Jump to content

Possible infection?


Recommended Posts

Alright, so I have been very diligent in keeping my PC clean. Mbam, HJT, Comodo, CC cleaner.. THE WORKS. For some reason about a month or two ago, my computer has been hanging on after starting up and sometimes I would get an error message mentioning a DLL that couldn't load. I figured my PC took a dump.. w/e. now here is the deal, i am getting sick and tired of this crap. applications wont load sometimes or the computer will hang endlessly. im talking opening a window, nothing happening. i try another application and it doesnt do anything. i can keep opening things but nothing happens. could it be bad ram?

help? a few more of these and im taking my crowbar to the mother board and starting new...

thanks

MBAM

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7548

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

8/23/2011 8:33:05 PM

mbam-log-2011-08-23 (20-33-05).txt

Scan type: Quick scan

Objects scanned: 205887

Time elapsed: 12 minute(s), 16 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS

.

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22

Run by Robert Baron at 20:33:36 on 2011-08-23

.

============== Running Processes ===============

.

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Connection Wizard,ShellNext = hxxp://wapp.verizon.net/bookmarks/bmredir.asp?region=all&bw=dsl&cd=7.0MSN&bm=ms_home

uInternet Settings,ProxyOverride = *.local

mURLSearchHooks: H - No File

mWinlogon: Userinit=c:\windows\system32\userinit.exe

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi\volume panel\VolPanel.exe" /r

mRun: [AudioDrvEmulator] "c:\program files\creative\shared files\module loader\dllml.exe" -1 audiodrvemulator "c:\program files\creative\shared files\module loader\audio emulator\AudDrvEm.dll"

mRun: [Lachesis] c:\program files\razer\lachesis\razerhid.exe

mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui

mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter

mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe

mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"

mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"

mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet

mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h

mRun: [Dell QuickSet] c:\program files\dell\quickset\Quickset.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{25387BA8-2946-4555-93E4-59BCAE957D01} : DhcpNameServer = 192.168.1.1 192.168.1.1

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll

AppInit_DLLs: c:\windows\system32\guard32.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\robert baron\application data\mozilla\firefox\profiles\5tmcmz2o.default\

FF - prefs.js: browser.search.selectedEngine - FilesTube

FF - prefs.js: browser.startup.homepage - www.google.com

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=

FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\sony\media go\npmediago.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

============= SERVICES / DRIVERS ===============

.

R? appliandMP;appliandMP

R? ASPI;Advanced SCSI Programming Interface Driver

R? BTCFilterService;USB Networking Driver Filter Service

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? cpuz130;cpuz130

R? cpuz135;cpuz135

R? Futuremark SystemInfo Service;Futuremark SystemInfo Service

R? McrdSvc;Media Center Extender Service

R? motccgp;Motorola USB Composite Device Driver

R? motccgpfl;MotCcgpFlService

R? Motousbnet;Motorola USB Networking Driver Service

R? motusbdevice;Motorola USB Dev Driver

R? PsSdk41;PsSdk41

R? SASENUM;SASENUM

R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0

S? aswFsBlk;aswFsBlk

S? aswSnx;aswSnx

S? aswSP;aswSP

S? avast! Antivirus;avast! Antivirus

S? cmdAgent;COMODO Internet Security Helper Service

S? cmdGuard;COMODO Internet Security Sandbox Driver

S? cmdHlp;COMODO Internet Security Helper Driver

S? cpuz132;cpuz132

S? LachesisFltr;Lachesis Mouse Driver

S? LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver

S? LGVirHid;Logitech Gamepanel Virtual HID Device Driver

S? NVHDA;Service for NVIDIA High Definition Audio Driver

S? nvUpdatusService;NVIDIA Update Service Daemon

S? SASDIFSV;SASDIFSV

S? SASKUTIL;SASKUTIL

.

=============== Created Last 30 ================

.

2011-08-11 01:25:16 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys

2011-08-11 01:24:09 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys

2011-08-05 00:44:11 -------- d-----w- C:\!KillBox

2011-08-04 22:24:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-08-04 22:24:36 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-04 22:24:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-08-04 01:41:44 -------- d-----w- c:\windows\5ELT08GNV2AIPX4C

2011-07-31 14:25:02 -------- d-sh--w- C:\found.001

.

