piratesteve83
Members-
Posts
18 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by piratesteve83
-
MBAM Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
i still have the errors, by the way. anything else i can try? -
MBAM Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
so i followed all your instructions, and there were no files detected in the preliminary scan. so i did a full scan, and it completed without crashing with no infections detected. -
hi advancedsetup, i ran dds with no problem, but i tried running GMER twice, and it crashed my computer both times. it said that the problems were caused by these two files: C:\DOCUME~1\User\LOCALS~1\Temp\WERd57f.dir00\Mini121609-02.dmp C:\DOCUME~1\User\LOCALS~1\Temp\WERd57f.dir00\sysdata.xml and this is the error signature (don't know if it helps): BCCode : 100000d1 BCP1 : 00000000 BCP2 : 0000001C BCP3 : 00000001 BCP4 : 889FD00C OSVer : 5_1_2600 SP : 3_0 Product : 768_1 i'm confused as to why it crashed, because the last time i ran GMER it worked fine. that was before i did all of the malware removal stuff on here, though. ok, here's the DDS log: DDS (Ver_09-12-01.01) - NTFSx86 Run by User at 22:35:05.62 on Wed 12/16/2009 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_17 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1490 [GMT -6:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe svchost.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\UAService7.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\User\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.facebook.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab DPF: {55027008-315F-4F45-BBC3-8BE119764741} - hxxp://static.slide.com/uploader/SlideImageUploader.cab DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\ef2vcnrg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll FF - plugin: c:\documents and settings\user\application data\move networks\plugins\npqmp071701000002.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-9 333192] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-9 28424] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-9 360584] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-2-17 9968] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-2-17 74480] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-12-9 906520] R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-12-9 285392] R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-2-17 7408] S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592] S3 CPEb;CPEB;\??\c:\windows\system32\drivers\cpeb.sys --> c:\windows\system32\drivers\CPEB.SYS [?] =============== Created Last 30 ================ 2009-12-17 02:02:31 0 d-----w- c:\program files\2Wallace And Gromit Ep1 - Fright Of The Bumblebees 2009-12-16 17:26:32 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-16 17:26:31 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-12-16 17:26:30 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-16 17:26:30 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-09 22:52:14 0 d--h--w- c:\windows\msdownld.tmp 2009-12-09 22:32:15 0 d-----w- c:\program files\eMule 2009-12-09 17:11:47 0 d--h--w- C:\$AVG 2009-12-09 17:11:36 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-12-09 17:11:36 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2009-12-09 17:11:28 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-12-09 17:11:19 0 d-----w- c:\windows\system32\drivers\Avg 2009-12-09 17:11:02 0 d-----w- c:\program files\AVG 2009-12-09 17:11:00 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9 2009-12-09 06:26:40 270336 ------w- c:\windows\system32\dllcache\oakley.dll 2009-12-09 06:26:34 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll 2009-12-09 06:26:34 265728 ------w- c:\windows\system32\dllcache\http.sys 2009-12-09 06:26:34 25088 ------w- c:\windows\system32\dllcache\httpapi.dll 2009-12-09 06:26:27 79872 ------w- c:\windows\system32\dllcache\raschap.dll 2009-12-09 06:26:27 149504 ------w- c:\windows\system32\dllcache\rastls.dll 2009-12-09 05:33:52 260096 ----a-w- c:\windows\PEV.exe 2009-12-01 01:49:24 0 d-----w- c:\program files\Windows Resource Kits 2009-11-29 18:29:24 0 ----a-w- c:\documents and settings\user\defogger_reenable 2009-11-28 02:21:19 73728 ----a-w- c:\windows\system32\javacpl.cpl 2009-11-27 03:12:55 0 d-----w- c:\program files\Panda Security 2009-11-26 21:30:18 0 d-----w- c:\program files\ESET 2009-11-26 04:02:30 15360 ----a-w- c:\windows\system32\dllcache\ctfmon.exe 2009-11-26 04:02:30 15360 ------w- c:\windows\system32\ctfmon.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\proquota.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe 2009-11-26 01:09:59 0 d-sha-r- C:\cmdcons 2009-11-24 20:21:16 0 d-----w- c:\docume~1\user\applic~1\QuickScan 2009-11-24 19:36:57 0 d-----w- c:\program files\Trend Micro ==================== Find3M ==================== 2009-12-02 05:15:45 96512 ----a-w- c:\windows\system32\dllcache\atapi.sys 2009-12-02 05:15:45 96512 ------w- c:\windows\system32\drivers\atapi.sys 2009-11-28 02:20:59 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-29 19:16:58 3598336 ----a-w- c:\windows\system32\dllcache\mshtml.dll 2009-10-28 14:36:11 70656 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe 2009-10-28 14:36:11 13824 ----a-w- c:\windows\system32\dllcache\ieudinit.exe 2009-10-28 06:54:16 634632 ----a-w- c:\windows\system32\dllcache\iexplore.exe 2009-10-28 06:52:46 161792 ----a-w- c:\windows\system32\dllcache\ieakui.dll 2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20:16 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:30:16 270336 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:38:19 149504 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:38:18 79872 ----a-w- c:\windows\system32\raschap.dll 2008-05-21 20:00:34 92672 ----a-w- c:\program files\KillBox.exe 2008-09-09 03:08:59 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090820080909\index.dat ============= FINISH: 22:35:38.18 =============== Attach.zip
-
exile, i went through your directions and still have the errors. advancedsetup, i previously posted this problem on the forum you suggested. after helping me remove a major problem from my computer and still having the errors, the person who helped me there suggested that i post this problem on this forum. for review, that topic can be found here: http://www.malwarebytes.org/forums/index.p...mp;#entry170711 i'd really love to get MBAM working on this computer. i have it on another computer, and it's great. i d appreciate any more ideas or help you can offer. i'm willing to try just about anything
-
none of these did the trick. in case it helps to know: when i install, i get the error messages right before the progress bar is finished. when i uninstall, i get the same errors right at the beginning of the progress bar.
-
Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
alright, thanks -
Malwarebytes will not open, but instead gives me two error messages, the first window being titled "vbAccelerator SGrid II Control" with the message "runtime error '0'" and the second being a window titled "Malwarebytes' Anti-Malware" with the message "runtime error '440' automation error". i uninstalled Malwarebytes and reinstalled it and i got the same two error messages at the end of the installation process, and again when i tried to open it. it still wouldn't open, so i followed the instructions on this page: http://www.malwarebytes.org/forums/index.php?showtopic=10138. it still gave me the same errors and would not open. So i posted this on the Malwarebytes malware removal forum and they helped me clean my computer of a backdoor trojan, but i still am getting the two errors just like before, so the moderator suggested I post my problem again here. I'd really love to use MBAM, as i have it on another computer and it works great. Please help!
-
Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
i still have the same errrors and can't open malwarebytes. is there anything else to be done? i'd really like to use MBAM if i can, as i have it on another computer and it works great. -
Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
DDS Log: DDS (Ver_09-11-29.01) - NTFSx86 Run by User at 11:08:39.10 on Sun 12/13/2009 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_17 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1448 [GMT -6:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgchsvx.exe svchost.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\UAService7.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\User\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.facebook.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab DPF: {55027008-315F-4F45-BBC3-8BE119764741} - hxxp://static.slide.com/uploader/SlideImageUploader.cab DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\ef2vcnrg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll FF - plugin: c:\documents and settings\user\application data\move networks\plugins\npqmp071701000002.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-9 333192] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-9 28424] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-9 360584] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-2-17 9968] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-2-17 74480] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-12-9 906520] R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-12-9 285392] R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-2-17 7408] S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592] S3 CPEb;CPEB;\??\c:\windows\system32\drivers\cpeb.sys --> c:\windows\system32\drivers\CPEB.SYS [?] =============== Created Last 30 ================ 2009-12-09 22:52:14 0 d--h--w- c:\windows\msdownld.tmp 2009-12-09 22:32:15 0 d-----w- c:\program files\eMule 2009-12-09 17:14:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-09 17:14:40 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-09 17:14:40 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-09 17:14:40 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-12-09 17:11:47 0 d--h--w- C:\$AVG 2009-12-09 17:11:36 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-12-09 17:11:36 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2009-12-09 17:11:28 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-12-09 17:11:19 0 d-----w- c:\windows\system32\drivers\Avg 2009-12-09 17:11:02 0 d-----w- c:\program files\AVG 2009-12-09 17:11:00 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9 2009-12-09 06:26:40 270336 ------w- c:\windows\system32\dllcache\oakley.dll 2009-12-09 06:26:34 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll 2009-12-09 06:26:34 265728 ------w- c:\windows\system32\dllcache\http.sys 2009-12-09 06:26:34 25088 ------w- c:\windows\system32\dllcache\httpapi.dll 2009-12-09 06:26:27 79872 ------w- c:\windows\system32\dllcache\raschap.dll 2009-12-09 06:26:27 149504 ------w- c:\windows\system32\dllcache\rastls.dll 2009-12-09 05:33:52 98816 ----a-w- c:\windows\sed.exe 2009-12-09 05:33:52 260096 ----a-w- c:\windows\PEV.exe 2009-12-09 05:33:52 161792 ----a-w- c:\windows\SWREG.exe 2009-12-01 01:49:24 0 d-----w- c:\program files\Windows Resource Kits 2009-11-29 18:29:24 0 ----a-w- c:\documents and settings\user\defogger_reenable 2009-11-28 02:21:19 73728 ----a-w- c:\windows\system32\javacpl.cpl 2009-11-27 03:12:55 0 d-----w- c:\program files\Panda Security 2009-11-27 03:07:31 0 d-----w- C:\_OTM 2009-11-26 21:30:18 0 d-----w- c:\program files\ESET 2009-11-26 04:02:30 15360 ----a-w- c:\windows\system32\dllcache\ctfmon.exe 2009-11-26 04:02:30 15360 ------w- c:\windows\system32\ctfmon.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\proquota.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe 2009-11-26 01:09:59 0 d-sha-r- C:\cmdcons 2009-11-24 20:21:16 0 d-----w- c:\docume~1\user\applic~1\QuickScan 2009-11-24 19:36:57 0 d-----w- c:\program files\Trend Micro ==================== Find3M ==================== 2009-12-02 05:15:45 96512 ----a-w- c:\windows\system32\dllcache\atapi.sys 2009-12-02 05:15:45 96512 ------w- c:\windows\system32\drivers\atapi.sys 2009-11-28 02:20:59 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-29 19:16:58 3598336 ----a-w- c:\windows\system32\dllcache\mshtml.dll 2009-10-28 14:36:11 70656 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe 2009-10-28 14:36:11 13824 ----a-w- c:\windows\system32\dllcache\ieudinit.exe 2009-10-28 06:54:16 634632 ----a-w- c:\windows\system32\dllcache\iexplore.exe 2009-10-28 06:52:46 161792 ----a-w- c:\windows\system32\dllcache\ieakui.dll 2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20:16 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:30:16 270336 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:38:19 149504 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:38:18 79872 ----a-w- c:\windows\system32\raschap.dll 2008-05-21 20:00:34 92672 ----a-w- c:\program files\KillBox.exe 2008-09-09 03:08:59 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090820080909\index.dat ============= FINISH: 11:09:59.56 =============== Attach.txt -
Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=7.00.6000.16945 (vista_gdr.091027-0049) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=676e9d531a16fc4ea6a574618b2f9a2f # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=false # utc_time=2009-12-12 05:27:24 # local_time=2009-12-12 11:27:24 (-0600, Central Standard Time) # country="United States" # lang=9 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 1462317 1462317 0 0 # compatibility_mode=1024 16777175 100 0 0 0 0 0 # compatibility_mode=6143 16777215 0 0 0 0 0 0 # compatibility_mode=8192 67108863 100 0 1282716 1282716 0 0 # scanned=54280 # found=1 # cleaned=1 # scan_time=2312 C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\atapi.sys.vir Win32/Olmarik.RF virus (deleted - quarantined) 820FE40B5C89DFE7A1C385B3E1ADBA0E C -
Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 12/11/2009 at 01:42 PM Application Version : 4.31.1000 Core Rules Database Version : 3784 Trace Rules Database Version: 1741 Scan type : Complete Scan Total Scan Time : 01:59:21 Memory items scanned : 423 Memory threats detected : 0 Registry items scanned : 5022 Registry threats detected : 0 File items scanned : 55584 File threats detected : 2 Trojan.Downloader-Gen/Suspicious C:\SYSTEM VOLUME INFORMATION\_RESTORE{B485E12B-1A3B-4A2B-9CA0-45DDF94C0D34}\RP408\A0057962.EXE C:\WINDOWS\MBR.EXE -
Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
i tried both things suggested there. still getting the errors -
Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
i still was not able to open malwarebytes, so i uninstalled it and downloaded a fresh installer. i then installed it again, and met with the same errors (mentioned in my first post) at the end of the installation and again when i tried to open it. so in a nutshell, i still can't open malwarebytes and the same problem is still there. -
Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
so i disabled the active shield on AVG and combofix deleted something that AVG needed to run, so i've had to reinstall AVG. here's the combofix log: ComboFix 09-12-08.03 - User 12/08/2009 23:38:58.4.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1600 [GMT -6:00] Running from: c:\documents and settings\User\Desktop\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . Infected copy of c:\windows\system32\DRIVERS\atapi.sys was found and disinfected Restored copy from - Kitty ate it . ((((((((((((((((((((((((( Files Created from 2009-11-09 to 2009-12-09 ))))))))))))))))))))))))))))))) . 2009-12-01 02:29 . 2009-09-10 20:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-01 02:29 . 2009-12-01 02:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-01 02:29 . 2009-12-01 02:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-01 02:29 . 2009-09-10 20:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-01 01:49 . 2009-12-01 01:49 -------- d-----w- c:\program files\Windows Resource Kits 2009-11-28 01:52 . 2009-11-28 01:53 -------- d-----w- c:\program files\QuickTime 2009-11-27 03:12 . 2009-11-29 19:49 -------- d-----w- c:\program files\Panda Security 2009-11-27 03:07 . 2009-11-27 03:07 -------- d-----w- C:\_OTM 2009-11-26 21:30 . 2009-11-26 21:30 -------- d-----w- c:\program files\ESET 2009-11-26 04:02 . 2008-04-14 00:12 15360 ----a-w- c:\windows\system32\dllcache\ctfmon.exe 2009-11-26 04:02 . 2008-04-14 00:12 15360 ------w- c:\windows\system32\ctfmon.exe 2009-11-26 01:15 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe 2009-11-26 01:15 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe 2009-11-24 20:21 . 2009-11-24 20:22 -------- d-----w- c:\documents and settings\User\Application Data\QuickScan 2009-11-24 19:36 . 2009-11-24 19:36 -------- d-----w- c:\program files\Trend Micro 2009-11-24 08:53 . 2009-11-24 08:53 79488 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-11-10 17:03 . 2009-11-10 17:03 143976 ----a-w- c:\documents and settings\User\Application Data\Move Networks\uninstall.exe 2009-11-10 17:02 . 2009-11-10 17:03 1794456 ----a-w- c:\documents and settings\User\Application Data\Move Networks\MoveMediaPlayerWin_071701000002.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-09 05:37 . 2009-08-23 23:42 -------- d-----w- c:\documents and settings\User\Application Data\Azureus 2009-12-07 04:15 . 2009-10-27 20:33 -------- d-----w- c:\program files\ScummVM 2009-12-02 19:39 . 2008-06-03 06:59 -------- d-----w- c:\documents and settings\User\Application Data\Move Networks 2009-12-02 05:15 . 2004-08-04 12:00 96512 ----a-w- c:\windows\system32\drivers\atapi.sys 2009-11-29 19:52 . 2009-07-16 03:57 -------- d-----w- c:\program files\Telltale Games 2009-11-28 02:33 . 2008-08-29 18:52 -------- d-----w- c:\program files\Safari 2009-11-28 02:20 . 2009-06-04 18:46 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-27 03:07 . 2007-12-24 19:18 -------- d-----w- c:\program files\iTunes 2009-11-26 04:09 . 2007-07-05 17:53 -------- d-----w- c:\program files\Elantech 2009-11-26 01:56 . 2009-08-23 23:17 -------- d-----w- c:\program files\Vuze 2009-11-18 19:03 . 2008-07-20 15:43 -------- d-----w- c:\documents and settings\User\Application Data\U3 2009-11-12 18:27 . 2008-05-23 00:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-10 17:03 . 2009-10-15 00:50 5642688 ----a-w- c:\documents and settings\User\Application Data\Move Networks\plugins\npqmp071701000002.dll 2009-10-21 20:48 . 2007-07-05 20:45 64120 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-17 19:55 . 2009-08-04 03:08 -------- d-----w- c:\program files\LucasArts 2009-10-17 19:48 . 2007-07-05 17:48 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-10-15 00:50 . 2009-10-15 00:50 97216 ----a-w- c:\documents and settings\User\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe 2009-09-11 14:18 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2008-05-21 20:00 . 2008-05-21 20:00 92672 ----a-w- c:\program files\KillBox.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2006-04-17 16143872] "AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 88204] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-26 2029336] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-28 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-22 15:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-09-03 17:41 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"= "c:\\Program Files\\SUPERAntiSpyware\\RUNSAS.EXE"= "%windir%\\system32\\drivers\\svchost.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3/14/2009 8:36 PM 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3/14/2009 8:36 PM 108552] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2009 9:43 AM 8944] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/17/2009 9:43 AM 55024] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [9/3/2009 11:41 AM 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [3/14/2009 8:36 PM 297752] S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 6:19 PM 13592] S3 CPEb;CPEB;\??\c:\windows\system32\drivers\CPEB.SYS --> c:\windows\system32\drivers\CPEB.SYS [?] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/17/2009 9:43 AM 7408] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.facebook.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\ef2vcnrg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - plugin: c:\documents and settings\User\Application Data\Move Networks\plugins\npqmp071701000002.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS REMOVED - - - - AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe AddRemove-Worms2 - c:\windows\IsUninst.exe -fc:\microprose\Worms2\Uninst.isu ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-08 23:44 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(620) c:\program files\SUPERAntiSpyware\SASWINLO.dll c:\windows\system32\WININET.dll . Completion time: 2009-12-08 23:46:14 ComboFix-quarantined-files.txt 2009-12-09 05:46 ComboFix2.txt 2009-11-26 21:27 Pre-Run: 40,171,454,464 bytes free Post-Run: 40,220,200,960 bytes free - - End Of File - - 79114D1F5425A33200974DD19A2BF3B6 -
Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
thank you for the information. however, i don't have any original installation discs for this computer, so i think i'd like to try cleaning it up as best as possible, and i'll just be careful what i use it for. -
Errors "0" and "440"
piratesteve83 replied to piratesteve83's topic in Resolved Malware Removal Logs
i'm still waiting for assistance. someone please help! -
Malwarebytes will not open, but instead gives me two error messages, the first window being titled "vbAccelerator SGrid II Control" with the message "runtime error '0'" and the second being a window titled "Malwarebytes' Anti-Malware" with the message "runtime error '440' automation error". i uninstalled Malwarebytes and reinstalled it and i got the same two error messages at the end of the installation process, and again when i tried to open it. it still wouldn't open, so i followed the instructions on this page: http://www.malwarebytes.org/forums/index.php?showtopic=10138. it still gave me the same errors and would not open, so i have followed the instructions on this page: http://www.malwarebytes.org/forums/index.php?showtopic=9573 here is the DDS log: DDS (Ver_09-11-29.01) - NTFSx86 Run by User at 12:36:10.78 on Sun 11/29/2009 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_17 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1489 [GMT -6:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\UAService7.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\User\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.facebook.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [sgyoknpa] c:\documents and settings\user\local settings\application data\tyvnuo\vqcusysguard.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sgyoknpa] c:\documents and settings\user\local settings\application data\tyvnuo\vqcusysguard.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t IE: &Search - http://edits.mywebsearch.com/toolbaredits/...arch.jhtml?p=ZC IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab DPF: {55027008-315F-4F45-BBC3-8BE119764741} - hxxp://static.slide.com/uploader/SlideImageUploader.cab DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\ef2vcnrg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - plugin: c:\documents and settings\user\application data\move networks\plugins\npqmp071701000002.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-11-26 28552] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-14 335240] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-7-5 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-14 108552] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-2-17 8944] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-2-17 55024] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-9-3 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-14 297752] S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592] S3 CPEb;CPEB;\??\c:\windows\system32\drivers\cpeb.sys --> c:\windows\system32\drivers\CPEB.SYS [?] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-2-17 7408] =============== Created Last 30 ================ 2009-11-29 18:29:24 0 ----a-w- c:\documents and settings\user\defogger_reenable 2009-11-28 02:21:19 73728 ----a-w- c:\windows\system32\javacpl.cpl 2009-11-28 01:18:38 0 d-s---w- C:\ComboFix 2009-11-27 03:14:25 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2009-11-27 03:12:55 0 d-----w- c:\program files\Panda Security 2009-11-27 03:07:31 0 d-----w- C:\_OTM 2009-11-26 21:30:18 0 d-----w- c:\program files\ESET 2009-11-26 04:02:30 15360 ----a-w- c:\windows\system32\dllcache\ctfmon.exe 2009-11-26 04:02:30 15360 ------w- c:\windows\system32\ctfmon.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\proquota.exe 2009-11-26 01:15:12 50176 ----a-w- c:\windows\system32\dllcache\proquota.exe 2009-11-26 01:09:59 0 d-sha-r- C:\cmdcons 2009-11-24 20:21:16 0 d-----w- c:\docume~1\user\applic~1\QuickScan 2009-11-24 19:36:57 0 d-----w- c:\program files\Trend Micro 2009-11-24 19:01:45 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-24 19:01:44 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-24 19:01:44 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-24 19:01:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-11-12 18:25:55 219 ----a-w- c:\windows\system32\MRT.INI ==================== Find3M ==================== 2009-11-28 21:42:32 96512 ----a-w- c:\windows\system32\drivers\atapi.sys 2009-11-28 21:42:32 96512 ----a-w- c:\windows\system32\dllcache\atapi.sys 2009-11-28 02:20:59 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-21 04:08:54 3598336 ----a-w- c:\windows\system32\dllcache\mshtml.dll 2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-11 14:18:39 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll 2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll 2009-09-03 17:41:51 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-09-01 17:43:07 47104 ----a-w- c:\windows\system32\KMVIDC32.DLL 2008-05-21 20:00:34 92672 ----a-w- c:\program files\KillBox.exe 2008-09-09 03:08:59 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090820080909\index.dat ============= FINISH: 12:37:51.48 =============== i have also attached the other two logs. someone please help me get MBAM running! thanks! ark.zip
-
Malwarebytes will not open, but instead gives me two error messages, the first window being titled "vbAccelerator SGrid II Control" with the message "runtime error '0'" and the second being a window titled "Malwarebytes' Anti-Malware" with the message "runtime error '440' automation error". i uninstalled Malwarebytes and reinstalled it and i got the same two error messages at the end of the installation process, and again when i tried to open it. it still wouldn't open, so i followed the instructions on this page: http://www.malwarebytes.org/forums/index.php?showtopic=10138 it still gives me the same errors and will not open. help please!