WiredWX Hobby Weather ToolsLog in

 


descriptionMsiexec.exe is not a valid win32 application EmptyMsiexec.exe is not a valid win32 application

more_horiz
Windows Installer has been causing alot of problems recently. I can't install important windows updates and programme updates like iTunes and Adobe. I always get the error message 'Windows installer service could not be accessed'. Also whenever I try to type Msiexec in cmd, it says its not a valid win32 application. I have a feeling there's malicious content on my laptop.

I'm running Windows Vista SP2.

descriptionMsiexec.exe is not a valid win32 application EmptyRe: Msiexec.exe is not a valid win32 application

more_horiz
Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

descriptionMsiexec.exe is not a valid win32 application EmptyRe: Msiexec.exe is not a valid win32 application

more_horiz
OTL.txt

OTL logfile created on: 20/12/2010 00:11:58 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Leanne\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.45 Gb Total Space | 98.03 Gb Free Space | 71.84% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.68 Gb Free Space | 56.85% Space Free | Partition Type: NTFS

Computer Name: LEANNE-PC | User Name: Leanne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/20 00:11:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Leanne\Desktop\OTL.exe
PRC - [2010/11/11 17:48:21 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe
PRC - [2010/09/07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/20 14:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/05/20 14:27:24 | 000,119,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
PRC - [2009/06/26 16:21:00 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/09/20 14:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/13 14:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/13 14:44:48 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/07/24 17:02:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/07/24 17:02:42 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (SafeList) ==========

MOD - [2010/12/20 00:11:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Leanne\Desktop\OTL.exe
MOD - [2010/08/31 15:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/09/22 23:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/09/22 15:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/20 14:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/25 01:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/04/11 06:28:24 | 000,060,928 | ---- | M] () [Unknown | Stopped] -- C:\Windows\System32\SLUINotify.dll -- (SLUINotify)
SRV - [2009/04/11 06:27:45 | 000,000,000 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/20 14:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/13 14:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/07/24 17:02:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV - [2010/09/22 23:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010/09/07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 15:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/06/26 16:21:02 | 001,956,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2009/04/11 04:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/21 02:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 02:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 02:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 02:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 02:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 02:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 02:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 02:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 02:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 02:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 02:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 02:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 02:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 02:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 02:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 02:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 02:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 02:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 02:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 02:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 02:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 02:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/02 15:48:28 | 002,016,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/12/06 20:52:42 | 001,044,984 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/09/17 09:22:00 | 000,278,528 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007/09/13 14:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/06 22:21:32 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2007/04/25 11:17:36 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/03/21 21:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 15:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/02 17:43:30 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/02 17:42:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/02 17:42:08 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/02 09:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 09:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 09:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 09:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 09:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 09:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 09:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 09:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 09:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 09:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 09:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 08:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 08:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 08:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 08:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 08:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 08:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 07:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/08/04 15:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img22.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/20 00:11:12 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Leanne\Desktop\OTL.exe
[2010/12/17 22:42:07 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2010/12/17 16:46:19 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/12/17 16:46:12 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/12/17 16:46:11 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/12/17 16:46:11 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/12/17 16:46:11 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/12/17 16:46:11 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/12/17 16:46:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/12/17 16:46:10 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/12/17 16:46:10 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/12/17 16:46:10 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/12/17 16:46:10 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/12/17 16:46:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/12/17 16:46:10 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/12/17 16:46:10 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/12/17 16:46:10 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/12/17 16:46:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/12/17 16:46:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/12/17 16:46:06 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/12/17 16:46:03 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010/12/17 16:46:03 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/12/17 16:46:03 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/12/17 16:46:00 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010/12/17 16:45:58 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/12/17 16:45:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/12/17 16:45:58 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/12/17 16:45:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/11/30 08:18:44 | 000,000,000 | ---D | C] -- C:\Users\Leanne\AppData\Roaming\Juniper Networks
[2010/11/26 21:32:16 | 000,000,000 | ---D | C] -- C:\Program Files\Anki

