1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Can't install any antivirus software in Win7 64bit

Discussion in 'General Security' started by Kapustin Yar, Dec 26, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. Kapustin Yar

    Kapustin Yar Thread Starter

    Joined:
    Dec 11, 2008
    Messages:
    855
    Hi People,

    I have a Win7 64bit clean install. I'm trying to install antivirus software but I'm not getting anywhere. First I tried Bitdefender, no joy. I tried three different links. Then I tried Kaspersky. No Joy. The last one I tried is AVG. No joy. All three error msg's say I have corrupt installation files.

    This is the first time I've tried to install AV on 64bit. I've heard that some av applications don't work so well with 64bit. I guess that is the truth. How can I install AV software on win7 64bit?
     
  2. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    lets see if you are infected as that is the usual reason or you already have aan antivirus installed

    follow advice here and post the logs those programs make in your next reply here
     
  3. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,815
    First Name:
    Frank
    I've worked on 2 Windows 7(64-bit) computers and have installed AVG in one of them and Microsoft Security Essentials in the other one and didn't have any problems. Follow dvk01's instructions.

    -----------------------------------------------------------------
     
  4. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    One thing you NEED to do with W7 64bit is download the installer to your downloads folder ( or desktop) & not try to run from the website
     
  5. Kapustin Yar

    Kapustin Yar Thread Starter

    Joined:
    Dec 11, 2008
    Messages:
    855
    Okay, here it is

    Hijack this:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:31:35 AM, on 12/26/2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16700)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - (no file)
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - (no file)
    O4 - HKCU\..\Run: [Uniblue Registry Booster] D:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - (no file)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 4866 bytes


    - the other two are coming soon.
     
  6. Kapustin Yar

    Kapustin Yar Thread Starter

    Joined:
    Dec 11, 2008
    Messages:
    855
    Here is DDS. TXT:

    DDS (Ver_10-12-12.02) - NTFS_AMD64
    Run by Home User at 10:04:50.46 on Sun 12/26/2010
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4095.2672 [GMT -8:00]

    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Home User\Desktop\dds.scr
    C:\Windows\system32\conhost.exe

    ============== Pseudo HJT Report ===============

    mWinlogon: Userinit=userinit.exe
    BHO: {0347C33E-8762-4905-BF09-768834316C61} - No File
    BHO: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - No File
    EB: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    uRun: [Uniblue Registry Booster] D:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522}
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

    ================= FIREFOX ===================

    FF - ProfilePath - C:\Users\HOMEUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\jz068agu.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.mozilla.com/en-US/firefox/3.6.13/firstrun/|http://www.google.com/ig?hl=en&source=iglk
    FF - prefs.js: network.proxy.type - 0
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
    FF - plugin: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: HP Smart Web Printing: [email protected] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF - Ext: HP Smart Web Printing: [email protected] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF - Ext: British English Dictionary: [email protected] - %profile%\extensions\[email protected]

    ============= SERVICES / DRIVERS ===============

    R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 188928]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]
    R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-24 1255736]

    =============== Created Last 30 ================

    2010-12-26 16:33:39 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2010-12-26 16:33:35 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{4D80F0AD-EA1A-479F-BA76-82553CE4755A}\mpengine.dll
    2010-12-26 16:26:36 388096 ----a-r- C:\Users\HOMEUS~1\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2010-12-26 16:26:36 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2010-12-26 08:16:51 -------- d-----w- C:\PROGRA~3\MFAData
    2010-12-26 07:05:18 -------- d-----w- C:\Users\HOMEUS~1\AppData\Roaming\Uniblue
    2010-12-26 04:46:20 -------- d-----w- C:\Users\HOMEUS~1\AppData\Roaming\QuickScan
    2010-12-26 04:33:17 224785 ----a-w- C:\PROGRA~3\bdinstall.bin
    2010-12-26 03:00:00 -------- d-----w- C:\PhotoEd
    2010-12-25 22:44:16 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
    2010-12-25 09:22:01 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
    2010-12-25 09:21:21 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation
    2010-12-25 09:13:12 -------- d-----w- C:\Program Files (x86)\PixAround.com
    2010-12-25 09:13:12 -------- d-----w- C:\Program Files (x86)\Common Files\PixAround.com
    2010-12-25 09:13:12 -------- d-----w- C:\My PixAround
    2010-12-25 09:13:04 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
    2010-12-25 09:13:04 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
    2010-12-25 09:13:04 217088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\IScript.dll
    2010-12-25 09:13:04 217088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
    2010-12-25 09:09:39 6752 ----a-w- C:\Windows\SysWow64\PfModNT.sys
    2010-12-25 09:09:36 105472 ----a-w- C:\Windows\SysWow64\Sfman32.dll
    2010-12-25 09:07:42 -------- d-----w- C:\Program Files (x86)\Creative
    2010-12-25 09:07:41 41984 ----a-w- C:\Windows\CTREGRUN.EXE
    2010-12-25 09:07:34 306688 ----a-w- C:\Windows\IsUninst.exe
    2010-12-25 08:51:54 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    2010-12-25 08:51:52 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{00903572-D396-42B9-8B8E-2789AE7C85FA}\gapaengine.dll
    2010-12-25 08:46:20 -------- d-----w- C:\Windows\pss
    2010-12-25 08:45:37 -------- d-----w- C:\PROGRA~3\WEBREG
    2010-12-25 08:41:29 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
    2010-12-25 08:41:26 -------- d-----w- C:\Program Files\Microsoft Security Client
    2010-12-25 08:41:22 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
    2010-12-25 08:38:02 254464 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfpp083.dll
    2010-12-25 08:35:52 -------- d-----w- C:\Program Files (x86)\Common Files\HP
    2010-12-25 08:35:15 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
    2010-12-25 08:34:53 362328 ----a-w- C:\Windows\System32\hpzids40.dll
    2010-12-25 08:34:51 134144 ----a-w- C:\Windows\System32\hpf3l083.dll
    2010-12-25 08:34:49 966656 ----a-w- C:\Windows\System32\hposwia_d02a.dll
    2010-12-25 08:34:49 761856 ----a-w- C:\Windows\System32\hpost_d02a.dll
    2010-12-25 08:34:49 512512 ----a-w- C:\Windows\System32\hposc_d02a.dll
    2010-12-25 08:34:32 -------- d-----w- C:\Program Files (x86)\HP
    2010-12-25 08:33:27 -------- d-----w- C:\Program Files\HP
    2010-12-25 08:17:16 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2010-12-25 08:17:15 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{BD089675-7D92-4135-880B-460C9A7B4402}\mpengine.dll
    2010-12-25 08:05:21 -------- d-sh--w- C:\Windows\Installer
    2010-12-25 08:02:41 -------- d-----w- C:\Users\HOMEUS~1\AppData\Local\Diagnostics
    2010-12-25 08:01:42 2623488 ----a-w- C:\Windows\3D Realistic Fireplace 2.scr
    2010-12-25 08:01:42 -------- d-----w- C:\Program Files (x86)\3D Realistic Fireplace 2
    2010-12-25 07:56:02 -------- d-----w- C:\Users\HOMEUS~1\AppData\Roaming\URSoft
    2010-12-25 07:55:57 -------- d-----w- C:\Program Files (x86)\Your Uninstaller 2010
    2010-12-24 23:10:39 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
    2010-12-24 23:10:39 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
    2010-12-24 23:10:38 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
    2010-12-24 23:10:38 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
    2010-12-24 23:10:38 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
    2010-12-24 23:10:38 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
    2010-12-24 23:10:33 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
    2010-12-24 23:10:33 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
    2010-12-24 22:40:41 -------- d-----w- C:\Program Files\DVDFab 8
    2010-12-24 22:39:12 -------- d-----w- C:\Program Files (x86)\DVD Shrink
    2010-12-24 21:56:57 -------- d-----w- C:\Windows\SysWow64\Wat
    2010-12-24 21:56:57 -------- d-----w- C:\Windows\System32\Wat
    2010-12-24 05:37:42 311808 ----a-w- C:\Windows\System32\msv1_0.dll
    2010-12-24 05:37:42 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
    2010-12-24 05:33:59 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
    2010-12-24 05:33:59 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
    2010-12-24 05:33:59 48960 ----a-w- C:\Windows\System32\netfxperf.dll
    2010-12-24 05:33:59 444752 ----a-w- C:\Windows\System32\mscoree.dll
    2010-12-24 05:33:59 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
    2010-12-24 05:33:59 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
    2010-12-24 05:33:59 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
    2010-12-24 05:33:59 1942856 ----a-w- C:\Windows\System32\dfshim.dll
    2010-12-24 05:33:59 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
    2010-12-24 05:33:59 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
    2010-12-24 05:28:51 976896 ----a-w- C:\Windows\System32\inetcomm.dll
    2010-12-24 05:27:59 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
    2010-12-24 05:27:59 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    2010-12-24 05:27:59 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
    2010-12-24 05:27:59 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
    2010-12-24 05:27:58 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
    2010-12-24 05:27:58 463360 ----a-w- C:\Windows\System32\drivers\srv.sys
    2010-12-24 05:27:58 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2010-12-24 05:27:58 236032 ----a-w- C:\Windows\System32\srvsvc.dll
    2010-12-24 05:27:58 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2010-12-24 05:27:58 112000 ----a-w- C:\Windows\System32\consent.exe
    2010-12-24 05:11:05 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2010-12-24 04:28:57 220672 ----a-w- C:\Windows\System32\wintrust.dll
    2010-12-24 04:28:57 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2010-12-24 04:28:57 139264 ----a-w- C:\Windows\System32\cabview.dll
    2010-12-24 04:28:57 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
    2010-12-24 04:27:02 -------- d-----w- C:\Users\HOMEUS~1\AppData\Local\VirtualStore
    2010-12-23 22:05:21 -------- d-----w- C:\Windows\Panther
    2010-12-23 21:53:22 -------- d-----w- C:\Windows.old

