Do NOT take any action on any "<--- ROOKIT" entries

I used Run scan option in OTL with all the requirements.

  1. Linked via TeamViewer !
  2. T.T My System Specs OS Windows 7 Ultimate x86 anonymousphil25 View Public Profile Find More Posts by anonymousphil25 18 Jun 2013 #6 MistyBlack Windows 7 Home Prenium 32 bit 3
  3. TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast!
  5. If asked to allow gmer.sys driver to load, please consent.If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.In the right panel,
  6. FILE :: "c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" "c:\users\Sacha\AppData\Local\Temp\iqu_bootstrap.exe" "c:\windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe" "c:\windows\Tasks\PC Helper 360.job" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . .
  7. The file will not be moved.) HKLM\...\Run: [fssui] => C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)HKLM-x32\...\Run: [HDAudDeck] => C:\Program
Just to get the ball rolling:MalwareBytes:http://filehippo.com/download_malwa...(green Download button top right - not anything else on the page)Run the program but before doing the scan go to "Settings > Detection and Protection"

C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\STacSV.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_b9d13b43\aestsrv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Music Toolbar\Datamngr\DatamngrCoordinator.exe C:\Program Files\DefaultTab\DefaultTabSearch.exe C:\Users\Sacha\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Norton Internet Security\Engine\\ccSvcHst.exe C:\Program Attached logs will not be reviewed. Published on Oct 7, 2015How to get rid of Bad Image pop up? Run a full scan for malware & viruses.

Antivirus;avast! BSOD Help and Support Repeated "Disk Read Error" messages for no reason!Hi, I have a very frustrating problem. Couldn't sign you in, please try again. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-09-06 11:18 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe .

Thanks aswMBR version Copyright© 2011 AVAST Software Run date: 2013-09-20 19:35:17 ----------------------------- 19:35:17.077 OS Version: Windows 6.0.6002 Service Pack 2 19:35:17.077 Number of processors: 2 586 0x170A 19:35:17.078 ComputerName: R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1008030.006\SymEFA.sys [2011-10-11 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1008030.006\BHDrvx86.sys [2011-10-11 259632] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1008030.006\cchpx86.sys [2011-10-11 467592] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20130913.001\IDSvix86.sys [2013-9-14 392792] R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_b9d13b43\AEstSrv.exe [2011-4-24 81920] R2 Order is crucial in cleaning process. Jun 29, 2011 #4 crimsonheis TS Member Topic Starter Posts: 25 I ran a full scan on avast!

This would change the output of our tools and could be confusing for me. http://sovidi.com/bad-image/bad-image-error-windows-7-dll.php Everytime I try to run something I get the "[Program].exe - Bad Image" Title of opo up box, then text of - "c:\progra~2\browse~2\261339~1.144\{c16c1~1\browse~1.dll is either not designed to runon Windows or Sign in to make your opinion count. I've been researching this issue for a while and cant find any solution.

Always attach reports from all tools.Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.Note that we may live in totally different time

However, a message says " The setup files are corrupted. Show more Language: English Content location: Canada Restricted Mode: Off History Help Loading... I don't recall installing such program.

Back to top #2 Juliet Juliet Advanced Member Trusted Malware Techs 22,982 posts Gender:Female Posted 15 February 2015 - 08:40 AM HiI'm going to move this topic to the Have I

If you are not sure which version applies to your system download both of them and try to run them.Only one of them will run on your system, that will be mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-3-25 214664] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-6-29 19544] R2 avast! scanning hidden autostart entries ... . http://sovidi.com/bad-image/bad-image-error-windows-xp-fix.php No msg, no text, NOTHING!

Sign up for a new account or log in here: Forgot your password? Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, I was able to bring back my old desktop by system restore though, this instance did not occur again. Absence of symptoms does not always mean the computer is clean.

Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . I tried doing fast-scans earlier today since I was pressed for time but they all came out clean. RemoveVirus 93,397 views 2:21 Fix Windows Errors by Re-registering All Your DLL's by Britec - Duration: 8:06. I would be most grateful if someone could guide me remove this virus/trojan/malware from my computer.

So please do not use slang or idioms. self protection module/AVAST Software) ObMakeTemporaryObject ---- Devices - GMER 1.0.15 ---- Device \Driver\atapi \Device\Ide\IdePort0 [B9E09B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device Skip navigation CAUploadSign inSearch Loading... Try installing the program again using the original installation media or contacts your system administrator for support"

PC running Windows Vista Home Premium

As I said, If anyone can

Please check this against your installation diskette.

I created the log but it looks like it might still be scanning. How to remove 'Bad Image virus' ?The "Bad Image" error is a common error associated with malware or virus. "Bad Image" error can pop up on Windows XP, Windows vista, Windows There was one instance noted that said: IAStorIcon.exe - Application Error Application has generated an exception that could not be handled. i had done numerous virus scan , scannow, registry fix....

Working... c:\documents and settings\Pechy\Application Data\inst.exe c:\documents and settings\Pechy\Application Data\Mozilla\Firefox\Profiles\s9t57nz4.default\searchplugins\SearchquWebSearch.xml c:\documents and settings\Pechy\Application Data\Mozilla\Firefox\Profiles\s9t57nz4.default\searchqutb c:\documents and settings\Pechy\Application Data\Mozilla\Firefox\Profiles\s9t57nz4.default\searchqutb\games\00d2dfc64c07a4f32824abac1d6f735b c:\documents and settings\Pechy\Application Data\Mozilla\Firefox\Profiles\s9t57nz4.default\searchqutb\games\3e4265e00cbc4a9cf22a105046a46d8a c:\documents and settings\Pechy\Application Data\Mozilla\Firefox\Profiles\s9t57nz4.default\searchqutb\games\44a5d79f5451d3036ba3986425e234c8 c:\documents and settings\Pechy\Application Data\Mozilla\Firefox\Profiles\s9t57nz4.default\searchqutb\games\GameCategories.xml c:\documents and settings\Pechy\Application