========== Files - Modified Within 30 Days ==========

[2010/12/20 00:11:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Leanne\Desktop\OTL.exe
[2010/12/19 22:53:34 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/19 22:53:34 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/19 16:32:50 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/19 16:32:50 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/19 13:28:40 | 001,768,236 | ---- | M] () -- C:\Users\Leanne\Desktop\Windows6.0-KB942288-v2-x86.msu
[2010/12/19 12:53:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/19 12:50:35 | 000,001,206 | ---- | M] () -- C:\Users\Leanne\Desktop\msiserver.zip
[2010/12/19 12:49:28 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/12/19 12:49:28 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/12/18 10:24:04 | 000,269,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/17 22:42:10 | 000,000,752 | ---- | M] () -- C:\Users\Leanne\Desktop\Audacity.lnk
[2010/12/05 14:22:58 | 000,124,416 | ---- | M] () -- C:\Users\Leanne\Documents\10005410_EV_EmployerList(1).xls.xls
[2010/11/26 21:32:16 | 000,000,539 | ---- | M] () -- C:\Users\Leanne\Desktop\Anki.lnk
[2010/11/24 21:59:35 | 000,000,938 | ---- | M] () -- C:\Users\Leanne\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/11/21 20:20:38 | 003,173,888 | ---- | M] () -- C:\Users\Leanne\Documents\day, evening and special occasion Make up short course discription 2009-2010.doc

========== Files Created - No Company Name ==========

[2010/12/19 13:28:31 | 001,768,236 | ---- | C] () -- C:\Users\Leanne\Desktop\Windows6.0-KB942288-v2-x86.msu
[2010/12/19 12:50:52 | 000,007,188 | ---- | C] () -- C:\Users\Leanne\Desktop\msiserver.reg
[2010/12/19 12:50:34 | 000,001,206 | ---- | C] () -- C:\Users\Leanne\Desktop\msiserver.zip
[2010/12/19 12:45:13 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010/12/19 12:45:13 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2010/12/17 22:42:10 | 000,000,752 | ---- | C] () -- C:\Users\Leanne\Desktop\Audacity.lnk
[2010/12/05 14:20:58 | 000,124,416 | ---- | C] () -- C:\Users\Leanne\Documents\10005410_EV_EmployerList(1).xls.xls
[2010/11/26 21:32:16 | 000,000,539 | ---- | C] () -- C:\Users\Leanne\Desktop\Anki.lnk
[2010/11/24 21:59:35 | 000,000,938 | ---- | C] () -- C:\Users\Leanne\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/11/21 20:20:37 | 003,173,888 | ---- | C] () -- C:\Users\Leanne\Documents\day, evening and special occasion Make up short course discription 2009-2010.doc
[2010/10/19 16:10:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/06 11:38:29 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/10/06 11:38:01 | 000,060,928 | ---- | C] () -- C:\Windows\System32\SLUINotify.dll
[2010/10/06 11:37:37 | 000,000,000 | ---- | C] () -- C:\Windows\System32\wsnmp32.dll
[2010/10/04 15:48:36 | 000,000,000 | ---- | C] () -- C:\Windows\System32\url.dll
[2010/10/04 13:36:33 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2010/10/04 13:32:29 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2010/10/04 11:51:21 | 000,000,680 | ---- | C] () -- C:\Users\Leanne\AppData\Local\d3d9caps.dat
[2010/09/15 20:02:55 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2010/09/15 20:02:55 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2010/09/15 20:02:55 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2010/09/15 20:02:55 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2010/09/15 20:02:55 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2009/06/26 16:21:02 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

< End of report >

descriptionMsiexec.exe is not a valid win32 application EmptyRe: Msiexec.exe is not a valid win32 application

more_horiz
Extras.txt

OTL Extras logfile created on: 20/12/2010 00:11:58 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Leanne\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.45 Gb Total Space | 98.03 Gb Free Space | 71.84% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.68 Gb Free Space | 56.85% Space Free | Partition Type: NTFS

