Jump to content

Recommended Posts

I have been batteling an ongoing issue with World of Warcraft that started after I accidently upgraded to IE9. I was unable to launch the "launcher" program because it was unable to connect to the server (launcher cannot obtain patching information). This started a long oddyssry that led me here.

When I loaded MBAB, it said I needed to update my database which resulted in the following error -

PROGRAM_ERROR_UPDATING (12004, 0, WinHttpOpen)

I searched theforums for the 12004 error and didn't see any references which is odd.

I validated that Windows Firewall was turned off

I previously had McAfee antivirus installed, but it was removed 2 days ago to ensure it was not interfeering with the wow launcher. I cannot reinstall it now because it won't contact the server for the download.

I have validated via my laptop that nothing is being blocked from the ISP. I can run both the wow launcher and MBAM without issue.

Windows 7 SP1 (64bit) (fully updated)

MBAM 1.50.1.1100

Database version 5363 (12/20/2010)

Below is a DDS log

.

DDS (Ver_11-05-19.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by Dave at 11:00:58 on 2011-05-20

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6142.4629 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files (x86)\CyberLink\Shared Files\brs.exe

C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil64_10_3_162_ActiveX.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0FX3B27R\dds.scr

C:\Windows\SysWOW64\WSCRIPT.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://murderbynumbers.guildomatic.com/

uSearch Bar = Preserve

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

uRun: [McAfee McItInfo] C:\Users\Dave\AppData\Local\Temp\mcitinfo_1305765481.exe /itinsfin:C:\Users\Dave\AppData\Local\Temp\mcininfo_1305765481.ini

mRun: [updatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0"

mRun: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

mRun: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"

mRun: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

Trusted Zone: com.tw\asia.msi

Trusted Zone: com.tw\global.msi

Trusted Zone: com.tw\www.msi

Trusted Zone: microsoft.com\oas.support

Trusted Zone: microsoft.com\support

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

mRun-x64: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

.

============= SERVICES / DRIVERS ===============

.

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2009-11-12 210216]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-7 378472]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-18 2218600]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-05-20 14:59:44 -------- d-----w- C:\Windows\System32\SPReview

2011-05-20 14:59:10 -------- d-----w- C:\Windows\System32\EventProviders

2011-05-20 14:36:12 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll

2011-05-20 14:36:12 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe

2011-05-20 14:36:11 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll

2011-05-20 14:36:06 856576 ----a-w- C:\Windows\SysWow64\FirewallControlPanel.dll

2011-05-20 14:36:05 5066752 ----a-w- C:\Windows\SysWow64\AuthFWSnapin.dll

2011-05-20 14:33:35 778752 ----a-w- C:\Windows\System32\mssvp.dll

2011-05-20 14:32:59 98304 ----a-w- C:\Program Files\Common Files\System\msadc\msadcs.dll

2011-05-20 14:31:58 359936 ----a-w- C:\Windows\System32\eudcedit.exe

2011-05-20 14:06:42 6881600 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2011-05-20 14:06:34 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{040D55D3-6BC3-41DB-863C-2D86F5733198}\mpengine.dll

2011-05-19 02:06:04 -------- d-----w- C:\$WINDOWS.~LS

2011-05-19 02:05:23 -------- d-----w- C:\$UPGRADE.~OS

2011-05-19 01:48:52 -------- d-----w- C:\Users\Dave\AppData\Roaming\Malwarebytes

2011-05-19 01:48:44 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-05-19 01:48:44 -------- d-----w- C:\ProgramData\Malwarebytes

2011-05-19 01:48:41 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-05-19 01:48:41 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-05-18 20:29:21 -------- d-----w- C:\Program Files\Microsoft IntelliPoint

2011-05-18 16:42:23 -------- d-----w- C:\Windows\SysWow64\RTCOM

2011-05-18 15:18:49 -------- d-----w- C:\Program Files (x86)\GIGABYTE

2011-05-18 15:18:20 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll

2011-05-18 15:18:20 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe

2011-05-18 15:18:20 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll

2011-05-18 15:18:20 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll

2011-05-18 15:18:19 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll

2011-05-18 15:18:19 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe

2011-05-18 15:18:19 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll

2011-05-18 15:18:18 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll

2011-05-18 14:13:17 -------- d-----w- C:\Users\Dave\AppData\Local\Microsoft Games

2011-05-18 13:54:12 142336 ----a-w- C:\Windows\System32\poqexec.exe

2011-05-18 13:54:12 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe

2011-05-18 13:53:51 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll

2011-05-18 13:53:51 219136 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2011-05-18 13:53:51 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2011-05-18 13:53:51 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2011-05-11 00:16:37 5562240 ----a-w- C:\Windows\System32\ntoskrnl.exe

2011-05-11 00:16:36 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2011-05-11 00:16:36 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2011-05-11 00:16:32 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2011-05-11 00:16:32 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys

2011-05-11 00:16:32 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2011-05-11 00:16:32 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2011-05-11 00:16:32 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2011-05-11 00:16:32 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2011-05-11 00:16:32 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2011-04-27 00:07:41 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2011-04-27 00:07:41 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll

2011-04-27 00:07:40 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe

2011-04-27 00:07:40 31232 ----a-w- C:\Windows\System32\prevhost.exe

.

==================== Find3M ====================

.

2011-05-20 15:07:14 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2011-05-20 15:07:13 175616 ----a-w- C:\Windows\System32\msclmd.dll

2011-05-18 15:19:06 25640 ----a-w- C:\Windows\gdrv.sys

2011-04-13 20:04:38 45432 ----a-w- C:\Windows\System32\drivers\point64.sys

2011-04-09 04:00:28 464896 ----a-w- C:\Windows\System32\ipcoin815.dll

2011-04-09 04:00:20 47616 ----a-w- C:\Windows\System32\drivers\dc3d.sys

2011-04-08 04:19:16 2582120 ----a-w- C:\Windows\System32\nvsvcr.dll

2011-04-08 04:19:16 117864 ----a-w- C:\Windows\System32\nvmctray.dll

2011-04-08 04:19:16 1012328 ----a-w- C:\Windows\System32\nvvsvc.exe

2011-04-08 04:19:14 797288 ----a-w- C:\Windows\System32\easyUpdatusAPIU64.dll

2011-04-08 04:19:06 6338152 ----a-w- C:\Windows\System32\nvcpl.dll

2011-04-08 04:18:42 3041384 ----a-w- C:\Windows\System32\nvsvc64.dll

2011-03-11 06:41:37 189824 ----a-w- C:\Windows\System32\drivers\storport.sys

2011-03-11 06:41:34 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys

2011-03-11 06:41:34 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2011-03-11 06:41:34 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys

2011-03-11 06:41:26 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys

2011-03-11 06:41:12 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys

2011-03-11 06:41:12 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys

2011-03-11 06:34:51 1359872 ----a-w- C:\Windows\System32\mfc42u.dll

2011-03-11 06:34:50 1395712 ----a-w- C:\Windows\System32\mfc42.dll

2011-03-11 06:33:29 2565632 ----a-w- C:\Windows\System32\esent.dll

2011-03-11 06:30:28 96768 ----a-w- C:\Windows\System32\fsutil.exe

2011-03-11 05:33:59 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll

2011-03-11 05:33:59 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll

2011-03-11 05:33:09 1699328 ----a-w- C:\Windows\SysWow64\esent.dll

2011-03-11 05:31:07 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe

2011-03-08 06:29:32 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-03-08 05:28:29 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2011-03-05 07:02:48 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll

2011-03-04 06:19:28 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2011-03-04 06:19:27 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2011-03-03 06:24:16 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll

2011-03-03 06:21:57 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe

2011-03-03 05:36:16 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe

2011-03-03 03:52:08 3135488 ----a-w- C:\Windows\System32\win32k.sys

2011-02-25 06:19:30 2871808 ----a-w- C:\Windows\explorer.exe

2011-02-25 05:30:54 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe

2011-02-24 06:15:44 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2011-02-24 05:38:54 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2011-02-23 04:56:31 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-02-23 04:56:27 467456 ----a-w- C:\Windows\System32\drivers\srv.sys

2011-02-23 04:56:03 411648 ----a-w- C:\Windows\System32\drivers\srv2.sys

2011-02-23 04:55:47 167936 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2011-02-23 04:55:12 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-02-23 04:55:12 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2011-02-23 04:55:04 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys

.

============= FINISH: 11:01:34.13 ===============

Link to post
Share on other sites

I have been batteling an ongoing issue with World of Warcraft that started after I accidently upgraded to IE9. I was unable to launch the "launcher" program because it was unable to connect to the server (launcher cannot obtain patching information). This started a long oddyssry that led me here.

When I loaded MBAB, it said I needed to update my database which resulted in the following error -

PROGRAM_ERROR_UPDATING (12004, 0, WinHttpOpen)

I searched theforums for the 12004 error and didn't see any references which is odd.

I validated that Windows Firewall was turned off

I previously had McAfee antivirus installed, but it was removed 2 days ago to ensure it was not interfeering with the wow launcher. I cannot reinstall it now because it won't contact the server for the download.

I have validated via my laptop that nothing is being blocked from the ISP. I can run both the wow launcher and MBAM without issue.

Windows 7 SP1 (64bit) (fully updated)

MBAM 1.50.1.1100

Database version 5363 (12/20/2010)

Below is a DDS log

.

DDS (Ver_11-05-19.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by Dave at 11:00:58 on 2011-05-20

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6142.4629 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files (x86)\CyberLink\Shared Files\brs.exe

C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil64_10_3_162_ActiveX.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0FX3B27R\dds.scr

C:\Windows\SysWOW64\WSCRIPT.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://murderbynumbers.guildomatic.com/

uSearch Bar = Preserve

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

uRun: [McAfee McItInfo] C:\Users\Dave\AppData\Local\Temp\mcitinfo_1305765481.exe /itinsfin:C:\Users\Dave\AppData\Local\Temp\mcininfo_1305765481.ini

mRun: [updatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0"

mRun: [updatePSTShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe

mRun: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"

mRun: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

Trusted Zone: com.tw\asia.msi

Trusted Zone: com.tw\global.msi

Trusted Zone: com.tw\www.msi

Trusted Zone: microsoft.com\oas.support

Trusted Zone: microsoft.com\support

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll

mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

mRun-x64: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

.

============= SERVICES / DRIVERS ===============

.

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2009-11-12 210216]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-7 378472]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-18 2218600]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-05-20 14:59:44 -------- d-----w- C:\Windows\System32\SPReview

2011-05-20 14:59:10 -------- d-----w- C:\Windows\System32\EventProviders

2011-05-20 14:36:12 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll

2011-05-20 14:36:12 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe

2011-05-20 14:36:11 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll

2011-05-20 14:36:06 856576 ----a-w- C:\Windows\SysWow64\FirewallControlPanel.dll

2011-05-20 14:36:05 5066752 ----a-w- C:\Windows\SysWow64\AuthFWSnapin.dll

2011-05-20 14:33:35 778752 ----a-w- C:\Windows\System32\mssvp.dll

2011-05-20 14:32:59 98304 ----a-w- C:\Program Files\Common Files\System\msadc\msadcs.dll

2011-05-20 14:31:58 359936 ----a-w- C:\Windows\System32\eudcedit.exe

2011-05-20 14:06:42 6881600 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2011-05-20 14:06:34 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{040D55D3-6BC3-41DB-863C-2D86F5733198}\mpengine.dll

2011-05-19 02:06:04 -------- d-----w- C:\$WINDOWS.~LS

2011-05-19 02:05:23 -------- d-----w- C:\$UPGRADE.~OS

2011-05-19 01:48:52 -------- d-----w- C:\Users\Dave\AppData\Roaming\Malwarebytes

2011-05-19 01:48:44 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-05-19 01:48:44 -------- d-----w- C:\ProgramData\Malwarebytes

2011-05-19 01:48:41 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-05-19 01:48:41 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-05-18 20:29:21 -------- d-----w- C:\Program Files\Microsoft IntelliPoint

2011-05-18 16:42:23 -------- d-----w- C:\Windows\SysWow64\RTCOM

2011-05-18 15:18:49 -------- d-----w- C:\Program Files (x86)\GIGABYTE

2011-05-18 15:18:20 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll

2011-05-18 15:18:20 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe

2011-05-18 15:18:20 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll

2011-05-18 15:18:20 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll

2011-05-18 15:18:19 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll

2011-05-18 15:18:19 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe

2011-05-18 15:18:19 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll

2011-05-18 15:18:18 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll

2011-05-18 14:13:17 -------- d-----w- C:\Users\Dave\AppData\Local\Microsoft Games

2011-05-18 13:54:12 142336 ----a-w- C:\Windows\System32\poqexec.exe

2011-05-18 13:54:12 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe

2011-05-18 13:53:51 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll

2011-05-18 13:53:51 219136 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2011-05-18 13:53:51 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2011-05-18 13:53:51 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2011-05-11 00:16:37 5562240 ----a-w- C:\Windows\System32\ntoskrnl.exe

2011-05-11 00:16:36 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2011-05-11 00:16:36 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2011-05-11 00:16:32 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2011-05-11 00:16:32 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys

2011-05-11 00:16:32 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2011-05-11 00:16:32 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2011-05-11 00:16:32 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2011-05-11 00:16:32 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2011-05-11 00:16:32 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2011-04-27 00:07:41 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2011-04-27 00:07:41 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll

2011-04-27 00:07:40 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe

2011-04-27 00:07:40 31232 ----a-w- C:\Windows\System32\prevhost.exe

.

==================== Find3M ====================

.

2011-05-20 15:07:14 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2011-05-20 15:07:13 175616 ----a-w- C:\Windows\System32\msclmd.dll

2011-05-18 15:19:06 25640 ----a-w- C:\Windows\gdrv.sys

2011-04-13 20:04:38 45432 ----a-w- C:\Windows\System32\drivers\point64.sys

2011-04-09 04:00:28 464896 ----a-w- C:\Windows\System32\ipcoin815.dll

2011-04-09 04:00:20 47616 ----a-w- C:\Windows\System32\drivers\dc3d.sys

2011-04-08 04:19:16 2582120 ----a-w- C:\Windows\System32\nvsvcr.dll

2011-04-08 04:19:16 117864 ----a-w- C:\Windows\System32\nvmctray.dll

2011-04-08 04:19:16 1012328 ----a-w- C:\Windows\System32\nvvsvc.exe

2011-04-08 04:19:14 797288 ----a-w- C:\Windows\System32\easyUpdatusAPIU64.dll

2011-04-08 04:19:06 6338152 ----a-w- C:\Windows\System32\nvcpl.dll

2011-04-08 04:18:42 3041384 ----a-w- C:\Windows\System32\nvsvc64.dll

2011-03-11 06:41:37 189824 ----a-w- C:\Windows\System32\drivers\storport.sys

2011-03-11 06:41:34 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys

2011-03-11 06:41:34 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2011-03-11 06:41:34 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys

2011-03-11 06:41:26 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys

2011-03-11 06:41:12 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys

2011-03-11 06:41:12 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys

2011-03-11 06:34:51 1359872 ----a-w- C:\Windows\System32\mfc42u.dll

2011-03-11 06:34:50 1395712 ----a-w- C:\Windows\System32\mfc42.dll

2011-03-11 06:33:29 2565632 ----a-w- C:\Windows\System32\esent.dll

2011-03-11 06:30:28 96768 ----a-w- C:\Windows\System32\fsutil.exe

2011-03-11 05:33:59 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll

2011-03-11 05:33:59 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll

2011-03-11 05:33:09 1699328 ----a-w- C:\Windows\SysWow64\esent.dll

2011-03-11 05:31:07 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe

2011-03-08 06:29:32 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-03-08 05:28:29 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2011-03-05 07:02:48 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll

2011-03-04 06:19:28 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2011-03-04 06:19:27 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2011-03-03 06:24:16 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll

2011-03-03 06:21:57 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe

2011-03-03 05:36:16 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe

2011-03-03 03:52:08 3135488 ----a-w- C:\Windows\System32\win32k.sys

2011-02-25 06:19:30 2871808 ----a-w- C:\Windows\explorer.exe

2011-02-25 05:30:54 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe

2011-02-24 06:15:44 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2011-02-24 05:38:54 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2011-02-23 04:56:31 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-02-23 04:56:27 467456 ----a-w- C:\Windows\System32\drivers\srv.sys

2011-02-23 04:56:03 411648 ----a-w- C:\Windows\System32\drivers\srv2.sys

2011-02-23 04:55:47 167936 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2011-02-23 04:55:12 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-02-23 04:55:12 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2011-02-23 04:55:04 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys

.

============= FINISH: 11:01:34.13 ===============

Link to post
Share on other sites

Sadly, I figured this out after tracing down the error message I got when I failed to install Google Chrome

Error code = 0x80072ee4

After a lot of seaching it turned out I had a corrupted winsock. I fixed it doing a reset

netsh winsock reset

you need to have admin rights in a command shell to do this. In windows 7, there are a few ways to do this but the easiest I found was to hit the Start button, type "CMD" in the search programs and files, and then hit <ctrl> <shift> <enter>, this forces admin rights on the program. I executed the winsock reset and rebooted. Everything worked Fine.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.