==================== Find3M ====================

.

2011-08-22 21:12:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-07-10 15:35:57 0 ----a-w- c:\documents and settings\robert baron\ntuser.tmp

2011-07-10 01:03:14 140024 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-07-10 01:03:04 280768 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-07-10 01:03:04 280768 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-07-09 21:39:10 280768 ----a-w- c:\windows\system32\PnkBstrB.ex0

2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys

2011-07-04 11:43:53 40112 ----a-w- c:\windows\avastSS.scr

2011-07-04 11:36:43 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-07-02 00:53:31 273344 ----a-w- c:\windows\system32\nvdrsdb0.bin

2011-07-02 00:53:31 1 ----a-w- c:\windows\system32\nvdrssel.bin

2011-07-02 00:53:29 273344 ----a-w- c:\windows\system32\nvdrsdb1.bin

2011-06-30 13:38:14 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2011-06-30 13:38:14 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2011-06-30 13:38:12 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys

2011-06-30 13:37:26 285256 ----a-w- c:\windows\system32\guard32.dll

2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2011-06-21 18:45:58 832512 ----a-w- c:\windows\system32\wininet.dll

2011-06-21 18:45:57 78336 ----a-w- c:\windows\system32\ieencode.dll

2011-06-21 18:45:57 1830912 ----a-w- c:\windows\system32\inetcpl.cpl

2011-06-21 18:45:57 17408 ------w- c:\windows\system32\corpol.dll

2011-06-21 11:47:20 389120 ----a-w- c:\windows\system32\html.iec

2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys

.

============= FINISH: 20:40:03.46 ===============

DDS ATTACH

.

==== Installed Programs ======================

.

7-Zip 4.57

AC-3 ACM Codec

Adobe Bridge 1.0

Adobe Common File Installer

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Photoshop CS2

Advanced Decoder Patch

Amazon MP3 Downloader 1.0.12

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Audacity 1.2.6

avast! Free Antivirus

AviSynth 2.5

Banctec Service Agreement

Bandisoft MPEG-1 Decoder

BioShock 2

Bonjour

Broadcom Management Programs

Browser Address Error Redirector

Bulletstorm

Business Contact Manager for Outlook 2007 SP2

Call of Duty® - World at War 1.1 Patch

Call of Duty® - World at War 1.2 Patch

Call of Duty® - World at War 1.4 Patch

Call of Duty® - World at War 1.5 Patch

Call of Duty® - World at War 1.6 Patch

Call of Duty® 4 - Modern Warfare 1.6 Patch

Call of Duty® 4 - Modern Warfare 1.7 Patch

CamStudio

CanoScan LiDE 600F

CCleaner

CDisplay 1.8

Cheat Engine 6.0

Command & Conquer The First Decade

COMODO Internet Security

Company of Heroes

Company of Heroes: Tales of Valor

Conexant D850 56K V.92 DFVc Modem

Counter-Strike: Source

CPUID CPU-Z 1.53.1

Creative MediaSource

Critical Update for Windows Media Player 11 (KB959772)

Dead Space

Dead Space™ 2

Defraggler

Dell DataSafe Online

Dell Support Center (Support Software)

Dell System Restore

Diablo II

Digital Line Detect

DivX Codec

DivX Converter

DivX Player

DivX Plus DirectShow Filters

DivX Web Player

Documentation & Support Launcher

Dual-Core Optimizer

Duke Nukem Forever

DVD Decrypter (Remove Only)

DVD Shrink 3.2

Empire: Total War

FLV Player

FLV Player 2.0 (build 25)

Foxit Reader

FoxyTunes for Firefox

Fraps

Futuremark SystemInfo

Games, Music, & Photos Launcher

GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)

GoToAssist 8.0.0.514

High Definition Audio Driver Package - KB835221

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

ImgBurn

Internet Service Offers Launcher

iTunes

Java Auto Updater

Java 6 Update 22

LAME v3.98.3 for Audacity

Logitech GamePanel Software 3.06.109

Malwarebytes' Anti-Malware version 1.51.1.1800

Media Go

Media Go Video Playback Engine 1.64.103.02270

MediaCoder 2011

MediaCoder PSP Edition

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Games for Windows - LIVE

Microsoft Games for Windows - LIVE Redistributable

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft National Language Support Downlevel APIs