Computer Name: LEANNE-PC | User Name: Leanne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C273F9C7-B44C-43C5-912C-FA57E63FAC30}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{FD269870-8CAA-4BC1-84BD-BB1515A88103}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{056756AD-BA73-4EFF-A83D-138A8ACCA9B3}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{0BFBFD57-C579-4310-AD73-B9E59D2280A5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{101F24F2-88FE-459B-ACB3-B8B3B5A94E4F}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{1730CA24-3D3F-4FF5-8222-413B70E7090C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2EDCDE6E-22E9-46EF-8B1B-1C750FA747CA}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{342248CA-6800-426B-AD41-73CB3EB9480F}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{3545696E-376E-40D7-9007-56D18B648853}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{3ADE55A8-80B9-4ECE-A3E3-88E1E0FDAAE5}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{3FB954D1-88D7-4E7E-81BA-42142F2BEEB6}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{56528685-52FD-4919-AC8A-91EC046C8F2C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{5E84F454-9303-409D-8CCE-E01C780F8764}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{65153840-09CF-4FA7-8F7D-E37CAEDEAD83}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{6B737E57-D4D5-4B40-B092-0605FF5A9BF7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7C6BA553-F02C-45DF-945A-D0E16BE368EC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7D7385B9-28FA-4D49-A73E-4D2654B8C9D4}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{91E7CDF7-4C75-4D7C-91D7-435B9EFDEEE7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{94C0C981-40EA-46B4-9FC8-97B64DFA4FB9}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{9757A5A6-C7D5-4A87-96B6-7B94AA294BB0}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{A70198C0-D045-41C5-BF14-8CE7CFE1D8A7}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{BF38E14B-6D68-43A4-9F80-24066586305C}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{C385CCF8-4C16-4F9D-83A5-5223E4CF76AD}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{C6AC6A3B-A53B-440D-A6A1-BBAD1BCC0E87}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{CFCA2AF5-1AD3-408C-AE21-46A51D94777D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{D1E47835-FDFD-4ED4-BFD0-898E7204BD5B}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{E21A6D86-6E79-49FA-9CE2-D3B753A43F76}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{E8E4519A-ECEA-4B6B-8A0C-CDC2FBE0099F}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{F2C62D93-7468-4D81-8D10-4A3B6BF97265}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"TCP Query User{60F88A31-2DB9-4507-AFD1-1F39387485F5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{8A3B551E-0093-47E8-9F47-83D1C70CC13C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A258E63-8DF5-4ADB-9832-38A0121D65EB}" = AVG 2011
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{4EB34322-B940-46EB-810E-68E71A819269}" = AVG 2011
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Anki" = Anki
"Audacity_is1" = Audacity 1.2.6
"avast5" = avast! Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Networks_Cache_Cleaner 6.3.0" = Juniper Networks Cache Cleaner 6.3.0
"Juniper_Setup_Client" = Juniper Networks Setup Client

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 19/12/2010 07:49:08 | Computer Name = Leanne-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 19/12/2010 08:14:01 | Computer Name = Leanne-PC | Source = WinMgmt | ID = 10
Description =

Error - 19/12/2010 08:54:07 | Computer Name = Leanne-PC | Source = Application Error | ID = 1000
Description = Faulting application bcmwltry.exe, version 4.170.25.12, time stamp
0x46f3437a, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x01f2975a, process id 0x6a4, application start time
0x01cb9f7bc0ca031e.

Error - 19/12/2010 08:55:14 | Computer Name = Leanne-PC | Source = WinMgmt | ID = 10
Description =

Error - 19/12/2010 09:21:01 | Computer Name = Leanne-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 19/12/2010 18:45:34 | Computer Name = Leanne-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18999 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 428 Start Time: 01cb9f7c0a7ac21e Termination Time: 0

Error - 19/12/2010 18:49:24 | Computer Name = Leanne-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18999 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 10c8 Start Time: 01cb9fce72badd4e Termination Time: 0

Error - 19/12/2010 18:51:02 | Computer Name = Leanne-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18999 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: fa8 Start Time: 01cb9fcefb9b4cde Termination Time: 0

Error - 19/12/2010 18:51:29 | Computer Name = Leanne-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18999 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1268 Start Time: 01cb9fcf36081e2e Termination Time: 267

Error - 19/12/2010 20:09:17 | Computer Name = Leanne-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

[ Broadcom Wireless LAN Events ]
Error - 09/10/2010 07:40:49 | Computer Name = Leanne-PC | Source = WLAN-Tray | ID = 0
Description = 12:40:48, Sat, Oct 09, 10 Error - Unable to gain access to user store


Error - 11/10/2010 22:33:29 | Computer Name = Leanne-PC | Source = WLAN-Tray | ID = 0
Description = 03:33:29, Tue, Oct 12, 10 Error - Unable to gain access to user store


Error - 14/10/2010 10:26:11 | Computer Name = Leanne-PC | Source = WLAN-Tray | ID = 0
Description = 15:26:10, Thu, Oct 14, 10 Error - Unable to gain access to user store


Error - 26/11/2010 12:53:20 | Computer Name = Leanne-PC | Source = WLAN-Tray | ID = 0
Description = 16:53:20, Fri, Nov 26, 10 Error - Unable to gain access to user store


Error - 27/11/2010 18:17:33 | Computer Name = Leanne-PC | Source = WLAN-Tray | ID = 0
Description = 22:17:32, Sat, Nov 27, 10 Error - Unable to gain access to user store



========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

descriptionMsiexec.exe is not a valid win32 application EmptyRe: Msiexec.exe is not a valid win32 application

more_horiz
Hello.

Please download ComboFix Msiexec.exe is not a valid win32 application Combofix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

descriptionMsiexec.exe is not a valid win32 application EmptyRe: Msiexec.exe is not a valid win32 application

more_horiz
ComboFix 10-12-20.01 - Leanne 20/12/2010 22:40:28.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2037.1254 [GMT 0:00]
Running from: c:\users\Leanne\Desktop\commy.exe
Command switches used :: /stepdel
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Fonts\upcdbi.ttf
c:\windows\Fonts\upcfl.ttf
c:\windows\system32\arp.exe

.
((((((((((((((((((((((((( Files Created from 2010-11-20 to 2010-12-20 )))))))))))))))))))))))))))))))
.

2010-12-20 22:49 . 2010-12-20 22:49 -------- d-----w- c:\users\Lauren\AppData\Local\temp
2010-12-20 11:46 . 2010-12-20 11:46 -------- d-----w- c:\users\Lauren\AppData\Local\Apple
2010-12-19 01:11 . 2008-01-21 02:23 41984 ----a-w- c:\windows\system32\drivers\monitor.sys
2010-12-17 22:42 . 2010-12-17 22:42 -------- d-----w- c:\program files\Audacity
2010-12-17 16:45 . 2010-10-28 15:44 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-12-17 16:45 . 2010-10-28 13:27 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-17 16:45 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-12-17 16:45 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-17 16:45 . 2010-11-03 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-12-14 16:46 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2010-11-30 08:18 . 2010-11-30 08:19 -------- d-----w- c:\users\Leanne\AppData\Roaming\Juniper Networks
2010-11-26 21:54 . 2010-11-26 21:54 -------- d-----w- c:\users\Lauren\AppData\Roaming\.matplotlib
2010-11-26 21:46 . 2010-11-26 21:46 -------- d-----w- c:\users\Lauren\AppData\Roaming\mplayer
2010-11-26 21:33 . 2010-12-03 18:35 -------- d-----w- c:\users\Lauren\AppData\Roaming\.anki
2010-11-26 21:32 . 2010-11-26 21:32 -------- d-----w- c:\program files\Anki
2010-11-25 17:15 . 2010-11-26 20:20 -------- d-----w- c:\users\Lauren\AppData\Local\Adobe
2010-11-23 18:37 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-16 18:25 . 2010-10-16 18:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-04 13:27 . 2010-10-04 13:27 45056 ----a-r- c:\users\Leanne\AppData\Roaming\Microsoft\Installer\{42929F0F-CE14-47AF-9FC7-FF297A603021}\NewShortcut1_42929F0FCE1447AF9FC7FF297A603021_1.exe
2010-09-22 23:47 . 2010-09-22 23:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 23:32 . 2010-09-22 23:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-22 23:21 . 2010-10-15 16:26 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-24 174616]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"VX3000"="c:\windows\vVX3000.exe" [2009-06-26 757248]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S1 aswSP;aswSP; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-09-20 73728]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-SigmatelSysTrayApp - %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-20 22:49
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-12-20 22:53:00
ComboFix-quarantined-files.txt 2010-12-20 22:52

Pre-Run: 103,819,886,592 bytes free
Post-Run: 103,838,740,480 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - EE9C1461717A7FB6E9FF840AF035A1D9

descriptionMsiexec.exe is not a valid win32 application EmptyRe: Msiexec.exe is not a valid win32 application

more_horiz
Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.

descriptionMsiexec.exe is not a valid win32 application EmptyRe: Msiexec.exe is not a valid win32 application

more_horiz
For some reason the log only had this inside the file...

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

However the online scanner found 0 threats.

descriptionMsiexec.exe is not a valid win32 application EmptyRe: Msiexec.exe is not a valid win32 application

more_horiz
Hello.
How is the machine running now?

descriptionMsiexec.exe is not a valid win32 application EmptyRe: Msiexec.exe is not a valid win32 application

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum