Jump to content

sugarsugar

Members
 View Profile  See their activity

  • Posts

    5

  • Joined

  • Last visited

 Content Type 

Everything posted by sugarsugar

  1. sugarsugar
    I have updated to the most recent version of Java and removed all old java files with javara but Kapersky still gives me this message : Kaspersky Online Scanner 7.0 download and operation require Java framework version 1.5 or later.
  2. sugarsugar
    Hi! I was able to finish both a quick scan and a full scan. Both logs are posted below. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4439 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 8/17/2010 9:39:21 PM mbam-log-2010-08-17 (21-39-21).txt Scan type: Quick scan Objects scanned: 141905 Time elapsed: 9 minute(s), 43 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4439 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 8/17/2010 11:56:54 PM mbam-log-2010-08-17 (23-56-54).txt Scan type: Full scan (C:\|) Objects scanned: 319157 Time elapsed: 2 hour(s), 12 minute(s), 47 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\System Volume Information\_restore{7E8DCA0E-BBAF-42B3-9A6B-2B8D986D1829}\RP657\A0086927.sys (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
  3. sugarsugar
    Hi! Here's my combofix log. ComboFix 10-08-12.03 - sugar 4/2010 Sat 9:38.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.932.81.1033.18.2046.1337 [GMT -7:00] Running from: c:\documents and settings\sugar\Desktop\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Thumbs.db c:\windows\system32\favicon.ico c:\windows\system32\Thumbs.db . ((((((((((((((((((((((((( Files Created from 2010-07-14 to 2010-08-14 ))))))))))))))))))))))))))))))) . 2010-08-14 06:19 . 2010-08-14 06:19 -------- d-----w- c:\windows\system32\wbem\Repository 2010-08-14 01:03 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-14 01:03 . 2010-08-14 01:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-14 01:03 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-12 03:46 . 2004-08-04 05:58 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2010-08-12 03:46 . 2004-08-04 05:58 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2010-07-28 22:24 . 2010-07-28 22:24 -------- d-----w- C:\gPotato 2010-07-28 21:22 . 2010-07-28 22:35 -------- d-----w- c:\documents and settings\sugar\Local Settings\Application Data\PMB Files 2010-07-28 21:22 . 2010-07-28 21:23 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files 2010-07-28 21:21 . 2010-07-28 21:21 -------- d-----w- c:\program files\Pando Networks . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-14 02:35 . 2009-02-18 07:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-08-13 09:44 . 2010-06-01 04:52 -------- d-----w- c:\documents and settings\sugar\Application Data\Skype 2010-08-13 09:35 . 2009-03-03 07:24 -------- d-----w- c:\program files\mIRC 2010-08-13 06:02 . 2010-06-01 04:54 -------- d-----w- c:\documents and settings\sugar\Application Data\skypePM 2010-08-12 09:11 . 2008-06-23 17:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-08-11 20:57 . 2010-05-18 22:43 -------- d-----w- c:\program files\Panasonic 2010-08-11 20:57 . 2007-11-06 21:19 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-17 23:45 . 2008-06-25 06:02 -------- d-----w- c:\program files\AIM 2010-06-14 14:30 . 2007-11-06 19:17 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-01 04:54 . 2010-06-01 04:54 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-02-20 05:48 . 2008-09-25 06:49 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2009-02-20 05:48 . 2008-09-25 06:49 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2009-02-20 05:48 . 2008-09-25 06:49 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2009-02-20 05:48 . 2008-09-25 06:49 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2009-02-20 05:48 . 2008-09-25 06:49 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll 2009-12-23 05:45 . 2008-06-29 02:08 88 --sh--r- c:\windows\system32\0D3B9F4113.sys 2006-05-03 09:06 . 2009-10-20 05:33 163328 --sh--r- c:\windows\system32\flvDX.dll 2009-12-23 05:45 . 2008-06-29 02:08 2672 --sha-w- c:\windows\system32\KGyGaAvL.sys 2007-02-21 10:47 . 2009-10-20 05:33 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 . 2009-10-20 05:33 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay] @="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}" [HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}] 2007-06-06 07:16 2955264 ----a-w- c:\program files\Protector Suite QL\farchns.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen] @="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}" [HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}] 2007-06-06 07:16 2955264 ----a-w- c:\program files\Protector Suite QL\farchns.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AIM"="c:\program files\AIM\aim.exe" [2004-04-27 61440] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-27 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-12 8491008] "Apoint"="c:\program files\Apoint\Apoint.exe" [2007-09-06 118784] "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-06-01 823296] "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-06-01 974848] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768] "SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2007-09-28 217088] "Switcher.exe"="c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2007-01-24 176128] "VAIO Update 3"="c:\program files\Sony\VAIO Update 3\VAIOUpdt.exe" [2007-05-31 551032] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-17 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-17 162328] "VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672] "WinampAgent"="c:\program files\Winamp\Winampa.exe" [2002-04-26 12288] "WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2008-04-25 333120] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2006-02-28 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2006-02-28 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-02-28 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-02-28 455168] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-07-08 2048352] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2005-06-10 217088] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-6-26 113664] Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-08-22 04:18 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus] 2007-06-06 07:03 90112 ----a-w- c:\windows\system32\psqlpwd.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2007-05-17 04:50 73728 ----a-w- c:\windows\system32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli psqlpwd [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\AIM\\aim.