Microsoft Office 2003 Web Components

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Small Business 2007

Microsoft Office Small Business Connectivity Components

Microsoft Office Word MUI (English) 2007

Microsoft Plus! Digital Media Edition Installer

Microsoft Plus! Photo Story 2 LE

Microsoft Software Update for Web Folders (English) 12

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft XNA Framework Redistributable 4.0

Modem Helper

MSN

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB973686)

NetWaiting

NVIDIA Control Panel 275.33

NVIDIA Graphics Driver 275.33

NVIDIA HD Audio Driver 1.2.23.3

NVIDIA Install Application

NVIDIA nView 135.85

NVIDIA nView Desktop Manager

NVIDIA PhysX

NVIDIA PhysX System Software 9.10.0514

NVIDIA Update 1.3.5

NVIDIA Update Components

OpenAL

PlayStation®Network Downloader

PlayStation®Store

Poker Night at the Inventory

Portal 2

Postal Fudge Pack

PowerDVD

PunkBuster Services

QuickSet

QuickTime

RAD Video Tools

Razer Lachesis

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2509488)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft Office 2007 System (KB2541012)

Security Update for Microsoft Office Excel 2007 (KB2541007)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office Word 2007 (KB2344993)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2530548)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2559049)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB974455)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB978207)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Singularity

Skype web features

Sonic CinePlayer Decoder Pack

Sonic Encoders

Sony Sound Forge 7.0

Sound Blaster X-Fi

Source SDK Base

Source SDK Base - Orange Box

Speccy

SpeedFan (remove only)

Spybot - Search & Destroy

SpywareBlaster 4.1

StarCraft II

Steam

SUPERAntiSpyware Free Edition

Swiff Player 1.5

System Requirements Lab

System Requirements Lab CYRI

Terraria

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Outlook 2007 (KB2509470)

Update for Outlook 2007 Junk Email Filter (KB2586924)

Update for Windows Internet Explorer 7 (KB976749)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows Media Player 10 (KB910393)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

VC 9.0 Runtime

VC80CRTRedist - 8.0.50727.762

Verizon High Speed Internet

Verizon Online Help and Support

Videora iPod Converter 5.03

VLC media player 0.9.9

WD Diagnostics

WebFldrs XP

Windows 7 Upgrade Advisor

Windows Driver Package - MOTOROLA (uisp) USB (09/08/2006 1.2.0.0)

Windows Driver Package - Razer (HidUsb) HIDClass (05/10/2007 1.00)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Installer 3.1 (KB893803)

Windows Installer Clean Up

Windows Live ID Sign-in Assistant

Windows Media Format 11 runtime

Windows Media Player 10

Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]

Windows Media Player 11

Windows Media Player Firefox Plugin

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB908246

Windows XP Media Center Edition 2005 KB925766

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

WinRAR archiver

XLink Kai

ZyDAS IEEE 802.11 b+g Wireless LAN - USB

.

==== End Of File ===========================

hijackthis8-23-11.txt

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Hi Screen317,

Please see below for the MBAM log and DDS/attach log. Just a note. I had A LOT of trouble trying to get combofix to work. The first two times it stalled out for 20 minutes and I rebooted. The third time it created duplicate windows and stalled again. The 4th time it worked and i got the below errors as it was running:

http://imageshack.us/f/402/unled1hqi.jpg/

http://imageshack.us/f/692/unled2arpc.jpg/

(^ God i hate adobe)

Also, at the high 30's early 40's there was a line break saying the following:

"Writing 'bootexample' with data 'autocheck autochk*' failed.

Also, after the reboot NO combofix logs were generated. It said that it was deleting 2 files and 1 folder (sorry, i couldnt screenshot).

This isnt good, is it :(.

MBAM

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7571

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

8/25/2011 10:09:52 PM

mbam-log-2011-08-25 (22-09-52).txt

Scan type: Quick scan

Objects scanned: 206547

Time elapsed: 4 minute(s), 50 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS

.

