New
#1
Bad Image - No programs run
I have a home brew system that I recently swapped hard drives on. I did a clean install on the new drive, and everthing ran fine for about 2 weeks. I went to use the computer and got a couple error warnings when the computer started, and didn't think much of it. I did a restart, and got several "Bad Image" error messages. When I tried to open programs, I got the same basic messages.
I did some internet searching, and came up with the idea to run sfc /scannow, it ran and this is what I got back:
Log is posted below
Some further reading suggested malware, and while I doubted it on a fresh install with AVG and no bad surfing, went ahead and ran Malwarebyte's and SUPERAntiSpyware. Both turned up nothing earth shattering.
Script:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7640
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
9/3/2011 12:47:07 AM
mbam-log-2011-09-03 (00-47-07).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 698938
Time elapsed: 1 hour(s), 37 minute(s), 47 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Windows\installer\{d7926497-e476-489b-b4e9-dbfca45483a2}\icond79264971.bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
c:\windows.old.000\Windows\installer\{d7926497-e476-489b-b4e9-dbfca45483a2}\icond79264971.bmp (Extension.Mismatch) -> Quarantined and deleted successfully.
I tried to reinstall windows inplace using the upgrade option while Windows was running, and it got stuck at 87%. I have also restored back to a know good date, and still have the same issue. I ran WD LifeGaurd Diagnostics and everything came back good on that as well.Script:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 09/02/2011 at 09:32 PM
Application Version : 5.0.1118
Core Rules Database Version : 7644
Trace Rules Database Version: 5456
Scan type : Complete Scan
Total Scan Time : 02:05:19
Operating System Information
Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 760
Memory threats detected : 0
Registry items scanned : 73775
Registry threats detected : 0
File items scanned : 211130
File threats detected : 1
Adware.Tracking Cookie
spe.atdmt.com [ C:\USERS\JON DUGAN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4MEH3VWG ]
I am just lost at this point on what to do.