Can't install any antivirus software in Win7 64bit

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Kapustin Yar

Thread Starter
Joined
Dec 11, 2008
Messages
936
Hi People,

I have a Win7 64bit clean install. I'm trying to install antivirus software but I'm not getting anywhere. First I tried Bitdefender, no joy. I tried three different links. Then I tried Kaspersky. No Joy. The last one I tried is AVG. No joy. All three error msg's say I have corrupt installation files.

This is the first time I've tried to install AV on 64bit. I've heard that some av applications don't work so well with 64bit. I guess that is the truth. How can I install AV software on win7 64bit?
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
lets see if you are infected as that is the usual reason or you already have aan antivirus installed

follow advice here and post the logs those programs make in your next reply here
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
82,498
I've worked on 2 Windows 7(64-bit) computers and have installed AVG in one of them and Microsoft Security Essentials in the other one and didn't have any problems. Follow dvk01's instructions.

-----------------------------------------------------------------
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
One thing you NEED to do with W7 64bit is download the installer to your downloads folder ( or desktop) & not try to run from the website
 

Kapustin Yar

Thread Starter
Joined
Dec 11, 2008
Messages
936
Okay, here it is

Hijack this:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:31:35 AM, on 12/26/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - (no file)
O4 - HKCU\..\Run: [Uniblue Registry Booster] D:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 4866 bytes


- the other two are coming soon.
 

Kapustin Yar

Thread Starter
Joined
Dec 11, 2008
Messages
936
Here is DDS. TXT:

DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Home User at 10:04:50.46 on Sun 12/26/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4095.2672 [GMT -8:00]

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Home User\Desktop\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

mWinlogon: Userinit=userinit.exe
BHO: {0347C33E-8762-4905-BF09-768834316C61} - No File
BHO: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - No File
EB: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
uRun: [Uniblue Registry Booster] D:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522}
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

================= FIREFOX ===================

FF - ProfilePath - C:\Users\HOMEUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\jz068agu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.mozilla.com/en-US/firefox/3.6.13/firstrun/|http://www.google.com/ig?hl=en&source=iglk
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - plugin: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: HP Smart Web Printing: [email protected] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: [email protected] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: British English Dictionary: [email protected] - %profile%\extensions\[email protected]

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 188928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-24 1255736]