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22

Run by Robert Baron at 22:49:15 on 2011-08-25

.

============== Running Processes ===============

.

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Connection Wizard,ShellNext = hxxp://wapp.verizon.net/bookmarks/bmredir.asp?region=all&bw=dsl&cd=7.0MSN&bm=ms_home

uInternet Settings,ProxyOverride = *.local

mURLSearchHooks: H - No File

mWinlogon: Userinit=c:\windows\system32\userinit.exe

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi\volume panel\VolPanel.exe" /r

mRun: [AudioDrvEmulator] "c:\program files\creative\shared files\module loader\dllml.exe" -1 audiodrvemulator "c:\program files\creative\shared files\module loader\audio emulator\AudDrvEm.dll"

mRun: [Lachesis] c:\program files\razer\lachesis\razerhid.exe

mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui

mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter

mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe

mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"

mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"

mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet

mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h

mRun: [Dell QuickSet] c:\program files\dell\quickset\Quickset.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{25387BA8-2946-4555-93E4-59BCAE957D01} : DhcpNameServer = 192.168.1.1 192.168.1.1

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\robert baron\application data\mozilla\firefox\profiles\5tmcmz2o.default\

FF - prefs.js: browser.search.selectedEngine - FilesTube

FF - prefs.js: browser.startup.homepage - www.google.com

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=

FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll

FF - plugin: c:\program files\sony\media go\npmediago.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false

============= SERVICES / DRIVERS ===============

.

R? appliandMP;appliandMP

R? ASPI;Advanced SCSI Programming Interface Driver

R? BTCFilterService;USB Networking Driver Filter Service

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? cpuz130;cpuz130

R? cpuz135;cpuz135

R? Futuremark SystemInfo Service;Futuremark SystemInfo Service

R? McrdSvc;Media Center Extender Service

R? motccgp;Motorola USB Composite Device Driver

R? motccgpfl;MotCcgpFlService

R? Motousbnet;Motorola USB Networking Driver Service

R? motusbdevice;Motorola USB Dev Driver

R? PsSdk41;PsSdk41

R? SASENUM;SASENUM

R? vkquwexg;vkquwexg

R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0

S? aswFsBlk;aswFsBlk

S? aswSnx;aswSnx

S? aswSP;aswSP

S? avast! Antivirus;avast! Antivirus

S? cmdAgent;COMODO Internet Security Helper Service

S? cmdGuard;COMODO Internet Security Sandbox Driver

S? cmdHlp;COMODO Internet Security Helper Driver

S? cpuz132;cpuz132

S? LachesisFltr;Lachesis Mouse Driver

S? LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver

S? LGVirHid;Logitech Gamepanel Virtual HID Device Driver

S? NVHDA;Service for NVIDIA High Definition Audio Driver

S? nvUpdatusService;NVIDIA Update Service Daemon

S? SASDIFSV;SASDIFSV

S? SASKUTIL;SASKUTIL

.

=============== Created Last 30 ================

.

2011-08-26 02:26:32 -------- d-s---w- C:\ComboFix

2011-08-11 01:25:16 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys

2011-08-11 01:24:09 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys

2011-08-05 00:44:11 -------- d-----w- C:\!KillBox

2011-08-04 22:24:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-08-04 22:24:36 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-04 22:24:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-08-04 01:41:44 -------- d-----w- c:\windows\5ELT08GNV2AIPX4C

2011-07-31 14:25:02 -------- d-sh--w- C:\found.001

.

==================== Find3M ====================

.

2011-08-22 21:12:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-07-10 01:03:14 140024 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-07-10 01:03:04 280768 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-07-10 01:03:04 280768 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-07-09 21:39:10 280768 ----a-w- c:\windows\system32\PnkBstrB.ex0

2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys

2011-07-04 11:43:53 40112 ----a-w- c:\windows\avastSS.scr

2011-07-04 11:36:43 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-07-02 00:53:31 273344 ----a-w- c:\windows\system32\nvdrsdb0.bin

2011-07-02 00:53:31 1 ----a-w- c:\windows\system32\nvdrssel.bin

2011-07-02 00:53:29 273344 ----a-w- c:\windows\system32\nvdrsdb1.bin

2011-06-30 13:38:14 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2011-06-30 13:38:14 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2011-06-30 13:38:12 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys

2011-06-30 13:37:26 285256 ----a-w- c:\windows\system32\guard32.dll

2011-06-26 06:45:56 256000 ----a-w- c:\windows\PEV.exe

2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2011-06-21 18:45:58 832512 ----a-w- c:\windows\system32\wininet.dll

2011-06-21 18:45:57 78336 ----a-w- c:\windows\system32\ieencode.dll

2011-06-21 18:45:57 1830912 ----a-w- c:\windows\system32\inetcpl.cpl

2011-06-21 18:45:57 17408 ------w- c:\windows\system32\corpol.dll

2011-06-21 11:47:20 389120 ----a-w- c:\windows\system32\html.iec

2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys

.

============= FINISH: 22:52:57.40 ===============

ATTACH

.

==== Installed Programs ======================

.

7-Zip 4.57

AC-3 ACM Codec

Adobe Bridge 1.0

Adobe Common File Installer

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Photoshop CS2

Advanced Decoder Patch

Amazon MP3 Downloader 1.0.12

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Audacity 1.2.6

avast! Free Antivirus

AviSynth 2.5

Banctec Service Agreement

Bandisoft MPEG-1 Decoder

BioShock 2

Bonjour

Broadcom Management Programs

Browser Address Error Redirector

Bulletstorm

Business Contact Manager for Outlook 2007 SP2

Call of Duty® - World at War 1.1 Patch

Call of Duty® - World at War 1.2 Patch

Call of Duty® - World at War 1.4 Patch

Call of Duty® - World at War 1.5 Patch

Call of Duty® - World at War 1.6 Patch

Call of Duty® 4 - Modern Warfare 1.6 Patch

Call of Duty® 4 - Modern Warfare 1.7 Patch

CamStudio

CanoScan LiDE 600F

CCleaner

CDisplay 1.8

Cheat Engine 6.0

Command & Conquer The First Decade

COMODO Internet Security

Company of Heroes

Company of Heroes: Tales of Valor

Conexant D850 56K V.92 DFVc Modem

Counter-Strike: Source

CPUID CPU-Z 1.53.1

Creative MediaSource

Critical Update for Windows Media Player 11 (KB959772)

DarthMod Ultimate Commander Edition

DarthMod Ultimate Commander Edition

Dead Space

Dead Space™ 2

Defraggler

Dell DataSafe Online

Dell Support Center (Support Software)

Dell System Restore

Diablo II

Digital Line Detect

DivX Codec

DivX Converter

DivX Player

DivX Plus DirectShow Filters

DivX Web Player

Documentation & Support Launcher

Dual-Core Optimizer

Duke Nukem Forever

DVD Decrypter (Remove Only)

DVD Shrink 3.2

Empire: Total War

FLV Player

FLV Player 2.0 (build 25)

Foxit Reader

FoxyTunes for Firefox

Fraps

Futuremark SystemInfo

Games, Music, & Photos Launcher

GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)

GoToAssist 8.0.0.514

High Definition Audio Driver Package - KB835221

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

ImgBurn

Internet Service Offers Launcher

iTunes

Java Auto Updater

Java 6 Update 22

LAME v3.98.3 for Audacity

Logitech GamePanel Software 3.06.109

Malwarebytes' Anti-Malware version 1.51.1.1800

Media Go

Media Go Video Playback Engine 1.64.103.02270

MediaCoder 2011

MediaCoder PSP Edition

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Games for Windows - LIVE

Microsoft Games for Windows - LIVE Redistributable

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft National Language Support Downlevel APIs

Microsoft Office 2003 Web Components

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Small Business 2007

Microsoft Office Small Business Connectivity Components

Microsoft Office Word MUI (English) 2007

Microsoft Plus! Digital Media Edition Installer

Microsoft Plus! Photo Story 2 LE

Microsoft Software Update for Web Folders (English) 12

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft VC9 runtime libraries

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft XNA Framework Redistributable 4.0

Modem Helper

MSN

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB973686)

NetWaiting

NVIDIA Control Panel 275.33

NVIDIA Graphics Driver 275.33

NVIDIA HD Audio Driver 1.2.23.3

NVIDIA Install Application

NVIDIA nView 135.85

NVIDIA nView Desktop Manager

NVIDIA PhysX

NVIDIA PhysX System Software 9.10.0514

NVIDIA Update 1.3.5

NVIDIA Update Components

OpenAL

PlayStation®Network Downloader

PlayStation®Store

Poker Night at the Inventory

Portal 2

Postal Fudge Pack

PowerDVD

PunkBuster Services

QuickSet

QuickTime

RAD Video Tools

Razer Lachesis

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2509488)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft Office 2007 System (KB2541012)

Security Update for Microsoft Office Excel 2007 (KB2541007)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office Word 2007 (KB2344993)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2530548)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2559049)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB974455)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB978207)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Singularity

Skype web features

Sonic CinePlayer Decoder Pack

Sonic Encoders

Sony Sound Forge 7.0

Sound Blaster X-Fi

Source SDK Base

Source SDK Base - Orange Box

Speccy

SpeedFan (remove only)

Spybot - Search & Destroy

SpywareBlaster 4.1

StarCraft II

Steam

SUPERAntiSpyware Free Edition

Swiff Player 1.5

System Requirements Lab

System Requirements Lab CYRI

Terraria

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Outlook 2007 (KB2509470)

Update for Outlook 2007 Junk Email Filter (KB2586924)

Update for Windows Internet Explorer 7 (KB976749)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows Media Player 10 (KB910393)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

VC 9.0 Runtime

VC80CRTRedist - 8.0.50727.762

Verizon High Speed Internet

Verizon Online Help and Support

Videora iPod Converter 5.03

VLC media player 0.9.9

WD Diagnostics

WebFldrs XP

Windows 7 Upgrade Advisor

Windows Driver Package - MOTOROLA (uisp) USB (09/08/2006 1.2.0.0)

Windows Driver Package - Razer (HidUsb) HIDClass (05/10/2007 1.00)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Installer 3.1 (KB893803)

Windows Installer Clean Up

Windows Live ID Sign-in Assistant

Windows Media Format 11 runtime

Windows Media Player 10

Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]

Windows Media Player 11

Windows Media Player Firefox Plugin

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB908246

Windows XP Media Center Edition 2005 KB925766

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

WinRAR archiver

XLink Kai

ZyDAS IEEE 802.11 b+g Wireless LAN - USB

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Delete your copy of ComboFix. Grab a fresh copy and save it to your Desktop, but do not run it yet. Before you download it, rename it to sega.com

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).

Click Start --> Run, and enter this command exactly as shown:

"%userprofile%\desktop\sega.com" /killall /nombr

See if it will run successfully now. Stop it after half an hour of no activity.

Link to post
Share on other sites

Done and done. Just an fyi, I needed to add ".exe" to the end of "sega.com". When i tried it otherwise, it said it couldnt find the path. Scan went fine in safe mode.

"%userprofile%\desktop\sega.com.exe" /killall /nombr

Attached is the log. Also, on a side note. I know some commands "Run commands" back from my early computer days, Apple II's and other fun stuff (5" floppy's FTW!!!!). Could you explain what /killall and /nombr do? Or, could you point me in the direction of an FAQ so I could learn them on a command line as well? More knowledge couldn't hurt :).

Many thanks and I hope the hurricane Irene didn't hit you. I had water damage :(.

Have a nice night!

ComboFix.txt

Link to post
Share on other sites

  • Staff

Unfortunately I cannot tell you all of that. ComboFix is only to be used by trained analysts and I cannot reveal what its switches do. Let's just say we did that to make ComboFix work in your case.

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

Hi,

So I tried to initiate a on Eset Scanner but it tells be it cant download the database due to proxy settings. I don't know that much about networking and am very hesitant of messing with that stuff. Is there an alternative?

I tried security check It gets to "preparing" and then gets the following error:

AutoIt error

Line-1:

Error: Variable must be of type "Object"

:(.

I don't think applications are hanging anymore. Did combofix remove something?

Thanks for your help thus far. I guess if you think everything is fine, I should be in the clear but the only thing that is annoying left is i keep getting MsiInstall.exe popping up from time to time. Im 90% sure its due to EA download manager (EADM) that i removed before but it keeps trying to re-install (very annoying when you are watching a movie/playing a game as it brings everything to the desktop)

Here are the errors from the Event viewer:

Detection of product '{EF7E931D-DC84-471B-8DB6-A83358095474}', feature 'Core_Common' failed during request for component '{0CDA3A4B-E3DC-4BDF-AA7E-00A8BF476602}'

Detection of product '{EF7E931D-DC84-471B-8DB6-A83358095474}', feature 'Core_Common', component '{EE845337-D49F-4E34-9573-95EC82ECE355}' failed. The resource 'C:\Program Files\Electronic Arts\EADM\html\' does not exist.

My logfile is LITTERED with this garbage. Is there anyway to completely kill this registry or stop it entirely?

THANKS!!!!!

.

Link to post
Share on other sites

  • Staff

Hi,

Let's address one issue at a time.

Please delete your copy of ComboFix, download the latest version from here, and save it to your Desktop. Do not run it yet.

Next, please open Notepad - don't use any other text editor than notepad or the script will fail.

Copy/paste the text in the box below into Notepad:

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7777:TCP"=-
"7777:UDP"=-
"28900:TCP"=-
"27900:UDP"=-
"28910:TCP"=-
"6500:UDP"=-
"9989:UDP"=-
KILLALL::
DDS::
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

Save this as CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

CFScriptB-4.gif

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new DDS log.

-screen317

Link to post
Share on other sites

  • Staff

Hi,

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :regfind
    "Electronic Arts"
    :filefind:
    "Electronic Arts"
    :folderfind
    "Electronic Arts"


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Link to post
Share on other sites

Hi,

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :regfind
    "Electronic Arts"
    :filefind:
    "Electronic Arts"
    :folderfind
    "Electronic Arts"


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

here you go:

SystemLook.txt

Link to post
Share on other sites

Here is a screenshot of the event viewer:

http://imageshack.us/f/690/eventviewermsi.jpg/

Here is what all of the MSIinstaller events say:

Detection of product '{EF7E931D-DC84-471B-8DB6-A83358095474}', feature 'Core_Common' failed during request for component '{0CDA3A4B-E3DC-4BDF-AA7E-00A8BF476602}'

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Detection of product '{EF7E931D-DC84-471B-8DB6-A83358095474}', feature 'Core_Common', component '{EE845337-D49F-4E34-9573-95EC82ECE355}' failed. The resource 'C:\Program Files\Electronic Arts\EADM\html\' does not exist.
Beginning a Windows Installer transaction: {EF7E931D-DC84-471B-8DB6-A83358095474}. Client Process Id: 1740.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Ending a Windows Installer transaction: {EF7E931D-DC84-471B-8DB6-A83358095474}. Client Process Id: 1740.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Link to post
Share on other sites

  • Staff

Hi,

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :regfind
    EF7E931D-DC84-471B-8DB6-A83358095474


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Link to post
Share on other sites

Here is the info:

SystemLook 30.07.11 by jpshortstuff

Log created at 18:06 on 17/09/2011 by Robert Baron

Administrator - Failed to adjust privileges

========== regfind ==========

Searching for "EF7E931D-DC84-471B-8DB6-A83358095474"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EF7E931D-DC84-471B-8DB6-A83358095474}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]

"C:\WINDOWS\Installer\{EF7E931D-DC84-471B-8DB6-A83358095474}\"=""

-= EOF =-

also, bad news. I can no longer install ANYTHING. i had a new vid card driver I tried to update and now am getting the following message anytime i install:

The Windows installer service cannot be accessed. This can occur if the windows installer is not correctly installed. Contact your support personnel for assistance.

:angry::angry::angry::angry::angry::angry::angry::angry::angry:

help?

Link to post
Share on other sites

Here are the fun and new pains in my ass: (taken from the event viewer descriptions)

The description for Event ID ( 1015 ) in Source ( MsiInstaller ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: 0x800706BA, (NULL), (NULL), (NULL), (NULL), , .
The description for Event ID ( 1042 ) in Source ( MsiInstaller ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: {EF7E931D-DC84-471B-8DB6-A83358095474}, 676, (NULL), (NULL), (NULL), , .
The description for Event ID ( 1040 ) in Source ( MsiInstaller ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: {EF7E931D-DC84-471B-8DB6-A83358095474}, 676, (NULL), (NULL), (NULL), , .

wth is going on with this machine???? please help?

Link to post
Share on other sites

  • Staff

Hi,

First, please back your Registry with ERUNT.

  • Please use the following link and scroll down to ERUNT and download it.
    http://aumha.org/freeware/freeware.php
  • For version with the Installer:
    Use the setup program to install ERUNT on your computer
  • For the zipped version:
    Unzip all the files into a folder of your choice.

Click Erunt.exe to backup your registry to the folder of your choice.

Note: to restore your registry, go to the folder and start ERDNT.exe

Please open Notepad. Copy and paste the following text (starting with REGEDIT4) into the Notepad document.

Navigate to File --> Save As..., and save the file as Fix.reg (make sure the Save As Type is set to All Files).

Save it to your Desktop.

REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EF7E931D-DC84-471B-8DB6-A83358095474}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]

"C:\WINDOWS\Installer\{EF7E931D-DC84-471B-8DB6-A83358095474}\"=-

Now navigate to your Desktop, and double click fix.reg (Click Yes to the prompt)

Reboot.

Download and run this program from Microsoft:

http://www.microsoft.com/downloads/info.aspx?na=41&srcfamilyid=5a58b56f-60b6-4412-95b9-54d056d6f9f4&srcdisplaylang=en&u=http%3a%2f%2fdownload.microsoft.com%2fdownload%2f2%2f6%2f1%2f261fca42-22c0-4f91-9451-0e0f2e08356d%2fWindowsXP-KB942288-v3-x86.exe

Reboot.

See if applications can install now.

Link to post
Share on other sites

Followed the instructions to the T. I did the fix.reg and it told me that it was adding something to the the registry.. I think it meant the command so that should be fine for now.

I downloaded the hotfix and tried it. It ran very quickly however I got this popup at the end (I dont know if it finished since it went fast).

http://img819.imageshack.us/img819/4011/unled1iku.jpg

Downloaded AIM as a test and it installed. I also uninstalled hamachi and it looked like it still worked.

I checked the event viewer and see these:

The description for Event ID ( 1040 ) in Source ( MsiInstaller ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: C:\WINDOWS\Installer\28035.msi, 3868, (NULL), (NULL), (NULL), , .
The description for Event ID ( 1042 ) in Source ( MsiInstaller ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: C:\WINDOWS\Installer\28035.msi, 3868, (NULL), (NULL), (NULL), , .
The description for Event ID ( 11724 ) in Source ( MsiInstaller ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Product: LogMeIn Hamachi -- Removal completed successfully., (NULL), (NULL), (NULL), (NULL), , .

The description for Event ID ( 1034 ) in Source ( MsiInstaller ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: LogMeIn Hamachi, 2.1.0.124, 1033, 0, (NULL), , .

What do you think?

Link to post
Share on other sites

Hi,

I tried again and keep getting the below error when I try the hotfix:

http://img819.imageshack.us/img819/4011/unled1iku.jpg

Also, anytime I try to install or remove something it is VERY faulty. The below message has occurred in one way/shape/form when i tried installing AIM, Spywareblaster, GIMP, Yahoo messenger and a few other basic programs:

http://img685.imageshack.us/img685/5486/unled1ym.jpg

Is there a more drastic option? It seems like anything touching the Msi installer gets ruined :(. Will a Windows repair fix this?

http://forums.malwarebytes.org/index.php?showtopic=61918

I am in a tight bind with my computer not being able to install/remove things.

Once again, I appreciate all the help and I apologize if this has been a thorn in your side. It means a lot that you are still helping me with my brick.

Thanks

-R3d33m3r

Link to post
Share on other sites

Looks like these are access denied errors and not Windows Installer errors.

What happens if you try installing in Safe Mode?

Went into safe mode and did the following:

Installed AIM, GIMP and Spywareblaster. Hamachi uses .msi so it said that when the computer is in Safe mode windows installer is disabled.

However, I was unable to install Aim, GIMP and spyware blaster before since I would get the above errors.

Thoughts?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.