Jump to content

revclyburn

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

 Content Type 

Posts posted by revclyburn

    Can't get Malwarebytes to work, run-time errors

    in Resolved Malware Removal Logs

    Posted

    Hello

    hopefully this is te right place to post this. I am working on my Pastors laptop, grandchildren loaded a lot of games on it. And with it came some viruses and malware. I have been trying to get malwarebyes to work because I trust it more that any other malware software but just can't seem to get it to run. I've loaded on his laptop, tried to run it and it failed. I've cleaned it off tried to load and run it again and still I get the same run-time errors. I've ran a DDS scan, was advided to do that by Bleepingcomputers. com and was recommended that I post the situation here. Here is the current DDS and attach file.:

    DDS (Ver_2012-11-20.01) - NTFS_x86

    Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 10.9.2

    Run by Rev. Evans at 15:31:02 on 2012-12-06

    .

    ============== Running Processes ================

    .

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\Explorer.EXE

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Program Files\HP\QuickPlay\QPService.exe

    C:\WINDOWS\system32\igfxtray.exe

    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

    C:\Program Files\Windows Media Player\WMPNSCFG.exe

    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

    C:\WINDOWS\eHome\ehRecvr.exe

    C:\WINDOWS\eHome\ehSched.exe

    C:\Program Files\Java\jre7\bin\jqs.exe

    C:\Program Files\Common Files\LightScribe\LSSrvc.exe

    C:\WINDOWS\ehome\mcrdsvc.exe

    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

    C:\WINDOWS\system32\dllhost.exe

    C:\WINDOWS\System32\alg.exe

    C:\Program Files\Mozilla Firefox\firefox.exe

    C:\Program Files\Mozilla Firefox\plugin-container.exe

    C:\Program Files\Real\RealPlayer\update\realsched.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\svchost.exe -k NetworkService

    C:\WINDOWS\system32\svchost.exe -k LocalService

    C:\WINDOWS\System32\svchost.exe -k HTTPFilter

    C:\WINDOWS\system32\svchost.exe -k LocalService

    .

    ============== Pseudo HJT Report ===============

    .

    uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=presario&pf=laptop

    mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop

    uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop

    uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

    BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - <orphaned>

    BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - <orphaned>

    BHO: DealCabby: {0B4A07CF-45EB-4B10-B6BB-35568A2F89BE} - c:\documents and settings\rev. evans\local settings\application data\dealcabby\ie\dealcabby_20121029030001.dll

    BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - <orphaned>

    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

    BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} -

    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

    BHO: CNavExtBho Class: {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} -

    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll

    BHO: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - <orphaned>

    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

    BHO: Zoom Downloader: {E5C66DD8-308B-4a4f-AF0A-3D04F25B5343} -

    TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

    TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

    mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

    mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

    mRun: [Reminder] c:\windows\creator\Remind_XP.exe

    mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"

    mRun: [igfxtray] c:\windows\system32\igfxtray.exe

    mRun: [igfxpers] c:\windows\system32\igfxpers.exe

    mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

    mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe

    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

    mRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe

    mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY

    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

    mRun: [QlbCtrl] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start

    mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

    mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup

    mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe

    mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k

    dRun: [Exetender] "c:\program files\free ride games\GPlayer.exe" /runonstartup

    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

    IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000

    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

    DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

    DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

    TCP: NameServer = 192.168.1.1

    TCP: Interfaces\{2AC8DF53-482E-4BBE-8ED6-D8B50C06A018} : DHCPNameServer = 192.168.1.1

    Notify: igfxcui - igfxdev.dll

    SSODL: SysTray - <orphaned>

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    .

    ================= FIREFOX ===================

    .

    FF - ProfilePath - c:\documents and settings\rev. evans\application data\mozilla\firefox\profiles\6xfb52qk.default\

    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

    FF - plugin: c:\documents and settings\rev. evans\application data\mozilla\firefox\profiles\6xfb52qk.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll

    FF - plugin: c:\documents and settings\rev. evans\application data\mozilla\firefox\profiles\6xfb52qk.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll

    FF - plugin: c:\documents and settings\rev. evans\application data\mozilla\firefox\profiles\6xfb52qk.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll

    FF - plugin: c:\program files\free ride games\npExentCtl.dll

    FF - plugin: c:\program files\free ride games\npGameTreatWidget.dll

    FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

    FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll

    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll

    FF - plugin: c:\windows\system32\npDeployJava1.dll

    FF - plugin: c:\windows\system32\npptools.dll

    FF - ExtSQL: 2012-11-09 23:35; {0153E448-190B-4987-BDE1-F256CADA672F}; c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext

    FF - ExtSQL: 2012-11-13 14:24; wrc@avast.com; c:\program files\alwil software\avast5\webrep\FF

    FF - ExtSQL: 2012-11-16 18:22; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\documents and settings\rev. evans\application data\mozilla\firefox\profiles\6xfb52qk.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}

    FF - ExtSQL: 2012-11-16 19:11; {ab91efd4-6975-4081-8552-1b3922ed79e2}; c:\documents and settings\rev. evans\application data\mozilla\firefox\profiles\6xfb52qk.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}

    .

    ============= SERVICES / DRIVERS ===============

    .

    R? avast! Antivirus;avast! Antivirus

    R? MBAMSwissArmy;MBAMSwissArmy

    S? aswFsBlk;aswFsBlk

    S? aswSnx;aswSnx

    S? aswSP;aswSP

    S? AVGIDSAgent;AVGIDSAgent

    S? AVGIDSDriver;AVGIDSDriver

    S? AVGIDSHX;AVGIDSHX

    S? AVGIDSShim;AVGIDSShim

    S? Avgldx86;AVG AVI Loader Driver

    S? Avglogx;AVG Logging Driver

    S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield

    S? Avgrkx86;AVG Anti-Rootkit Driver

    S? Avgtdix;AVG TDI Driver

    S? avgwd;AVG WatchDog

    S? McrdSvc;Media Center Extender Service

    S? X4HSEx_Pr143;X4HSEx_Pr143

    .

    =============== File Associations ===============

    .

    FileExt: .reg: regfile=c:\windows\system32\NOTEPAD.EXE %1 [default=edit]

    .

    =============== Created Last 30 ================

    .

    2012-11-30 23:54:46 89088 ----a-w- C:\mbr.exe

    2012-11-28 22:20:49 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

    2012-11-28 22:20:49 -------- d-----w- c:\documents and settings\rev. evans\application data\Malwarebytes

    2012-11-28 22:20:36 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

    2012-11-28 22:20:33 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

    2012-11-28 22:20:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

    2012-11-28 20:55:42 -------- d-----w- C:\Malwarebytes

    2012-11-28 03:48:53 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\QuickPlay

    2012-11-20 04:22:12 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\dealcabby

    2012-11-20 03:48:28 -------- d-----w- c:\program files\Kaspersky Security Scan

    2012-11-20 03:47:22 -------- d-----w- c:\program files\WinZip System Utilities Suite

    2012-11-20 03:39:33 -------- d-----w- c:\documents and settings\rev. evans\application data\WinZip

    2012-11-19 21:47:28 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\jZip

    2012-11-19 21:46:42 -------- d-----w- c:\program files\jZip

    2012-11-19 04:55:07 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\WinZip

    2012-11-19 03:31:06 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\Identities

    2012-11-18 23:45:10 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2012-11-18 23:45:10 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

    2012-11-18 01:13:47 13894 ----a-w- c:\windows\system32\dllcache\zonelibm.dll

    2012-11-18 01:13:46 29760 ----a-w- c:\windows\system32\dllcache\znetm.dll

    2012-11-18 01:13:46 113222 ----a-w- c:\windows\system32\dllcache\zoneclim.dll

    2012-11-18 01:13:45 4677 ----a-w- c:\windows\system32\dllcache\zeeverm.dll

    2012-11-18 01:13:45 41029 ----a-w- c:\windows\system32\dllcache\zcorem.dll

    2012-11-18 01:13:45 36937 ----a-w- c:\windows\system32\dllcache\zclientm.exe

    2012-11-18 01:13:44 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll

    2012-11-18 01:13:40 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

    2012-11-18 01:13:36 17408 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll

    2012-11-18 01:13:31 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe

    2012-11-18 01:13:26 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe

    2012-11-18 01:12:57 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe

    2012-11-18 01:12:51 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys

    2012-11-18 01:12:48 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys

    2012-11-18 01:12:44 19328 ----a-w- c:\windows\system32\dllcache\wstcodec.sys

    2012-11-18 01:12:42 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys

    2012-11-18 01:12:40 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll

    2012-11-18 01:12:33 221184 ----a-w- c:\windows\system32\dllcache\wmpns.dll

    2012-11-18 01:12:18 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys

    2012-11-18 01:12:13 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys

    2012-11-18 01:12:01 771581 ----a-w- c:\windows\system32\dllcache\winacisa.sys

    2012-11-18 01:10:59 48256 ----a-w- c:\windows\system32\dllcache\w32.dll

    2012-11-18 01:09:57 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys

    2012-11-18 01:08:54 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll

    2012-11-18 01:07:58 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll

    2012-11-18 01:06:56 36640 ----a-w- c:\windows\system32\dllcache\t2r4mini.sys

    2012-11-18 01:05:57 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys

    2012-11-18 01:04:55 7168 ----a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll

    2012-11-18 01:03:59 29184 ----a-w- c:\windows\system32\dllcache\sm8cw.dll

    2012-11-18 01:02:46 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys

    2012-11-18 01:02:43 18400 ----a-w- c:\windows\system32\dllcache\sgsmld.sys

    2012-11-18 01:02:39 98080 ----a-w- c:\windows\system32\dllcache\sgiulnt5.sys

    2012-11-18 01:02:35 386560 ----a-w- c:\windows\system32\dllcache\sgiul50.dll

    2012-11-18 01:02:31 36480 ----a-w- c:\windows\system32\dllcache\sfmanm.sys

    2012-11-18 01:02:20 6784 ----a-w- c:\windows\system32\dllcache\serscan.sys

    2012-11-18 01:02:17 17664 ----a-w- c:\windows\system32\dllcache\sermouse.sys

    2012-11-18 01:02:15 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll

    2012-11-18 01:02:15 221696 ----a-w- c:\windows\system32\dllcache\seo.dll

    2012-11-18 01:02:09 6912 ----a-w- c:\windows\system32\dllcache\seaddsmc.sys

    2012-11-18 01:02:04 10880 ----a-w- c:\windows\system32\dllcache\scsiscan.sys

    2012-11-18 01:02:00 11648 ----a-w- c:\windows\system32\dllcache\scsiprnt.sys

    2012-11-18 01:00:57 41216 ----a-w- c:\windows\system32\dllcache\s3mt3d.sys

    2012-11-18 00:59:59 4096 ----a-w- c:\windows\system32\dllcache\rpcref.dll

    2012-11-18 00:58:56 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys

    2012-11-18 00:58:56 16384 ----a-w- c:\windows\system32\dllcache\quser.exe

    2012-11-18 00:58:54 9728 ----a-w- c:\windows\system32\dllcache\query.exe

    2012-11-18 00:58:41 6016 ----a-w- c:\windows\system32\dllcache\qic157.sys

    2012-11-18 00:58:34 7680 ----a-w- c:\windows\system32\dllcache\pwsdata.dll

    2012-11-18 00:58:29 130942 ----a-w- c:\windows\system32\dllcache\ptserlv.sys

    2012-11-18 00:58:25 112574 ----a-w- c:\windows\system32\dllcache\ptserlp.sys

    2012-11-18 00:58:18 128286 ----a-w- c:\windows\system32\dllcache\ptserli.sys

    2012-11-18 00:58:17 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll

    2012-11-18 00:58:14 5632 ----a-w- c:\windows\system32\dllcache\ptpusb.dll

    2012-11-18 00:58:06 35328 ----a-w- c:\windows\system32\dllcache\psisload.dll

    2012-11-18 00:56:57 16384 ----a-w- c:\windows\system32\dllcache\philcam1.dll

    2012-11-18 00:55:56 41984 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll

    2012-11-18 00:54:55 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys

    2012-11-18 00:54:33 1897408 ----a-w- c:\windows\system32\dllcache\nv4_mini.sys

    2012-11-18 00:54:32 4274816 ----a-w- c:\windows\system32\dllcache\nv4_disp.dll

    2012-11-18 00:54:28 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys

    2012-11-18 00:54:23 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll

    2012-11-18 00:54:13 180360 ----a-w- c:\windows\system32\dllcache\ntmtlfax.sys

    2012-11-18 00:53:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys

    2012-11-18 00:53:48 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll

    2012-11-18 00:53:39 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys

    2012-11-18 00:53:34 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys

    2012-11-18 00:53:31 44544 ----a-w- c:\windows\system32\dllcache\nsepm.dll

    2012-11-18 00:53:29 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys

    2012-11-18 00:53:27 226816 ----a-w- c:\windows\system32\dllcache\npdrmv2.dll

    2012-11-18 00:53:15 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys

    2012-11-18 00:53:11 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys

    2012-11-18 00:53:04 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys

    2012-11-18 00:53:03 53248 ----a-w- c:\windows\system32\dllcache\nextlink.dll

    2012-11-18 00:53:00 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys

    2012-11-18 00:52:42 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys

    2012-11-18 00:52:35 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys

    2012-11-18 00:52:31 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll

    2012-11-18 00:52:28 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys

    2012-11-18 00:52:24 10880 ----a-w- c:\windows\system32\dllcache\ndisip.sys

    2012-11-18 00:52:17 85376 ----a-w- c:\windows\system32\dllcache\nabtsfec.sys

    2012-11-18 00:52:13 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll

    2012-11-18 00:52:10 27936 ----a-w- c:\windows\system32\dllcache\n9i3d.sys

    2012-11-18 00:52:06 33088 ----a-w- c:\windows\system32\dllcache\n9i128v2.sys

    2012-11-18 00:52:02 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll

    2012-11-18 00:50:51 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys

    2012-11-18 00:50:49 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys

    2012-11-18 00:50:38 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys

    2012-11-18 00:50:19 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys

    2012-11-18 00:50:16 40960 ----a-w- c:\windows\system32\dllcache\msiregmv.exe

    2012-11-18 00:50:14 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys

    2012-11-18 00:50:12 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll

    2012-11-18 00:49:57 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys

    2012-11-18 00:49:52 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys

    2012-11-18 00:49:50 51328 ----a-w- c:\windows\system32\dllcache\msdv.sys

    2012-11-18 00:49:19 15360 ----a-w- c:\windows\system32\dllcache\mpe.sys

    2012-11-18 00:49:09 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys

    2012-11-18 00:47:58 58368 ----a-w- c:\windows\system32\dllcache\m3091dc.dll

    2012-11-18 00:46:57 33792 ----a-w- c:\windows\system32\dllcache\lmmib2.dll

    2012-11-18 00:45:56 7168 ----a-w- c:\windows\system32\dllcache\kbdibm02.dll

    2012-11-18 00:44:57 23552 ----a-w- c:\windows\system32\dllcache\irmk7.sys

    2012-11-18 00:43:59 311359 ----a-w- c:\windows\system32\dllcache\imepadsv.exe

    2012-11-18 00:42:57 141056 ----a-w- c:\windows\system32\dllcache\icam3.sys

    2012-11-18 00:41:56 488383 ----a-w- c:\windows\system32\dllcache\hsf_v124.sys

    2012-11-18 00:40:58 32768 ----a-w- c:\windows\system32\dllcache\hpgtmcro.dll

    2012-11-18 00:39:59 36864 ----a-w- c:\windows\system32\dllcache\hanjadic.dll

    2012-11-18 00:38:54 442240 ----a-w- c:\windows\system32\dllcache\fpnpbase.sys

    2012-11-18 00:37:59 45568 ----a-w- c:\windows\system32\dllcache\esunib.dll

    2012-11-18 00:36:55 19996 ----a-w- c:\windows\system32\dllcache\em556n4.sys

    2012-11-18 00:35:56 28062 ----a-w- c:\windows\system32\dllcache\dp83820.sys

    2012-11-18 00:34:59 65622 ----a-w- c:\windows\system32\dllcache\digiasyn.dll

    2012-11-18 00:33:59 3072 ----a-w- c:\windows\system32\dllcache\cwbmidi.sys

    2012-11-18 00:32:59 14336 ----a-w- c:\windows\system32\dllcache\chgusr.exe

    2012-11-17 21:13:33 -------- d-----w- c:\program files\Spybot - Search & Destroy

    2012-11-17 21:13:33 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy

    2012-11-17 04:47:22 119296 ----a-w- c:\windows\system32\dllcache\camext30.dll

    2012-11-17 04:47:19 236032 ----a-w- c:\windows\system32\dllcache\camext20.dll

    2012-11-17 04:47:17 74240 ----a-w- c:\windows\system32\dllcache\camexo20.dll

    2012-11-17 04:47:15 171264 ----a-w- c:\windows\system32\dllcache\camdrv30.sys

    2012-11-17 04:47:14 223232 ----a-w- c:\windows\system32\dllcache\camdrv21.sys

    2012-11-17 04:47:13 314752 ----a-w- c:\windows\system32\dllcache\camdro21.sys

    2012-11-17 04:47:07 6656 ----a-w- c:\windows\system32\dllcache\c_is2022.dll

    2012-11-17 04:47:06 218112 ----a-w- c:\windows\system32\dllcache\c_g18030.dll

    2012-11-17 04:45:59 2944 ----a-w- c:\windows\system32\dllcache\brfilt.sys

    2012-11-17 04:44:52 23552 ----a-w- c:\windows\system32\dllcache\atixbar.sys

    2012-11-17 04:43:59 56623 ----a-w- c:\windows\system32\dllcache\ati1btxx.sys

    2012-11-17 04:42:59 6144 ----a-w- c:\windows\system32\dllcache\admxprox.dll

    2012-11-17 04:41:58 4639 ----a-w- c:\windows\system32\dllcache\mplayer2.exe

    2012-11-17 04:41:44 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll

    2012-11-17 04:41:34 32827 ----a-w- c:\windows\system32\dllcache\tcptest.exe

    2012-11-17 04:41:34 16384 ----a-w- c:\windows\system32\dllcache\tcptsat.dll

    2012-11-17 04:41:32 8192 ----a-w- c:\windows\system32\dllcache\staxmem.dll

    2012-11-17 04:41:31 2134528 ----a-w- c:\windows\system32\dllcache\smtpsnap.dll

    2012-11-17 04:41:30 189440 ----a-w- c:\windows\system32\dllcache\smtpadm.dll

    2012-11-17 04:41:29 20536 ----a-w- c:\windows\system32\dllcache\shtml.dll

    2012-11-17 04:41:29 16437 ----a-w- c:\windows\system32\dllcache\shtml.exe

    2012-11-17 04:41:19 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll

    2012-11-16 23:26:53 -------- d-----w- c:\program files\ESET

    2012-11-16 23:22:48 -------- d-----w- c:\documents and settings\rev. evans\application data\QuickScan

