Home > Can T Remove > Can't Remove Msiconf.exe

Can't Remove Msiconf.exe

I think I may have too much stuff in the system tray. We only require a report from it. After downloading the tool, disconnect from the internet and disable all antivirus protection. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:13:43 AM, on 8/15/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\WINDOWS\system32\DVDRAMSV.exeC:\Program http://copyprotecteddvd.net/can-t-remove/can-t-remove-this-dds-attached.html

Login _ Social Sharing Find TechSpot on... The box that pops up when it finds it reads:"File contains Trojan program and cannot be Disinfected: write access is denied"I have attached a screen shot of a pop-up from kaspersky Invision Power Board © 2001-2017 Invision Power Services, Inc. Jan 7, 2009 #14 kimsland Ex-TechSpotter Posts: 14,524 I realize it's a registry entry But have you tried searching your drive for sqeayo.dll (you will need to do an advanced search, https://www.bleepingcomputer.com/forums/t/186139/cant-remove-msiconfexe/

Tech Support Guy is completely free -- paid for by advertisers and donations. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: &Yahoo! JamesRE 3.01.2009 22:08 QUOTE(Lucian Bara @ 3.01.2009 12:35) 1. I want to thank you for your tremendous amount of help to get me so far.

Also assuming with the pop ups stopping and the recommendations that malwarebytes gives the user did indeed restart Jan 2, 2009 #5 Bobbye Helper on the Fringe Posts: 16,335 cleanup:run this scriptCODEbeginCreateQurantineArchive('c:\quarantine.zip');end.A file called quarantine.zip should be created in C:\. Also let me know how the computer is running now. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLLO2 - BHO: Yahoo!

Let me see if someone can write code (I don't) to remove this. Thanks very much. There were no viruses. click to read more Jan 7, 2009 #22 frhentb1 TS Rookie Topic Starter Searching 4 sqeayo kimsland & bobbye viewed all processes and did search across entire system including systems and hidden files for sqeayo

But there is some malware in HijackThis. Attached Files ComboFix.txt 16.86KB 3 downloads Back to top #8 PropagandaPanda PropagandaPanda Malware Response Team 10,433 posts OFFLINE Gender:Male Local time:02:10 AM Posted 23 December 2008 - 07:56 PM Hello. ComboFix only found and removed the leftover msiconf.exe entry. If not, you can go ahead and remove MusicMatch via Add or Remove Programs in Control Panel.

Please alert me if you feel this may be an issue. No, create an account now. Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Click View scan report at the bottom.

Once reported, our moderators will be notified and the post will be reviewed. navigate here pcloadletter 23.01.2009 11:16 I have performed the scan with system restore off and it found a few viruses. O4 - HKUS\S-1-5-18\..\Run: [msiexec.exe] msiconf.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [msiexec.exe] msiconf.exe (User 'Default user') O20 - AppInit_DLLs: sqeayo.dllClick to expand... Since SDFix,which is the recommended repair failed,something is protecting it, so we'll have to do a manual repair: Step 1: Use Windows File Search Tool to Find msiconf.exe Path 1.

c:\docume~1\michae~1\locals~1\tempor~1\content.ie5\7a16t8rn\fa9455~1.sh! Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan. You will not recieve the prompts below if you are not using Windows XP. http://copyprotecteddvd.net/can-t-remove/can-t-remove-stdrt.html Unfortunately Kaspersky doesn't identify the specific infected mail.

However, we do not guarantee that they are accurate and they are to be used at your own risk. I ran the script and downloaded Combofix. The SUPERAntiSpyware link wouldn't work for me, but MalwareBytes found ten more trojans.

BleepingComputer is being sued by Enigma Software because of a negative post of SpyHunter.

hopefully this is resolved. They are confirmed to be false positives by the author of the tool. I got rid of the adware from "Detected". here it is.

Select the "msiconf.exe" process and click on the "End Process" button to kill it.Click to expand... Help I can't install any software. c:\docume~1\michae~1\locals~1\tempor~1\content.ie5\0bmabklp\a92s0p~1.sh! http://copyprotecteddvd.net/can-t-remove/can-t-remove-mydoom.html as it otherwise will interfere!Did you run MalwareBytesAntiMalware?If NO:Please download Malwarebytes Anti-Malwareand save it to your desktop.

mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-9-21 40488] R4 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2004-12-13 181864] R4 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-9-21 358736] R4 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-9-21 144704] S3 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCEVTMGR.EXE Each installation of the Viewpoint Media Player is identifiable to Viewpoint via a Customer Unique Identifier (CUID), an alphanumeric identifier embedded in the Viewpoint Media Player. Maybe this malware is dead and buried? I scanned not once but twice.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. That confounded msiconf.exe has finally disappeared from msconfig/startup. scan completed successfully hidden files: 0 ************************************************************************** . Quote: I really had trouble trying to post the deQuarantine file.

Keep MBAM updated and scan regularly with it Happy New Year Flag Permalink This was helpful (0) Collapse - MalwareBytesAntiMalware by rariccardi / January 3, 2009 12:18 PM PST In reply The Java SE Runtime Environment (JRE) allows end-users to run Java applications." Click the "Download" button to the right. Lucian Bara 4.01.2009 01:47 then just copy the detected list and paste it here. http://www.killbox.net/downloads/KillBox.exe Jan 7, 2009 #15 Bobbye Helper on the Fringe Posts: 16,335 +36 Thanks kimsland.

You cannot assume the user has done that. Share this post Link to post Share on other sites This topic is now closed to further replies. It will also implement some cleanup procedures and reset System Restore to prevent reinfection from old restore points. everything seems to be running much better now... 01-11-2009, 04:25 PM #7 amateur Security Team Moderator, Analyst Rangemaster, TSF Academy Join Date: Jun 2006 Location: here &

Please be patient while it scans your computer. * After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Jan 7, 2009 #19 kimsland Ex-TechSpotter Posts: 14,524 frhentb1 said: ↑ bobbye great! Make sure it is set to Instant Notification, then click Subscribe.