Tech Support Guy banner
Status
Not open for further replies.
1 - 20 of 24 Posts

·
Registered
Joined
·
1,054 Posts
Discussion Starter · #1 ·
Hi People,

I have a Win7 64bit clean install. I'm trying to install antivirus software but I'm not getting anywhere. First I tried Bitdefender, no joy. I tried three different links. Then I tried Kaspersky. No Joy. The last one I tried is AVG. No joy. All three error msg's say I have corrupt installation files.

This is the first time I've tried to install AV on 64bit. I've heard that some av applications don't work so well with 64bit. I guess that is the truth. How can I install AV software on win7 64bit?
 

·
Retired Moderator Retired Malware Specialist
Joined
·
56,449 Posts
lets see if you are infected as that is the usual reason or you already have aan antivirus installed

follow advice here and post the logs those programs make in your next reply here
 

·
Trusted Advisor
Joined
·
85,516 Posts
I've worked on 2 Windows 7(64-bit) computers and have installed AVG in one of them and Microsoft Security Essentials in the other one and didn't have any problems. Follow dvk01's instructions.

-----------------------------------------------------------------
 

·
Retired Moderator Retired Malware Specialist
Joined
·
56,449 Posts
One thing you NEED to do with W7 64bit is download the installer to your downloads folder ( or desktop) & not try to run from the website
 

·
Registered
Joined
·
1,054 Posts
Discussion Starter · #5 ·
Okay, here it is

Hijack this:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:31:35 AM, on 12/26/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - (no file)
O4 - HKCU\..\Run: [Uniblue Registry Booster] D:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 4866 bytes

- the other two are coming soon.
 

·
Registered
Joined
·
1,054 Posts
Discussion Starter · #6 ·
Here is DDS. TXT:

DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Home User at 10:04:50.46 on Sun 12/26/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4095.2672 [GMT -8:00]

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Home User\Desktop\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

mWinlogon: Userinit=userinit.exe
BHO: {0347C33E-8762-4905-BF09-768834316C61} - No File
BHO: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - No File
EB: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
uRun: [Uniblue Registry Booster] D:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522}
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

================= FIREFOX ===================

FF - ProfilePath - C:\Users\HOMEUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\jz068agu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.mozilla.com/en-US/firefox/3.6.13/firstrun/|http://www.google.com/ig?hl=en&source=iglk
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - plugin: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: HP Smart Web Printing: [email protected] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: [email protected] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: British English Dictionary: [email protected] - %profile%\extensions\[email protected]

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 188928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-24 1255736]

=============== Created Last 30 ================

2010-12-26 16:33:39 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-12-26 16:33:35 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{4D80F0AD-EA1A-479F-BA76-82553CE4755A}\mpengine.dll
2010-12-26 16:26:36 388096 ----a-r- C:\Users\HOMEUS~1\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-12-26 16:26:36 -------- d-----w- C:\Program Files (x86)\Trend Micro
2010-12-26 08:16:51 -------- d-----w- C:\PROGRA~3\MFAData
2010-12-26 07:05:18 -------- d-----w- C:\Users\HOMEUS~1\AppData\Roaming\Uniblue
2010-12-26 04:46:20 -------- d-----w- C:\Users\HOMEUS~1\AppData\Roaming\QuickScan
2010-12-26 04:33:17 224785 ----a-w- C:\PROGRA~3\bdinstall.bin
2010-12-26 03:00:00 -------- d-----w- C:\PhotoEd
2010-12-25 22:44:16 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2010-12-25 09:22:01 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2010-12-25 09:21:21 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation
2010-12-25 09:13:12 -------- d-----w- C:\Program Files (x86)\PixAround.com
2010-12-25 09:13:12 -------- d-----w- C:\Program Files (x86)\Common Files\PixAround.com
2010-12-25 09:13:12 -------- d-----w- C:\My PixAround
2010-12-25 09:13:04 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2010-12-25 09:13:04 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2010-12-25 09:13:04 217088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\IScript.dll
2010-12-25 09:13:04 217088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2010-12-25 09:09:39 6752 ----a-w- C:\Windows\SysWow64\PfModNT.sys
2010-12-25 09:09:36 105472 ----a-w- C:\Windows\SysWow64\Sfman32.dll
2010-12-25 09:07:42 -------- d-----w- C:\Program Files (x86)\Creative
2010-12-25 09:07:41 41984 ----a-w- C:\Windows\CTREGRUN.EXE
2010-12-25 09:07:34 306688 ----a-w- C:\Windows\IsUninst.exe
2010-12-25 08:51:54 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2010-12-25 08:51:52 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{00903572-D396-42B9-8B8E-2789AE7C85FA}\gapaengine.dll
2010-12-25 08:46:20 -------- d-----w- C:\Windows\pss
2010-12-25 08:45:37 -------- d-----w- C:\PROGRA~3\WEBREG
2010-12-25 08:41:29 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2010-12-25 08:41:26 -------- d-----w- C:\Program Files\Microsoft Security Client
2010-12-25 08:41:22 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2010-12-25 08:38:02 254464 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfpp083.dll
2010-12-25 08:35:52 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2010-12-25 08:35:15 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2010-12-25 08:34:53 362328 ----a-w- C:\Windows\System32\hpzids40.dll
2010-12-25 08:34:51 134144 ----a-w- C:\Windows\System32\hpf3l083.dll
2010-12-25 08:34:49 966656 ----a-w- C:\Windows\System32\hposwia_d02a.dll
2010-12-25 08:34:49 761856 ----a-w- C:\Windows\System32\hpost_d02a.dll
2010-12-25 08:34:49 512512 ----a-w- C:\Windows\System32\hposc_d02a.dll
2010-12-25 08:34:32 -------- d-----w- C:\Program Files (x86)\HP
2010-12-25 08:33:27 -------- d-----w- C:\Program Files\HP
2010-12-25 08:17:16 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2010-12-25 08:17:15 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{BD089675-7D92-4135-880B-460C9A7B4402}\mpengine.dll
2010-12-25 08:05:21 -------- d-sh--w- C:\Windows\Installer
2010-12-25 08:02:41 -------- d-----w- C:\Users\HOMEUS~1\AppData\Local\Diagnostics
2010-12-25 08:01:42 2623488 ----a-w- C:\Windows\3D Realistic Fireplace 2.scr
2010-12-25 08:01:42 -------- d-----w- C:\Program Files (x86)\3D Realistic Fireplace 2
2010-12-25 07:56:02 -------- d-----w- C:\Users\HOMEUS~1\AppData\Roaming\URSoft
2010-12-25 07:55:57 -------- d-----w- C:\Program Files (x86)\Your Uninstaller 2010
2010-12-24 23:10:39 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2010-12-24 23:10:39 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2010-12-24 23:10:38 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2010-12-24 23:10:38 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2010-12-24 23:10:38 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2010-12-24 23:10:38 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2010-12-24 23:10:33 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2010-12-24 23:10:33 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2010-12-24 22:40:41 -------- d-----w- C:\Program Files\DVDFab 8
2010-12-24 22:39:12 -------- d-----w- C:\Program Files (x86)\DVD Shrink
2010-12-24 21:56:57 -------- d-----w- C:\Windows\SysWow64\Wat
2010-12-24 21:56:57 -------- d-----w- C:\Windows\System32\Wat
2010-12-24 05:37:42 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2010-12-24 05:37:42 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2010-12-24 05:33:59 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2010-12-24 05:33:59 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2010-12-24 05:33:59 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2010-12-24 05:33:59 444752 ----a-w- C:\Windows\System32\mscoree.dll
2010-12-24 05:33:59 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2010-12-24 05:33:59 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2010-12-24 05:33:59 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2010-12-24 05:33:59 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2010-12-24 05:33:59 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2010-12-24 05:33:59 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2010-12-24 05:28:51 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2010-12-24 05:27:59 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2010-12-24 05:27:59 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2010-12-24 05:27:59 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2010-12-24 05:27:59 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-12-24 05:27:58 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2010-12-24 05:27:58 463360 ----a-w- C:\Windows\System32\drivers\srv.sys
2010-12-24 05:27:58 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys
2010-12-24 05:27:58 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2010-12-24 05:27:58 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2010-12-24 05:27:58 112000 ----a-w- C:\Windows\System32\consent.exe
2010-12-24 05:11:05 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-12-24 04:28:57 220672 ----a-w- C:\Windows\System32\wintrust.dll
2010-12-24 04:28:57 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
2010-12-24 04:28:57 139264 ----a-w- C:\Windows\System32\cabview.dll
2010-12-24 04:28:57 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2010-12-24 04:27:02 -------- d-----w- C:\Users\HOMEUS~1\AppData\Local\VirtualStore
2010-12-23 22:05:21 -------- d-----w- C:\Windows\Panther
2010-12-23 21:53:22 -------- d-----w- C:\Windows.old

==================== Find3M ====================

2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll
2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec
2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-10-25 05:25:38 72064 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2010-10-25 05:25:38 40832 ----a-w- C:\Windows\System32\drivers\MpNWMon.sys
2010-10-25 05:25:38 188928 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2010-10-20 05:20:01 46080 ----a-w- C:\Windows\System32\atmlib.dll
2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2010-10-20 03:09:15 3124224 ----a-w- C:\Windows\System32\win32k.sys
2010-10-20 03:05:46 367104 ----a-w- C:\Windows\System32\atmfd.dll
2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-10-16 21:13:54 5901416 ----a-w- C:\Windows\System32\nvcpl.dll
2010-10-16 21:13:34 989800 ----a-w- C:\Windows\System32\nvvsvc.exe
2010-10-16 21:13:34 61032 ----a-w- C:\Windows\System32\nvshext.dll
2010-10-16 21:13:34 2590824 ----a-w- C:\Windows\System32\nvsvc64.dll
2010-10-16 21:13:34 116328 ----a-w- C:\Windows\System32\nvmctray.dll
2010-10-16 05:19:41 395776 ----a-w- C:\Windows\System32\webio.dll
2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll

============= FINISH: 10:04:59.92 ===============
And Attach.txt:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/23/2010 8:26:47 PM
System Uptime: 12/26/2010 8:21:49 AM (0 hours ago)

Motherboard: ASRock | | M3A770DE
Processor: AMD Phenom(tm) II X2 550 Processor | CPUSocket | 3093/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 9.176 GiB free.
D: is FIXED (NTFS) - 75 GiB total, 19.466 GiB free.
E: is FIXED (NTFS) - 75 GiB total, 14.544 GiB free.
F: is CDROM ()
G: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID:
Description: Multimedia Audio Controller
Device ID: PCI\VEN_1274&DEV_5880&SUBSYS_80011274&REV_02\4&2966AB86&0&30A4
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_1274&DEV_5880&SUBSYS_80011274&REV_02\4&2966AB86&0&30A4
Service:

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

3D Realistic Fireplace Screen Saver 2.63
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
BufferChm
Copy
Destinations
DeviceDiscovery
DJ_AIO_05_F4400_Software_Min
DVD Shrink 3.2
F4400
GPBaseService2
HiJackThis
HP Update
HPPhotoGadget
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
MarketResearch
Microsoft Office 2000 Premium
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.13)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
PixScreen_CE
Scan
SmartWebPrinting
SolutionCenter
Sound Blaster PCI128
Status
Toolbox
TrayApp
WebReg
Your Uninstaller! 2010

==== Event Viewer Messages From Past Week ========

12/26/2010 8:22:08 AM, Error: Service Control Manager [7000] - The PfModNT service failed to start due to the following error: The system cannot find the file specified.
12/25/2010 8:30:46 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/25/2010 8:25:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C}
12/25/2010 8:21:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/25/2010 8:21:56 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
12/25/2010 8:21:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/25/2010 8:21:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/25/2010 8:21:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/25/2010 8:21:35 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr Wanarpv6
12/25/2010 2:40:58 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
12/25/2010 12:49:21 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
12/25/2010 12:49:21 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
12/25/2010 12:46:24 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/25/2010 12:46:24 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
12/25/2010 12:44:41 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: HomeUser-PC\Home User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80096010 Error description: The digital signature of the object did not verify.
12/25/2010 12:42:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
12/25/2010 12:42:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
12/25/2010 1:25:27 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
12/24/2010 2:38:45 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
12/23/2010 8:28:56 PM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
12/23/2010 8:11:30 PM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: The system cannot find the file specified.

==== End Of File ===========================

the third service you wanted me to run ran for about an hour and said there were no modifications made. There was no log file made. Should run it again?
 

·
Trusted Advisor
Joined
·
85,516 Posts
HiJackThis 2.0.4 doesn't play well with the 64-bit version of Windows and doesn't display all the log entries nor display them all properly, but I can see in your log that you have Uniblue Registry Booster installed and running.

If you've been using it and allowing it to "clean" or "fix" the registry, it's unknown how much damage it may have done to Windows and some of your programs.

Get rid of it and stay away from any registry cleaner/booster/optimizer/tuneup type program, no matter what it claims it can do.

---------------------------------------------------
 

·
Registered
Joined
·
1,054 Posts
Discussion Starter · #9 ·
HiJackThis 2.0.4 doesn't play well with the 64-bit version of Windows and doesn't display all the log entries nor display them all properly, but I can see in your log that you have Uniblue Registry Booster installed and running.

If you've been using it and allowing it to "clean" or "fix" the registry, it's unknown how much damage it may have done to Windows and some of your programs.

Get rid of it and stay away from any registry cleaner/booster/optimizer/tuneup type program, no matter what it claims it can do.

---------------------------------------------------
Okay I'll do that. But before I thought I had a virus I tried to clean the drive using Registry Booster. That means I couldn't install an AV app. BEFORE registry booster was installed.

After I get rid of Registry booster how do I get rid of the virus I have?
 

·
Registered
Joined
·
1,054 Posts
Discussion Starter · #11 ·
Hi DVK,

Well I did what you said and i got the same error. Its says:

"some of the installation files are corrupt. Please download a fresh copy and retry the installation."

I got the same message when I tried downloading AVG antivirus. The size of the instalation file is 138mb.

What should I do now?

ps> i also just discovered i cannot update windows or download the windows 7 updater.
 

·
Retired Moderator Retired Malware Specialist
Joined
·
56,449 Posts
what do you mean by " i cannot update windows or download the windows 7 updater."
what happens when you try to update

do you have your windows install DVD
 

·
Registered
Joined
·
1,054 Posts
Discussion Starter · #13 ·
what do you mean by " i cannot update windows or download the windows 7 updater."
what happens when you try to update

do you have your windows install DVD
It means that when I click on Windows Update in the Start Menu nothing happens. I mean the button moves and that's it.

I am using a clean install of Windows 7. I fdisked the drive and refomated as a Primary Dos drive. I wonder if this is incorrect? Should I have made it a non-dos drive? I think Fdisk is a fat32 system. The drive shows up as a NTFS.

I should also tell you I also have Windows XPsp3 32bit installed on a separate drive on this machine. Would this make a difference? I notice that Rollback RX doesn't install on the Windows XP drive.

I am writing to you now on the xp drive.

As to whether I have the Windows Install CD yes I do. It doesn't say "install cd" on it. It just says Windows 7.
 

·
Retired Moderator Retired Malware Specialist
Joined
·
56,449 Posts
it sounds like it is a corrupt install

It is posible the short cut is broken from start menu
go to control panel/system & security / update see if that works

I still think with all your problems a new install is the best way
 

·
Registered
Joined
·
1,054 Posts
Discussion Starter · #15 ·
it sounds like it is a corrupt install

It is posible the short cut is broken from start menu
go to control panel/system & security / update see if that works

I still think with all your problems a new install is the best way
Well I went to Control Panel and I was able to update succesfully. However I am still having the exact same problem with installing AV applications under the clean install as I did with the the other install.

Is is possible that my copy of Windows is bad? It is official, not fake.
 

·
Retired Moderator Retired Malware Specialist
Joined
·
56,449 Posts
Please run the MGA Diagnostic Tool and post back the report it creates:
  • Download MGADiag to your desktop.
  • Double-click on MGADiag.exe to launch the program
  • Click "Continue"
  • Ensure that the "Windows" tab is selected (it should be by default).
  • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
  • Paste the MGA Diagnostic Report back here in your next reply.
 

·
Registered
Joined
·
1,054 Posts
Discussion Starter · #17 ·
Please run the MGA Diagnostic Tool and post back the report it creates:
  • Download MGADiag to your desktop.
  • Double-click on MGADiag.exe to launch the program
  • Click "Continue"
  • Ensure that the "Windows" tab is selected (it should be by default).
  • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
  • Paste the MGA Diagnostic Report back here in your next reply.
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-HDYTY-9YQJ6-P6278
Windows Product Key Hash: n1+l+ajzqoZlXiKRMYT15K4o1M8=
Windows Product ID: 00359-OEM-8703343-92752
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 6.1.7600.2.00010300.0.0.003
ID: {D8391184-0D90-469A-9AE3-5F14DDA3BD14}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7600.win7_gdr.100618-1621
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{D8391184-0D90-469A-9AE3-5F14DDA3BD14}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-P6278</PKey><PID>00359-OEM-8703343-92752</PID><PIDType>3</PIDType><SID>S-1-5-21-955133319-1092553439-3373950509</SID><SYSTEM><Manufacturer>To Be Filled By O.E.M.</Manufacturer><Model>To Be Filled By O.E.M.</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>P1.60</Version><SMBIOSVersion major="2" minor="5"/><Date>20100520000000.000000+000</Date></BIOS><HWID>60BB3607018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7600.16385

Name: Windows(R) 7, HomePremium edition
Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
Activation ID: 586bc076-c93d-429a-afe5-a69fbc644e88
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00359-00174-033-492752-02-1033-7600.0000-3572010
Installation ID: 019821316635096131697714878965837000750062622315841313
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: P6278
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 12/28/2010 1:51:12 AM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 12:28:2010 01:36
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:

HWID Data-->
HWID Hash Current: MAAAAAIABAABAAEAAAAAAAAAAQABAAEA6GEmUaygMA9U8hAzLK+UsrJz/CvoREDp

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC 052010 APIC1109
FACP A_M_I OEMFACP
SRAT AMD FAM_F_10
MCFG 052010 OEMMCFG
OEMB 052010 OEMB1109
AAFT 052010 OEMAAFT
 

·
Registered
Joined
·
1,054 Posts
Discussion Starter · #18 ·
I'm not an expert on the subject but I noticed that when I go to the URL's they list for their certificates I get a "this connection is untrusted" message from my browser, FF. Does this mean I have a bad copy of windows 7?
 

·
Retired Moderator Retired Malware Specialist
Joined
·
56,449 Posts
I'm not an expert on the subject but I noticed that when I go to the URL's they list for their certificates I get a "this connection is untrusted" message from my browser, FF. Does this mean I have a bad copy of windows 7?
not necessarily
it can mean that firefoxc isn't recognizing the Microsoft certificate because it has expired or is for a different sub domain on Microsoft
 

·
Retired Moderator Retired Malware Specialist
Joined
·
56,449 Posts
You have a system builder copy of W7
is it a genuine MS disc with a holgram or is it a burned disc supplied by someone
I am starting to suspect that it is a bad copy of the physical media
 
1 - 20 of 24 Posts
Status
Not open for further replies.
Top