    ==================== Find3M ====================

    2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll
    2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
    2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll
    2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec
    2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec
    2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
    2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
    2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
    2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
    2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
    2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
    2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
    2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
    2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
    2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
    2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
    2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2010-10-25 05:25:38 72064 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
    2010-10-25 05:25:38 40832 ----a-w- C:\Windows\System32\drivers\MpNWMon.sys
    2010-10-25 05:25:38 188928 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
    2010-10-20 05:20:01 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2010-10-20 03:09:15 3124224 ----a-w- C:\Windows\System32\win32k.sys
    2010-10-20 03:05:46 367104 ----a-w- C:\Windows\System32\atmfd.dll
    2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2010-10-16 21:13:54 5901416 ----a-w- C:\Windows\System32\nvcpl.dll
    2010-10-16 21:13:34 989800 ----a-w- C:\Windows\System32\nvvsvc.exe
    2010-10-16 21:13:34 61032 ----a-w- C:\Windows\System32\nvshext.dll
    2010-10-16 21:13:34 2590824 ----a-w- C:\Windows\System32\nvsvc64.dll
    2010-10-16 21:13:34 116328 ----a-w- C:\Windows\System32\nvmctray.dll
    2010-10-16 05:19:41 395776 ----a-w- C:\Windows\System32\webio.dll
    2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll

    ============= FINISH: 10:04:59.92 ===============
    And Attach.txt:


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/23/2010 8:26:47 PM
    System Uptime: 12/26/2010 8:21:49 AM (0 hours ago)

    Motherboard: ASRock | | M3A770DE
    Processor: AMD Phenom(tm) II X2 550 Processor | CPUSocket | 3093/200mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 75 GiB total, 9.176 GiB free.
    D: is FIXED (NTFS) - 75 GiB total, 19.466 GiB free.
    E: is FIXED (NTFS) - 75 GiB total, 14.544 GiB free.
    F: is CDROM ()
    G: is CDROM ()

    ==== Disabled Device Manager Items =============

    Class GUID:
    Description: Multimedia Audio Controller
    Device ID: PCI\VEN_1274&DEV_5880&SUBSYS_80011274&REV_02\4&2966AB86&0&30A4
    Manufacturer:
    Name: Multimedia Audio Controller
    PNP Device ID: PCI\VEN_1274&DEV_5880&SUBSYS_80011274&REV_02\4&2966AB86&0&30A4
    Service:

    ==== System Restore Points ===================

    No restore point in system.

    ==== Installed Programs ======================

    3D Realistic Fireplace Screen Saver 2.63
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    BufferChm
    Copy
    Destinations
    DeviceDiscovery
    DJ_AIO_05_F4400_Software_Min
    DVD Shrink 3.2
    F4400
    GPBaseService2
    HiJackThis
    HP Update
    HPPhotoGadget
    hpPrintProjects
    HPProductAssistant
    HPSSupply
    hpWLPGInstaller
    MarketResearch
    Microsoft Office 2000 Premium
    Microsoft Silverlight
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Mozilla Firefox (3.6.13)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NVIDIA PhysX
    NVIDIA Stereoscopic 3D Driver
    PixScreen_CE
    Scan
    SmartWebPrinting
    SolutionCenter
    Sound Blaster PCI128
    Status
    Toolbox
    TrayApp
    WebReg
    Your Uninstaller! 2010

    ==== Event Viewer Messages From Past Week ========

    12/26/2010 8:22:08 AM, Error: Service Control Manager [7000] - The PfModNT service failed to start due to the following error: The system cannot find the file specified.
    12/25/2010 8:30:46 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    12/25/2010 8:25:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C}
    12/25/2010 8:21:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    12/25/2010 8:21:56 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    12/25/2010 8:21:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    12/25/2010 8:21:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    12/25/2010 8:21:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    12/25/2010 8:21:35 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr Wanarpv6
    12/25/2010 2:40:58 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
    12/25/2010 12:49:21 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    12/25/2010 12:49:21 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    12/25/2010 12:46:24 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    12/25/2010 12:46:24 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
    12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
    12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
    12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
    12/25/2010 12:42:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    12/25/2010 12:42:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    12/25/2010 1:25:27 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
    12/24/2010 2:38:45 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
    12/23/2010 8:28:56 PM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
    12/23/2010 8:11:30 PM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: The system cannot find the file specified.

    ==== End Of File ===========================


    the third service you wanted me to run ran for about an hour and said there were no modifications made. There was no log file made. Should run it again?
     
  7. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    that shows Microsoft security essentilas installed & running
     
  8. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,815
    First Name:
    Frank
    HiJackThis 2.0.4 doesn't play well with the 64-bit version of Windows and doesn't display all the log entries nor display them all properly, but I can see in your log that you have Uniblue Registry Booster installed and running.

    If you've been using it and allowing it to "clean" or "fix" the registry, it's unknown how much damage it may have done to Windows and some of your programs.

    Get rid of it and stay away from any registry cleaner/booster/optimizer/tuneup type program, no matter what it claims it can do.

    ---------------------------------------------------
     
  9. Kapustin Yar

    Kapustin Yar Thread Starter

    Joined:
    Dec 11, 2008
    Messages:
    855
    Okay I'll do that. But before I thought I had a virus I tried to clean the drive using Registry Booster. That means I couldn't install an AV app. BEFORE registry booster was installed.

    After I get rid of Registry booster how do I get rid of the virus I have?
     
  10. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    if it is a new install, the safest & best way is format & install W7 again & installl the AV immediately
     
  11. Kapustin Yar

    Kapustin Yar Thread Starter

    Joined:
    Dec 11, 2008
    Messages:
    855
    Hi DVK,

    Well I did what you said and i got the same error. Its says:

    "some of the installation files are corrupt. Please download a fresh copy and retry the installation."

    I got the same message when I tried downloading AVG antivirus. The size of the instalation file is 138mb.

    What should I do now?

    ps> i also just discovered i cannot update windows or download the windows 7 updater.
     
  12. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    what do you mean by " i cannot update windows or download the windows 7 updater."
    what happens when you try to update

    do you have your windows install DVD
     
  13. Kapustin Yar

    Kapustin Yar Thread Starter

    Joined:
    Dec 11, 2008
    Messages:
    855
    It means that when I click on Windows Update in the Start Menu nothing happens. I mean the button moves and that's it.

    I am using a clean install of Windows 7. I fdisked the drive and refomated as a Primary Dos drive. I wonder if this is incorrect? Should I have made it a non-dos drive? I think Fdisk is a fat32 system. The drive shows up as a NTFS.

    I should also tell you I also have Windows XPsp3 32bit installed on a separate drive on this machine. Would this make a difference? I notice that Rollback RX doesn't install on the Windows XP drive.

    I am writing to you now on the xp drive.

    As to whether I have the Windows Install CD yes I do. It doesn't say "install cd" on it. It just says Windows 7.
     
  14. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    it sounds like it is a corrupt install

    It is posible the short cut is broken from start menu
    go to control panel/system & security / update see if that works

    I still think with all your problems a new install is the best way
     
  15. Kapustin Yar

    Kapustin Yar Thread Starter

    Joined:
    Dec 11, 2008
    Messages:
    855
    Well I went to Control Panel and I was able to update succesfully. However I am still having the exact same problem with installing AV applications under the clean install as I did with the the other install.

    Is is possible that my copy of Windows is bad? It is official, not fake.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/970678

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice