piratesteve83

i still have the errors, by the way. anything else i can try?

so i followed all your instructions, and there were no files detected in the preliminary scan. so i did a full scan, and it completed without crashing with no infections detected.

hi advancedsetup, i ran dds with no problem, but i tried running GMER twice, and it crashed my computer both times. it said that the problems were caused by these two files: C:\DOCUME~1\User\LOCALS~1\Temp\WERd57f.dir00\Mini121609-02.dmp C:\DOCUME~1\User\LOCALS~1\Temp\WERd57f.dir00\sysdata.xml and this is the error signature (don't know if it helps): BCCode : 100000d1 BCP1 : 00000000 BCP2 : 0000001C BCP3 : 00000001 BCP4 : 889FD00C OSVer : 5_1_2600 SP : 3_0 Product : 768_1 i'm confused as to why it crashed, because the last time i ran GMER it worked fine. that was before i did all of the malware removal stuff on here, though. ok, here's the DDS log: DDS (Ver_09-12-01.01) - NTFSx86 Run by User at 22:35:05.62 on Wed 12/16/2009 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_17 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1490 [GMT -6:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe svchost.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\UAService7.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\User\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.facebook.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab DPF: {55027008-315F-4F45-BBC3-8BE119764741} - hxxp://static.slide.com/uploader/SlideImageUploader.cab DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\ef2vcnrg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll FF - plugin: c:\documents and settings\user\application data\move networks\plugins\npqmp071701000002.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-9 333192] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-9 28424] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-9 360584] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-2-17 9968] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-2-17 74480] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-12-9 906520] R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-12-9 285392] R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-2-17 7408] S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592] S3 CPEb;CPEB;\??\c:\windows\system32\drivers\cpeb.sys --> c:\windows\system32\drivers\CPEB.SYS [?] =============== Created Last 30 ================ 2009-12-17 02:02:31 0 d-----w- c:\program files\2Wallace And Gromit Ep1 - Fright Of The Bumblebees 2009-12-16 17:26:32 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-16 17:26:31 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-12-16 17:26:30 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-16 17:26:30 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-09 22:52:14 0 d--h--w- c:\windows\msdownld.tmp 2009-12-09 22:32:15 0 d-----w- c:\program files\eMule 2009-12-09 17:11:47 0 d--h--w- C:\$AVG 2009-12-09 17:11:36 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-12-09 17:11:36 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2009-12-09 17:11:28 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-12-09 17:11:19 0 d-----w- c:\windows\system32\drivers\Avg 2009-12-09 17:11:02 0 d-----w- c:\program files\AVG 2009-12-09 17:11:00 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9 2009-12-09 06:26:40 270336 ------w- c:\windows\system32\dllcache\oakley.dll 2009-12-09 06:26:34 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll 2009-12-09 06:26:34 265728 ------w- c:\windows\system32\dllcache\http.sys 2009-12-09 06:26:34 25088 ------w- c:\windows\system32\dllcache\httpapi.dll 2009-12-09 06:26:27 79872 ------w- c:\windows\system32\dllcache\raschap.dll 2009-12-09 06:26:27 149504 ------w- c:\windows\system32\dllcache\rastls.dll 2009-12-09 05:33:52 260096 ----a-w- c:\windows\PEV.exe 2009-12-01 01:49:24 0 d-----w- c:\program files\Windows Resource Kits 2009-11-29 18:29:24 0 ----a-w- c:\documents and settings\user\defogger_reenable 2009-11-28 02:21:19 73728 ----a-w- c:\windows\system32\javacpl.cpl 2009-11-27 03:12:55 0 d-----w- c:\program files\Panda Security 2009-11-26 21:30:18 0 d-----w- c:\program files\ESET 2009-11-26 04:02:30 15360 ----a-w- c:\windows\system32\dllcache\ctfmon.exe 2009-11-26 04:02:30 15360 ------w- c:\windows\system32\ctfmon.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\proquota.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe 2009-11-26 01:09:59 0 d-sha-r- C:\cmdcons 2009-11-24 20:21:16 0 d-----w- c:\docume~1\user\applic~1\QuickScan 2009-11-24 19:36:57 0 d-----w- c:\program files\Trend Micro ==================== Find3M ==================== 2009-12-02 05:15:45 96512 ----a-w- c:\windows\system32\dllcache\atapi.sys 2009-12-02 05:15:45 96512 ------w- c:\windows\system32\drivers\atapi.sys 2009-11-28 02:20:59 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-29 19:16:58 3598336 ----a-w- c:\windows\system32\dllcache\mshtml.dll 2009-10-28 14:36:11 70656 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe 2009-10-28 14:36:11 13824 ----a-w- c:\windows\system32\dllcache\ieudinit.exe 2009-10-28 06:54:16 634632 ----a-w- c:\windows\system32\dllcache\iexplore.exe 2009-10-28 06:52:46 161792 ----a-w- c:\windows\system32\dllcache\ieakui.dll 2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20:16 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:30:16 270336 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:38:19 149504 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:38:18 79872 ----a-w- c:\windows\system32\raschap.dll 2008-05-21 20:00:34 92672 ----a-w- c:\program files\KillBox.exe 2008-09-09 03:08:59 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090820080909\index.dat ============= FINISH: 22:35:38.18 =============== Attach.zip

exile, i went through your directions and still have the errors. advancedsetup, i previously posted this problem on the forum you suggested. after helping me remove a major problem from my computer and still having the errors, the person who helped me there suggested that i post this problem on this forum. for review, that topic can be found here: http://www.malwarebytes.org/forums/index.p...mp;#entry170711 i'd really love to get MBAM working on this computer. i have it on another computer, and it's great. i d appreciate any more ideas or help you can offer. i'm willing to try just about anything

none of these did the trick. in case it helps to know: when i install, i get the error messages right before the progress bar is finished. when i uninstall, i get the same errors right at the beginning of the progress bar.

alright, thanks

Malwarebytes will not open, but instead gives me two error messages, the first window being titled "vbAccelerator SGrid II Control" with the message "runtime error '0'" and the second being a window titled "Malwarebytes' Anti-Malware" with the message "runtime error '440' automation error". i uninstalled Malwarebytes and reinstalled it and i got the same two error messages at the end of the installation process, and again when i tried to open it. it still wouldn't open, so i followed the instructions on this page: http://www.malwarebytes.org/forums/index.php?showtopic=10138. it still gave me the same errors and would not open. So i posted this on the Malwarebytes malware removal forum and they helped me clean my computer of a backdoor trojan, but i still am getting the two errors just like before, so the moderator suggested I post my problem again here. I'd really love to use MBAM, as i have it on another computer and it works great. Please help!

i still have the same errrors and can't open malwarebytes. is there anything else to be done? i'd really like to use MBAM if i can, as i have it on another computer and it works great.