=============== Created Last 30 ================

2010-12-26 16:33:39 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-12-26 16:33:35 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{4D80F0AD-EA1A-479F-BA76-82553CE4755A}\mpengine.dll
2010-12-26 16:26:36 388096 ----a-r- C:\Users\HOMEUS~1\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-12-26 16:26:36 -------- d-----w- C:\Program Files (x86)\Trend Micro
2010-12-26 08:16:51 -------- d-----w- C:\PROGRA~3\MFAData
2010-12-26 07:05:18 -------- d-----w- C:\Users\HOMEUS~1\AppData\Roaming\Uniblue
2010-12-26 04:46:20 -------- d-----w- C:\Users\HOMEUS~1\AppData\Roaming\QuickScan
2010-12-26 04:33:17 224785 ----a-w- C:\PROGRA~3\bdinstall.bin
2010-12-26 03:00:00 -------- d-----w- C:\PhotoEd
2010-12-25 22:44:16 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2010-12-25 09:22:01 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2010-12-25 09:21:21 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation
2010-12-25 09:13:12 -------- d-----w- C:\Program Files (x86)\PixAround.com
2010-12-25 09:13:12 -------- d-----w- C:\Program Files (x86)\Common Files\PixAround.com
2010-12-25 09:13:12 -------- d-----w- C:\My PixAround
2010-12-25 09:13:04 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2010-12-25 09:13:04 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2010-12-25 09:13:04 217088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\IScript.dll
2010-12-25 09:13:04 217088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2010-12-25 09:09:39 6752 ----a-w- C:\Windows\SysWow64\PfModNT.sys
2010-12-25 09:09:36 105472 ----a-w- C:\Windows\SysWow64\Sfman32.dll
2010-12-25 09:07:42 -------- d-----w- C:\Program Files (x86)\Creative
2010-12-25 09:07:41 41984 ----a-w- C:\Windows\CTREGRUN.EXE
2010-12-25 09:07:34 306688 ----a-w- C:\Windows\IsUninst.exe
2010-12-25 08:51:54 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2010-12-25 08:51:52 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{00903572-D396-42B9-8B8E-2789AE7C85FA}\gapaengine.dll
2010-12-25 08:46:20 -------- d-----w- C:\Windows\pss
2010-12-25 08:45:37 -------- d-----w- C:\PROGRA~3\WEBREG
2010-12-25 08:41:29 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2010-12-25 08:41:26 -------- d-----w- C:\Program Files\Microsoft Security Client
2010-12-25 08:41:22 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2010-12-25 08:38:02 254464 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfpp083.dll
2010-12-25 08:35:52 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2010-12-25 08:35:15 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2010-12-25 08:34:53 362328 ----a-w- C:\Windows\System32\hpzids40.dll
2010-12-25 08:34:51 134144 ----a-w- C:\Windows\System32\hpf3l083.dll
2010-12-25 08:34:49 966656 ----a-w- C:\Windows\System32\hposwia_d02a.dll
2010-12-25 08:34:49 761856 ----a-w- C:\Windows\System32\hpost_d02a.dll
2010-12-25 08:34:49 512512 ----a-w- C:\Windows\System32\hposc_d02a.dll
2010-12-25 08:34:32 -------- d-----w- C:\Program Files (x86)\HP
2010-12-25 08:33:27 -------- d-----w- C:\Program Files\HP
2010-12-25 08:17:16 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2010-12-25 08:17:15 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{BD089675-7D92-4135-880B-460C9A7B4402}\mpengine.dll
2010-12-25 08:05:21 -------- d-sh--w- C:\Windows\Installer
2010-12-25 08:02:41 -------- d-----w- C:\Users\HOMEUS~1\AppData\Local\Diagnostics
2010-12-25 08:01:42 2623488 ----a-w- C:\Windows\3D Realistic Fireplace 2.scr
2010-12-25 08:01:42 -------- d-----w- C:\Program Files (x86)\3D Realistic Fireplace 2
2010-12-25 07:56:02 -------- d-----w- C:\Users\HOMEUS~1\AppData\Roaming\URSoft
2010-12-25 07:55:57 -------- d-----w- C:\Program Files (x86)\Your Uninstaller 2010
2010-12-24 23:10:39 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2010-12-24 23:10:39 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2010-12-24 23:10:38 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2010-12-24 23:10:38 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2010-12-24 23:10:38 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2010-12-24 23:10:38 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2010-12-24 23:10:33 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2010-12-24 23:10:33 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2010-12-24 22:40:41 -------- d-----w- C:\Program Files\DVDFab 8
2010-12-24 22:39:12 -------- d-----w- C:\Program Files (x86)\DVD Shrink
2010-12-24 21:56:57 -------- d-----w- C:\Windows\SysWow64\Wat
2010-12-24 21:56:57 -------- d-----w- C:\Windows\System32\Wat
2010-12-24 05:37:42 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2010-12-24 05:37:42 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2010-12-24 05:33:59 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2010-12-24 05:33:59 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2010-12-24 05:33:59 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2010-12-24 05:33:59 444752 ----a-w- C:\Windows\System32\mscoree.dll
2010-12-24 05:33:59 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2010-12-24 05:33:59 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2010-12-24 05:33:59 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2010-12-24 05:33:59 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2010-12-24 05:33:59 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2010-12-24 05:33:59 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2010-12-24 05:28:51 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2010-12-24 05:27:59 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2010-12-24 05:27:59 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2010-12-24 05:27:59 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2010-12-24 05:27:59 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-12-24 05:27:58 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2010-12-24 05:27:58 463360 ----a-w- C:\Windows\System32\drivers\srv.sys
2010-12-24 05:27:58 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys
2010-12-24 05:27:58 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2010-12-24 05:27:58 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2010-12-24 05:27:58 112000 ----a-w- C:\Windows\System32\consent.exe
2010-12-24 05:11:05 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-12-24 04:28:57 220672 ----a-w- C:\Windows\System32\wintrust.dll
2010-12-24 04:28:57 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
2010-12-24 04:28:57 139264 ----a-w- C:\Windows\System32\cabview.dll
2010-12-24 04:28:57 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2010-12-24 04:27:02 -------- d-----w- C:\Users\HOMEUS~1\AppData\Local\VirtualStore
2010-12-23 22:05:21 -------- d-----w- C:\Windows\Panther
2010-12-23 21:53:22 -------- d-----w- C:\Windows.old

==================== Find3M ====================

2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll
2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec
2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-10-25 05:25:38 72064 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2010-10-25 05:25:38 40832 ----a-w- C:\Windows\System32\drivers\MpNWMon.sys
2010-10-25 05:25:38 188928 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2010-10-20 05:20:01 46080 ----a-w- C:\Windows\System32\atmlib.dll
2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2010-10-20 03:09:15 3124224 ----a-w- C:\Windows\System32\win32k.sys
2010-10-20 03:05:46 367104 ----a-w- C:\Windows\System32\atmfd.dll
2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-10-16 21:13:54 5901416 ----a-w- C:\Windows\System32\nvcpl.dll
2010-10-16 21:13:34 989800 ----a-w- C:\Windows\System32\nvvsvc.exe
2010-10-16 21:13:34 61032 ----a-w- C:\Windows\System32\nvshext.dll
2010-10-16 21:13:34 2590824 ----a-w- C:\Windows\System32\nvsvc64.dll
2010-10-16 21:13:34 116328 ----a-w- C:\Windows\System32\nvmctray.dll
2010-10-16 05:19:41 395776 ----a-w- C:\Windows\System32\webio.dll
2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll

============= FINISH: 10:04:59.92 ===============
And Attach.txt:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/23/2010 8:26:47 PM
System Uptime: 12/26/2010 8:21:49 AM (0 hours ago)

Motherboard: ASRock | | M3A770DE
Processor: AMD Phenom(tm) II X2 550 Processor | CPUSocket | 3093/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 9.176 GiB free.
D: is FIXED (NTFS) - 75 GiB total, 19.466 GiB free.
E: is FIXED (NTFS) - 75 GiB total, 14.544 GiB free.
F: is CDROM ()
G: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID:
Description: Multimedia Audio Controller
Device ID: PCI\VEN_1274&DEV_5880&SUBSYS_80011274&REV_02\4&2966AB86&0&30A4
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_1274&DEV_5880&SUBSYS_80011274&REV_02\4&2966AB86&0&30A4
Service:

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

3D Realistic Fireplace Screen Saver 2.63
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
BufferChm
Copy
Destinations
DeviceDiscovery
DJ_AIO_05_F4400_Software_Min
DVD Shrink 3.2
F4400
GPBaseService2
HiJackThis
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
MarketResearch
Microsoft Office 2000 Premium
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.13)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
PixScreen_CE
Scan
SmartWebPrinting
SolutionCenter
Sound Blaster PCI128
Status
Toolbox
TrayApp
WebReg
Your Uninstaller! 2010

==== Event Viewer Messages From Past Week ========

12/26/2010 8:22:08 AM, Error: Service Control Manager [7000] - The PfModNT service failed to start due to the following error: The system cannot find the file specified.
12/25/2010 8:30:46 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/25/2010 8:25:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C}
12/25/2010 8:21:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/25/2010 8:21:56 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
12/25/2010 8:21:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/25/2010 8:21:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/25/2010 8:21:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/25/2010 8:21:35 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr Wanarpv6
12/25/2010 2:40:58 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
12/25/2010 12:49:21 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
12/25/2010 12:49:21 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
12/25/2010 12:46:24 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/25/2010 12:46:24 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
12/25/2010 12:42:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
12/25/2010 12:42:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
12/25/2010 1:25:27 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
12/24/2010 2:38:45 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
12/23/2010 8:28:56 PM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
12/23/2010 8:11:30 PM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: The system cannot find the file specified.

==== End Of File ===========================


the third service you wanted me to run ran for about an hour and said there were no modifications made. There was no log file made. Should run it again?
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
that shows Microsoft security essentilas installed & running
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
82,498
HiJackThis 2.0.4 doesn't play well with the 64-bit version of Windows and doesn't display all the log entries nor display them all properly, but I can see in your log that you have Uniblue Registry Booster installed and running.

If you've been using it and allowing it to "clean" or "fix" the registry, it's unknown how much damage it may have done to Windows and some of your programs.

Get rid of it and stay away from any registry cleaner/booster/optimizer/tuneup type program, no matter what it claims it can do.

---------------------------------------------------
 

Kapustin Yar

Thread Starter
Joined
Dec 11, 2008
Messages
936
HiJackThis 2.0.4 doesn't play well with the 64-bit version of Windows and doesn't display all the log entries nor display them all properly, but I can see in your log that you have Uniblue Registry Booster installed and running.

If you've been using it and allowing it to "clean" or "fix" the registry, it's unknown how much damage it may have done to Windows and some of your programs.

Get rid of it and stay away from any registry cleaner/booster/optimizer/tuneup type program, no matter what it claims it can do.

---------------------------------------------------
Okay I'll do that. But before I thought I had a virus I tried to clean the drive using Registry Booster. That means I couldn't install an AV app. BEFORE registry booster was installed.

After I get rid of Registry booster how do I get rid of the virus I have?
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
if it is a new install, the safest & best way is format & install W7 again & installl the AV immediately
 

Kapustin Yar

Thread Starter
Joined
Dec 11, 2008
Messages
936
Hi DVK,

Well I did what you said and i got the same error. Its says:

"some of the installation files are corrupt. Please download a fresh copy and retry the installation."

I got the same message when I tried downloading AVG antivirus. The size of the instalation file is 138mb.

What should I do now?

ps> i also just discovered i cannot update windows or download the windows 7 updater.
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
what do you mean by " i cannot update windows or download the windows 7 updater."
what happens when you try to update

do you have your windows install DVD
 

Kapustin Yar

Thread Starter
Joined
Dec 11, 2008
Messages
936
what do you mean by " i cannot update windows or download the windows 7 updater."
what happens when you try to update

do you have your windows install DVD
It means that when I click on Windows Update in the Start Menu nothing happens. I mean the button moves and that's it.

I am using a clean install of Windows 7. I fdisked the drive and refomated as a Primary Dos drive. I wonder if this is incorrect? Should I have made it a non-dos drive? I think Fdisk is a fat32 system. The drive shows up as a NTFS.

I should also tell you I also have Windows XPsp3 32bit installed on a separate drive on this machine. Would this make a difference? I notice that Rollback RX doesn't install on the Windows XP drive.

I am writing to you now on the xp drive.

As to whether I have the Windows Install CD yes I do. It doesn't say "install cd" on it. It just says Windows 7.
 

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
it sounds like it is a corrupt install

It is posible the short cut is broken from start menu
go to control panel/system & security / update see if that works

I still think with all your problems a new install is the best way
 

Kapustin Yar

Thread Starter
Joined
Dec 11, 2008
Messages
936
it sounds like it is a corrupt install

It is posible the short cut is broken from start menu
go to control panel/system & security / update see if that works

I still think with all your problems a new install is the best way
Well I went to Control Panel and I was able to update succesfully. However I am still having the exact same problem with installing AV applications under the clean install as I did with the the other install.

Is is possible that my copy of Windows is bad? It is official, not fake.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top