    2012-11-16 22:06:29 -------- d-----w- c:\windows\pss

    2012-11-16 22:06:19 158208 ----a-w- c:\windows\system32\msconfig.exe

    2012-11-16 20:51:09 -------- d-----w- c:\documents and settings\all users\application data\Alwil Software

    2012-11-13 19:20:30 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys

    2012-11-13 19:19:44 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software

    2012-11-13 18:33:53 26496 ----a-w- c:\windows\system32\dllcache\usbstor.sys

    2012-11-13 17:20:04 -------- d-----w- c:\program files\msn gaming zone

    2012-11-13 16:46:14 -------- d-----w- c:\windows\system32\CatRoot_bak

    2012-11-13 16:03:47 -------- d-----w- c:\documents and settings\rev. evans\application data\Nico Mak Computing

    2012-11-13 16:03:16 17224 ----a-w- c:\windows\system32\roboot.exe

    2012-11-13 15:50:52 -------- d-----w- c:\documents and settings\rev. evans\application data\DriverCure

    2012-11-13 15:50:51 -------- d-----w- c:\documents and settings\rev. evans\application data\PC Utility Kit

    2012-11-13 15:49:58 -------- d-----w- c:\documents and settings\all users\application data\PC Utility Kit

    2012-11-13 13:22:33 81920 ----a-w- c:\windows\system32\ieencode.dll

    2012-11-13 13:22:33 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll

    2012-11-13 13:22:33 -------- dc----w- c:\windows\ie8

    2012-11-12 17:55:53 -------- d-----w- C:\c409a21d9461da821dd6b38ec4

    2012-11-12 17:47:31 -------- d-----w- c:\documents and settings\rev. evans\application data\AVG2013

    2012-11-12 17:42:46 -------- d-----w- c:\documents and settings\rev. evans\application data\TuneUp Software

    2012-11-12 17:42:19 -------- d-----w- c:\documents and settings\all users\application data\AVG2013

    2012-11-12 17:42:19 -------- d-----w- C:\$AVG

    2012-11-12 17:41:49 -------- d-----w- c:\program files\AVG

    2012-11-12 16:24:11 -------- d-----w- c:\documents and settings\all users\application data\Common Files

    2012-11-12 16:24:10 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\MFAData

    2012-11-12 16:24:10 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\Avg2013

    2012-11-12 16:24:10 -------- d-----w- c:\documents and settings\all users\application data\MFAData

    2012-11-12 16:15:00 41224 ----a-w- c:\windows\avastSS.scr

    2012-11-12 14:48:17 940544 ----a-w- c:\documents and settings\rev. evans\local settings\application data\log4cxx.dll

    2012-11-12 14:48:17 196608 ----a-w- c:\documents and settings\rev. evans\local settings\application data\common_functions.dll

    2012-11-12 14:34:21 -------- d-----w- c:\windows\system32\LogFiles

    2012-11-10 05:48:11 -------- d-----w- C:\Remote Programs

    2012-11-10 05:48:07 1132448 ----a-w- c:\windows\system32\d3dx9_32.dll

    2012-11-10 05:48:07 -------- d-----w- c:\documents and settings\all users\application data\Free Ride Games

    2012-11-10 05:48:03 57824 ------w- c:\windows\ExentInfo.exe

    2012-11-10 05:48:01 -------- d-----w- c:\program files\Free Ride Games

    2012-11-10 05:47:41 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\WeatherBug

    2012-11-10 05:47:29 -------- d-----w- c:\documents and settings\rev. evans\application data\WeatherBug

    2012-11-10 05:47:22 -------- d-----w- c:\program files\AWS

    2012-11-10 05:08:12 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

    2012-11-10 05:08:12 746984 ----a-w- c:\windows\system32\deployJava1.dll

    2012-11-10 05:08:12 143872 ----a-w- c:\windows\system32\javacpl.cpl

    2012-11-10 05:07:58 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

    2012-11-10 04:57:02 -------- d-----w- c:\windows\system32\appmgmt

    2012-11-10 04:36:14 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\Real

    2012-11-10 04:35:41 -------- d-----w- c:\program files\common files\xing shared

    2012-11-10 04:32:24 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\Google

    2012-11-10 04:32:23 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\Shopping Sidekick

    2012-11-10 04:31:39 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\Zoom_Downloader

    2012-11-10 04:31:30 -------- d-----w- c:\program files\Zoom Downloader

    2012-11-10 04:31:30 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\DownloadManager

    2012-11-10 03:43:23 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys

    2012-11-10 03:43:23 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys

    2012-11-10 03:11:00 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\Sun

    2012-11-09 00:12:35 -------- d-sh--w- c:\documents and settings\rev. evans\PrivacIE

    2012-11-09 00:08:38 -------- d-sh--w- c:\documents and settings\rev. evans\IETldCache

    2012-11-07 03:41:28 -------- d-----w- c:\documents and settings\rev. evans\local settings\application data\Help

    .

    ==================== Find3M ====================

    .

    2012-10-22 18:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

    2012-10-15 08:48:52 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys

    2012-10-02 08:30:38 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys

    2012-09-21 08:46:06 164832 ----a-w- c:\windows\system32\drivers\avgtdix.sys

    2012-09-21 08:46:00 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys

    2012-09-21 08:45:54 19936 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys

    2012-09-14 08:05:20 35552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

    .

    =================== ROOTKIT ====================

    .

    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

    Windows 5.1.2600

    .

    CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.

    device: opened successfully

    user: error reading MBR

    .

    Disk trace:

    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys

    c:\windows\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver

    1 ntkrnlpa!IofCallDriver[0x804EDF3C] -> \Device\Harddisk0\DR0[0x82BAD618]

    3 CLASSPNP[0xF855605B] -> ntkrnlpa!IofCallDriver[0x804EDF3C] -> \Device\00000083[0x82B98970]

    5 ACPI[0xF83CC620] -> ntkrnlpa!IofCallDriver[0x804EDF3C] -> \Device\Ide\IAAStorageDevice-0[0x82BD0030]

    kernel: MBR read successfully

    _asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x7a; }

    user != kernel MBR !!!

    .

    ============= FINISH: 15:36:11.33 ===============

    attach.txt

    And for some strange reason, the cd drive keeps popping out for no reason. Can't figure that one out

    runtime error o 440hope someone here can help me. I am working on my Pastor's laptop. It has a bad case of the granchildren

    in Malwarebytes for Windows Support Forum

    Posted

    Okay

    I tried running that video on this laptop, the infected one, that's a no go. On ran it on my "own and still can't get malwarebytes to run. I'm on Bleepingcompters.com too, and they found a MBR issue along with other things so maybe that's why I can't run malwarebytes. Anybody have any other suggestions, still getting run-time errors 0-440 and even 372 and 339.

    runtime error o 440hope someone here can help me. I am working on my Pastor's laptop. It has a bad case of the granchildren

    in Malwarebytes for Windows Support Forum

    Posted

    Hello

    I hope someone her can help me with a problem. I am working on my Pastor's laptop taht has a bad case of the Grandchildren downloadeth everything Itis. I been working on removing all the bugs I can abd want ro add Malwarebytes to his ccomputer. But everytime I go to set it up, I run into runtime errors or Vbaccellarator sgrid ii control errors. I've removed malwarebytes, did a clean and reinstalled it, to no avail. is there something else I can do to fix this? I was recommended by Noknojon on bleepingcomputer, said to look for advancesetup or exile360, but anyone that can help will do. I've had his laptop for over a week, it's time to give it back. Oh, and I need to restore some sermons that got deleted when someone else restored/reinstalled xp, any good programs around, free ones,Clergy have budgets too, lol.

    Here's a link to the situation also

    http://www.bleepingcomputer.com/forums/topic475537.html/page__view__findpost__p__2898056

    RevClyburn

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.