DDS Log: DDS (Ver_09-11-29.01) - NTFSx86 Run by User at 11:08:39.10 on Sun 12/13/2009 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_17 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1448 [GMT -6:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgchsvx.exe svchost.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\UAService7.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\User\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.facebook.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab DPF: {55027008-315F-4F45-BBC3-8BE119764741} - hxxp://static.slide.com/uploader/SlideImageUploader.cab DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\ef2vcnrg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll FF - plugin: c:\documents and settings\user\application data\move networks\plugins\npqmp071701000002.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-9 333192] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-9 28424] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-9 360584] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-2-17 9968] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-2-17 74480] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-12-9 906520] R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-12-9 285392] R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-2-17 7408] S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592] S3 CPEb;CPEB;\??\c:\windows\system32\drivers\cpeb.sys --> c:\windows\system32\drivers\CPEB.SYS [?] =============== Created Last 30 ================ 2009-12-09 22:52:14 0 d--h--w- c:\windows\msdownld.tmp 2009-12-09 22:32:15 0 d-----w- c:\program files\eMule 2009-12-09 17:14:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-09 17:14:40 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-09 17:14:40 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-09 17:14:40 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-12-09 17:11:47 0 d--h--w- C:\$AVG 2009-12-09 17:11:36 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-12-09 17:11:36 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2009-12-09 17:11:28 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-12-09 17:11:19 0 d-----w- c:\windows\system32\drivers\Avg 2009-12-09 17:11:02 0 d-----w- c:\program files\AVG 2009-12-09 17:11:00 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9 2009-12-09 06:26:40 270336 ------w- c:\windows\system32\dllcache\oakley.dll 2009-12-09 06:26:34 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll 2009-12-09 06:26:34 265728 ------w- c:\windows\system32\dllcache\http.sys 2009-12-09 06:26:34 25088 ------w- c:\windows\system32\dllcache\httpapi.dll 2009-12-09 06:26:27 79872 ------w- c:\windows\system32\dllcache\raschap.dll 2009-12-09 06:26:27 149504 ------w- c:\windows\system32\dllcache\rastls.dll 2009-12-09 05:33:52 98816 ----a-w- c:\windows\sed.exe 2009-12-09 05:33:52 260096 ----a-w- c:\windows\PEV.exe 2009-12-09 05:33:52 161792 ----a-w- c:\windows\SWREG.exe 2009-12-01 01:49:24 0 d-----w- c:\program files\Windows Resource Kits 2009-11-29 18:29:24 0 ----a-w- c:\documents and settings\user\defogger_reenable 2009-11-28 02:21:19 73728 ----a-w- c:\windows\system32\javacpl.cpl 2009-11-27 03:12:55 0 d-----w- c:\program files\Panda Security 2009-11-27 03:07:31 0 d-----w- C:\_OTM 2009-11-26 21:30:18 0 d-----w- c:\program files\ESET 2009-11-26 04:02:30 15360 ----a-w- c:\windows\system32\dllcache\ctfmon.exe 2009-11-26 04:02:30 15360 ------w- c:\windows\system32\ctfmon.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\proquota.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe 2009-11-26 01:09:59 0 d-sha-r- C:\cmdcons 2009-11-24 20:21:16 0 d-----w- c:\docume~1\user\applic~1\QuickScan 2009-11-24 19:36:57 0 d-----w- c:\program files\Trend Micro ==================== Find3M ==================== 2009-12-02 05:15:45 96512 ----a-w- c:\windows\system32\dllcache\atapi.sys 2009-12-02 05:15:45 96512 ------w- c:\windows\system32\drivers\atapi.sys 2009-11-28 02:20:59 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-29 19:16:58 3598336 ----a-w- c:\windows\system32\dllcache\mshtml.dll 2009-10-28 14:36:11 70656 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe 2009-10-28 14:36:11 13824 ----a-w- c:\windows\system32\dllcache\ieudinit.exe 2009-10-28 06:54:16 634632 ----a-w- c:\windows\system32\dllcache\iexplore.exe 2009-10-28 06:52:46 161792 ----a-w- c:\windows\system32\dllcache\ieakui.dll 2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20:16 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:30:16 270336 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:38:19 149504 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:38:18 79872 ----a-w- c:\windows\system32\raschap.dll 2008-05-21 20:00:34 92672 ----a-w- c:\program files\KillBox.exe 2008-09-09 03:08:59 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090820080909\index.dat ============= FINISH: 11:09:59.56 =============== Attach.txt

ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=7.00.6000.16945 (vista_gdr.091027-0049) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=676e9d531a16fc4ea6a574618b2f9a2f # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=false # utc_time=2009-12-12 05:27:24 # local_time=2009-12-12 11:27:24 (-0600, Central Standard Time) # country="United States" # lang=9 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 1462317 1462317 0 0 # compatibility_mode=1024 16777175 100 0 0 0 0 0 # compatibility_mode=6143 16777215 0 0 0 0 0 0 # compatibility_mode=8192 67108863 100 0 1282716 1282716 0 0 # scanned=54280 # found=1 # cleaned=1 # scan_time=2312 C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\atapi.sys.vir Win32/Olmarik.RF virus (deleted - quarantined) 820FE40B5C89DFE7A1C385B3E1ADBA0E C

SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 12/11/2009 at 01:42 PM Application Version : 4.31.1000 Core Rules Database Version : 3784 Trace Rules Database Version: 1741 Scan type : Complete Scan Total Scan Time : 01:59:21 Memory items scanned : 423 Memory threats detected : 0 Registry items scanned : 5022 Registry threats detected : 0 File items scanned : 55584 File threats detected : 2 Trojan.Downloader-Gen/Suspicious C:\SYSTEM VOLUME INFORMATION\_RESTORE{B485E12B-1A3B-4A2B-9CA0-45DDF94C0D34}\RP408\A0057962.EXE C:\WINDOWS\MBR.EXE

i tried both things suggested there. still getting the errors

i still was not able to open malwarebytes, so i uninstalled it and downloaded a fresh installer. i then installed it again, and met with the same errors (mentioned in my first post) at the end of the installation and again when i tried to open it. so in a nutshell, i still can't open malwarebytes and the same problem is still there.

so i disabled the active shield on AVG and combofix deleted something that AVG needed to run, so i've had to reinstall AVG. here's the combofix log: ComboFix 09-12-08.03 - User 12/08/2009 23:38:58.4.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1600 [GMT -6:00] Running from: c:\documents and settings\User\Desktop\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . Infected copy of c:\windows\system32\DRIVERS\atapi.sys was found and disinfected Restored copy from - Kitty ate it . ((((((((((((((((((((((((( Files Created from 2009-11-09 to 2009-12-09 ))))))))))))))))))))))))))))))) . 2009-12-01 02:29 . 2009-09-10 20:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-01 02:29 . 2009-12-01 02:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-01 02:29 . 2009-12-01 02:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-01 02:29 . 2009-09-10 20:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-01 01:49 . 2009-12-01 01:49 -------- d-----w- c:\program files\Windows Resource Kits 2009-11-28 01:52 . 2009-11-28 01:53 -------- d-----w- c:\program files\QuickTime 2009-11-27 03:12 . 2009-11-29 19:49 -------- d-----w- c:\program files\Panda Security 2009-11-27 03:07 . 2009-11-27 03:07 -------- d-----w- C:\_OTM 2009-11-26 21:30 . 2009-11-26 21:30 -------- d-----w- c:\program files\ESET 2009-11-26 04:02 . 2008-04-14 00:12 15360 ----a-w- c:\windows\system32\dllcache\ctfmon.exe 2009-11-26 04:02 . 2008-04-14 00:12 15360 ------w- c:\windows\system32\ctfmon.exe 2009-11-26 01:15 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe 2009-11-26 01:15 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe 2009-11-24 20:21 . 2009-11-24 20:22 -------- d-----w- c:\documents and settings\User\Application Data\QuickScan 2009-11-24 19:36 . 2009-11-24 19:36 -------- d-----w- c:\program files\Trend Micro 2009-11-24 08:53 . 2009-11-24 08:53 79488 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-11-10 17:03 . 2009-11-10 17:03 143976 ----a-w- c:\documents and settings\User\Application Data\Move Networks\uninstall.exe 2009-11-10 17:02 . 2009-11-10 17:03 1794456 ----a-w- c:\documents and settings\User\Application Data\Move Networks\MoveMediaPlayerWin_071701000002.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-09 05:37 . 2009-08-23 23:42 -------- d-----w- c:\documents and settings\User\Application Data\Azureus 2009-12-07 04:15 . 2009-10-27 20:33 -------- d-----w- c:\program files\ScummVM 2009-12-02 19:39 . 2008-06-03 06:59 -------- d-----w- c:\documents and settings\User\Application Data\Move Networks 2009-12-02 05:15 . 2004-08-04 12:00 96512 ----a-w- c:\windows\system32\drivers\atapi.sys 2009-11-29 19:52 . 2009-07-16 03:57 -------- d-----w- c:\program files\Telltale Games 2009-11-28 02:33 . 2008-08-29 18:52 -------- d-----w- c:\program files\Safari 2009-11-28 02:20 . 2009-06-04 18:46 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-27 03:07 . 2007-12-24 19:18 -------- d-----w- c:\program files\iTunes 2009-11-26 04:09 . 2007-07-05 17:53 -------- d-----w- c:\program files\Elantech 2009-11-26 01:56 . 2009-08-23 23:17 -------- d-----w- c:\program files\Vuze 2009-11-18 19:03 . 2008-07-20 15:43 -------- d-----w- c:\documents and settings\User\Application Data\U3 2009-11-12 18:27 . 2008-05-23 00:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-10 17:03 . 2009-10-15 00:50 5642688 ----a-w- c:\documents and settings\User\Application Data\Move Networks\plugins\npqmp071701000002.dll 2009-10-21 20:48 . 2007-07-05 20:45 64120 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-17 19:55 . 2009-08-04 03:08 -------- d-----w- c:\program files\LucasArts 2009-10-17 19:48 . 2007-07-05 17:48 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-10-15 00:50 . 2009-10-15 00:50 97216 ----a-w- c:\documents and settings\User\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe 2009-09-11 14:18 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2008-05-21 20:00 . 2008-05-21 20:00 92672 ----a-w- c:\program files\KillBox.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2006-04-17 16143872] "AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 88204] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-26 2029336] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-28 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-22 15:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-09-03 17:41 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"= "c:\\Program Files\\SUPERAntiSpyware\\RUNSAS.EXE"= "%windir%\\system32\\drivers\\svchost.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3/14/2009 8:36 PM 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3/14/2009 8:36 PM 108552] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2009 9:43 AM 8944] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/17/2009 9:43 AM 55024] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [9/3/2009 11:41 AM 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [3/14/2009 8:36 PM 297752] S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 6:19 PM 13592] S3 CPEb;CPEB;\??\c:\windows\system32\drivers\CPEB.SYS --> c:\windows\system32\drivers\CPEB.SYS [?] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/17/2009 9:43 AM 7408] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.facebook.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\ef2vcnrg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - plugin: c:\documents and settings\User\Application Data\Move Networks\plugins\npqmp071701000002.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS REMOVED - - - - AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe AddRemove-Worms2 - c:\windows\IsUninst.exe -fc:\microprose\Worms2\Uninst.isu ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-08 23:44 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(620) c:\program files\SUPERAntiSpyware\SASWINLO.dll c:\windows\system32\WININET.dll . Completion time: 2009-12-08 23:46:14 ComboFix-quarantined-files.txt 2009-12-09 05:46 ComboFix2.txt 2009-11-26 21:27 Pre-Run: 40,171,454,464 bytes free Post-Run: 40,220,200,960 bytes free - - End Of File - - 79114D1F5425A33200974DD19A2BF3B6

thank you for the information. however, i don't have any original installation discs for this computer, so i think i'd like to try cleaning it up as best as possible, and i'll just be careful what i use it for.

i'm still waiting for assistance. someone please help!

Malwarebytes will not open, but instead gives me two error messages, the first window being titled "vbAccelerator SGrid II Control" with the message "runtime error '0'" and the second being a window titled "Malwarebytes' Anti-Malware" with the message "runtime error '440' automation error". i uninstalled Malwarebytes and reinstalled it and i got the same two error messages at the end of the installation process, and again when i tried to open it. it still wouldn't open, so i followed the instructions on this page: http://www.malwarebytes.org/forums/index.php?showtopic=10138. it still gave me the same errors and would not open, so i have followed the instructions on this page: http://www.malwarebytes.org/forums/index.php?showtopic=9573 here is the DDS log: DDS (Ver_09-11-29.01) - NTFSx86 Run by User at 12:36:10.78 on Sun 11/29/2009 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_17 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1489 [GMT -6:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\UAService7.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\User\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.facebook.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [sgyoknpa] c:\documents and settings\user\local settings\application data\tyvnuo\vqcusysguard.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sgyoknpa] c:\documents and settings\user\local settings\application data\tyvnuo\vqcusysguard.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t IE: &Search - http://edits.mywebsearch.com/toolbaredits/...arch.jhtml?p=ZC IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab DPF: {55027008-315F-4F45-BBC3-8BE119764741} - hxxp://static.slide.com/uploader/SlideImageUploader.cab DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\ef2vcnrg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - plugin: c:\documents and settings\user\application data\move networks\plugins\npqmp071701000002.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-11-26 28552] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-14 335240] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-7-5 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-14 108552] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-2-17 8944] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-2-17 55024] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-9-3 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-14 297752] S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592] S3 CPEb;CPEB;\??\c:\windows\system32\drivers\cpeb.sys --> c:\windows\system32\drivers\CPEB.SYS [?] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-2-17 7408] =============== Created Last 30 ================ 2009-11-29 18:29:24 0 ----a-w- c:\documents and settings\user\defogger_reenable 2009-11-28 02:21:19 73728 ----a-w- c:\windows\system32\javacpl.cpl 2009-11-28 01:18:38 0 d-s---w- C:\ComboFix 2009-11-27 03:14:25 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2009-11-27 03:12:55 0 d-----w- c:\program files\Panda Security 2009-11-27 03:07:31 0 d-----w- C:\_OTM 2009-11-26 21:30:18 0 d-----w- c:\program files\ESET 2009-11-26 04:02:30 15360 ----a-w- c:\windows\system32\dllcache\ctfmon.exe 2009-11-26 04:02:30 15360 ------w- c:\windows\system32\ctfmon.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\proquota.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe 2009-11-26 01:09:59 0 d-sha-r- C:\cmdcons 2009-11-24 20:21:16 0 d-----w- c:\docume~1\user\applic~1\QuickScan 2009-11-24 19:36:57 0 d-----w- c:\program files\Trend Micro 2009-11-24 19:01:45 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-24 19:01:44 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-24 19:01:44 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-24 19:01:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-11-12 18:25:55 219 ----a-w- c:\windows\system32\MRT.INI ==================== Find3M ==================== 2009-11-28 21:42:32 96512 ----a-w- c:\windows\system32\drivers\atapi.sys 2009-11-28 21:42:32 96512 ----a-w- c:\windows\system32\dllcache\atapi.sys 2009-11-28 02:20:59 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-21 04:08:54 3598336 ----a-w- c:\windows\system32\dllcache\mshtml.dll 2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-11 14:18:39 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll 2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll 2009-09-03 17:41:51 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-09-01 17:43:07 47104 ----a-w- c:\windows\system32\KMVIDC32.DLL 2008-05-21 20:00:34 92672 ----a-w- c:\program files\KillBox.exe 2008-09-09 03:08:59 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090820080909\index.dat ============= FINISH: 12:37:51.48 =============== i have also attached the other two logs. someone please help me get MBAM running! thanks! ark.zip

Malwarebytes will not open, but instead gives me two error messages, the first window being titled "vbAccelerator SGrid II Control" with the message "runtime error '0'" and the second being a window titled "Malwarebytes' Anti-Malware" with the message "runtime error '440' automation error". i uninstalled Malwarebytes and reinstalled it and i got the same two error messages at the end of the installation process, and again when i tried to open it. it still wouldn't open, so i followed the instructions on this page: http://www.malwarebytes.org/forums/index.php?showtopic=10138 it still gives me the same errors and will not open. help please!