-----w- c:\program files\DivX

2010-01-27 19:07:26 0 d-----w- c:\program files\common files\DivX Shared

2010-01-27 18:52:13 0 dc-h--w- c:\windows\ie8

2010-01-27 17:33:03 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2010-01-27 17:20:37 0 d-----w- c:\windows\system32\scripting

2010-01-27 17:20:37 0 d-----w- c:\windows\system32\en

2010-01-27 17:20:37 0 d-----w- c:\windows\l2schemas

2010-01-27 17:20:36 0 d-----w- c:\windows\system32\bits

2010-01-27 17:18:40 0 d-----w- c:\windows\ServicePackFiles

2010-01-27 17:17:01 0 d-----w- c:\windows\network diagnostic

2010-01-27 17:16:02 2392 ----a-w- C:\AUTORUN_USB.PNF

2010-01-27 17:16:02 2360 ----a-w- C:\AUTORUN.PNF

2010-01-27 17:06:49 64352 ------w- c:\windows\system32\drivers\ativmc20.cod

2010-01-27 16:58:56 0 d-----w- c:\windows\system32\PreInstall

2010-01-23 06:52:47 0 d-----w- c:\windows\F4KIK8G80XKN04CG

2010-01-22 13:53:58 0 d-----w- c:\windows\system32\appmgmt

2010-01-21 23:11:44 0 ----a-w- c:\windows\VPC32.INI

2010-01-21 22:06:58 0 d--h--w- c:\windows\PIF

2010-01-21 19:18:30 21728 ----a-w- c:\windows\system32\wucltui.dll.mui

2010-01-21 19:18:30 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui

2010-01-21 19:18:30 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2010-01-21 19:18:29 15064 ----a-w- c:\windows\system32\wuapi.dll.mui

==================== Find3M ====================

2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll

2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\dllcache\wininet.dll

2009-12-21 19:14:05 1208832 ----a-w- c:\windows\system32\dllcache\urlmon.dll

2009-12-21 19:14:04 5942784 ----a-w- c:\windows\system32\dllcache\mshtml.dll

2009-12-21 19:14:04 206848 ----a-w- c:\windows\system32\dllcache\occache.dll

2009-12-21 19:14:03 25600 ----a-w- c:\windows\system32\dllcache\jsproxy.dll

2009-12-21 19:14:03 184320 ----a-w- c:\windows\system32\dllcache\iepeers.dll

2009-12-21 19:14:01 387584 ----a-w- c:\windows\system32\dllcache\iedkcs32.dll

2009-12-21 13:19:18 173056 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe

2009-11-14 00:49:00 129784 ------w- c:\windows\system32\pxafs.dll

2009-11-14 00:49:00 120056 ------w- c:\windows\system32\pxcpyi64.exe

2009-11-14 00:49:00 118520 ------w- c:\windows\system32\pxinsi64.exe

2009-11-14 00:47:32 90112 ----a-w- c:\windows\system32\dpl100.dll

2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx0c.dll

2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx07.dll

2009-11-14 00:47:28 847872 ----a-w- c:\windows\system32\divx_xx0a.dll

2009-11-14 00:47:28 843776 ----a-w- c:\windows\system32\divx_xx16.dll

2009-11-14 00:47:28 839680 ----a-w- c:\windows\system32\divx_xx11.dll

2009-11-14 00:47:28 696320 ----a-w- c:\windows\system32\DivX.dll

1601-01-01 00:03:28 42496 --sha-w- c:\windows\system32\jibuvuna.dll

1601-01-01 00:03:28 39424 --sha-w- c:\windows\system32\lofuwogi.dll

1601-01-01 00:03:52 53248 --sha-w- c:\windows\system32\mijejabe.dll

1601-01-01 00:03:52 53248 --sha-w- c:\windows\system32\nifayoga.dll

1601-01-01 00:03:28 43008 --sha-w- c:\windows\system32\ralasife.dll

1601-01-01 00:03:28 60928 --sha-w- c:\windows\system32\rizakoyu.dll

1601-01-01 00:03:52 53248 --sha-w- c:\windows\system32\venaluwe.dll

1601-01-01 00:03:28 93184 --sha-w- c:\windows\system32\vetajume.dll

1601-01-01 00:03:28 60928 --sha-w- c:\windows\system32\wusosogo.dll

1601-01-01 00:03:28 95744 --sha-w- c:\windows\system32\yiyetoze.dll

1601-01-01 00:03:28 53248 --sha-w- c:\windows\system32\yunizapa.dll

============= FINISH: 13:15:23.34 ===============

[miekiemoes]

Hi,

Please try this version of malwarebytes: Click the link here

Save it on your desktop. You'll see it will have a random name, and will look similar like this:

Doubleclick on it, so it will extract the files and will start Malwarebytes automatically.

In case the installer (random named file) won't run either, rename it to EXPLORER.EXE and try again.

When Malwarebytes opens, click the "Update" tab FIRST and select to check for updates in order to get the latest updates.

In case Malwarebytes doesn't open, search for the folder mbam-installer on your desktop, open it and doubleclick the file winlogon.exe which will be present in there. This should launch Malwarebytes.

Then perform a scan and let it remove what it found. Reboot afterwards (important).

After reboot, post the malwarebytes log together with a new HijackThislog.

In case you're having problems with above instructions, let me know.

[miekiemoes]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!