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\WinSCP\\WinSCP.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "58921:TCP"= 58921:TCP:Pando Media Booster "58921:UDP"= 58921:UDP:Pando Media Booster R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [11/6/2007 11:05 AM 14720] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [10/19/2008 7:45 PM 335240] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [10/19/2008 7:45 PM 108552] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [10/21/2008 2:30 PM 908056] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [10/21/2008 2:30 PM 297752] R2 PCID32;PCID32;c:\windows\system32\drivers\pcid32.sys [5/18/2010 3:44 PM 7271] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [11/6/2007 11:05 AM 41216] R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [11/6/2007 4:13 AM 71961] R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [11/6/2007 11:05 AM 812544] S3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [11/6/2007 11:05 AM 31104] S3 XDva349;XDva349;\??\c:\windows\system32\XDva349.sys --> c:\windows\system32\XDva349.sys [?] S3 XDva356;XDva356;\??\c:\windows\system32\XDva356.sys --> c:\windows\system32\XDva356.sys [?] . . ------- Supplementary Scan ------- . uStart Page = about:blank uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Net Transport??????? - c:\program files\Xi\NetTransport 2\NTAddLink.html IE: ???Net Transport??????? - c:\program files\Xi\NetTransport 2\NTAddList.html FF - ProfilePath - c:\documents and settings\sugar\Application Data\Mozilla\Firefox\Profiles\78txwsu3.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.registrar.ucla.edu/schedule/detselect.aspx?termsel=09S&subareasel=CHIN&idxcrs=0185++++ FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS REMOVED - - - - AddRemove-HijackThis - c:\program files\Trend Micro\HijackThis\HijackThis.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-14 09:42 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(980) c:\windows\system32\psqlpwd.dll c:\program files\Protector Suite QL\homefus2.dll c:\program files\Protector Suite QL\infra.dll c:\program files\Protector Suite QL\homepass.dll c:\program files\Protector Suite QL\bio.dll c:\program files\Protector Suite QL\remote.dll c:\windows\system32\VESWinlogon.dll c:\windows\system32\imjp81.ime c:\windows\system32\imjp81k.dll c:\windows\IME\IMJP8_1\Dicts\IMJPCD.DIC - - - - - - - > 'lsass.exe'(1036) c:\windows\system32\psqlpwd.dll c:\program files\Protector Suite QL\homefus2.dll c:\program files\Protector Suite QL\infra.dll . Completion time: 2010-08-14 09:44:32 ComboFix-quarantined-files.txt 2010-08-14 16:44 ComboFix2.txt 2009-02-20 09:33 Pre-Run: 3,080,118,272 bytes free Post-Run: 3,101,683,712 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 45F79C96D7AD2E2D2FBE5874E24CD786
  4. sugarsugar
    Hi! I posted the following in the General forum and was redirected here. I am unable to complete a MBAM scan and GMER gives me a BSOD when it gets to the "save" stage. DDS (Ver_10-03-17.01) - NTFSx86 Run by sugar at 23:03:04.82 on 08/13/2010 Fri Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_20 Microsoft Windows XP Professional 5.1.2600.2.932.81.1033.18.2046.1206 [GMT -7:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\Winamp\Winampa.exe C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\AIM\aim.exe C:\Program Files\Winamp\winamp.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\conime.exe C:\Documents and Settings\sugar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sugar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\AVG\AVG8\avgui.exe C:\Program Files\AVG\AVG8\avgscanx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Documents and Settings\sugar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sugar\My Documents\Downloads\dds.scr ============== Pseudo HJT Report =============== uStart Page = about:blank uInternet Settings,ProxyOverride = *.local BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: NTIECatcher Class: {c56cb6b0-0d96-11d6-8c65-b2868b609932} - c:\program files\xi\nettransport 2\NTIEHelper.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [AIM] c:\program files\aim\aim.exe -cnetwait.odl uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup mRun: [Apoint] "c:\program files\apoint\Apoint.exe" mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe" mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless mRun: [iSBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe" mRun: [sonyPowerCfg] "c:\program files\sony\vaio power management\SPMgr.exe" mRun: [switcher.exe] "c:\program files\sony\wireless switch setting utility\Switcher.exe" mRun: [VAIO Update 3] "c:\program files\sony\vaio update 3\VAIOUpdt.exe" /Stationary mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [VAIO Recovery] "c:\windows\sonysys\vaio recovery\PartSeal.exe" mRun: [WinampAgent] "c:\program files\winamp\Winampa.exe" mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [intelliPoint] "c:\program files\microsoft intellipoint\point32.exe" mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~2.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Net Transport??????? - c:\program files\xi\nettransport 2\NTAddLink.html IE: ???Net Transport??????? - c:\program files\xi\nettransport 2\NTAddList.html IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} - hxxp://www.live365.com/players/play365.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll Notify: psfus - c:\windows\system32\psqlpwd.dll Notify: VESWinlogon - VESWinlogon.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll LSA: Notification Packages = scecli psqlpwd Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\sugar\applic~1\mozilla\firefox\profiles\78txwsu3.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.registrar.ucla.edu/schedule/detselect.aspx?termsel=09S&subareasel=CHIN&idxcrs=0185++++ FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2007-11-6 14720] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-19 335240] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-10-19 27784] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-10-19 108552] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-10-21 908056] R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-10-21 297752] R2 PCID32;PCID32;c:\windows\system32\drivers\pcid32.sys [2010-5-18 7271] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-11-6 41216] R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2007-11-6 71961] R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-11-6 812544] S3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-11-6 31104] S3 XDva349;XDva349;\??\c:\windows\system32\xdva349.sys --> c:\windows\system32\XDva349.sys [?] S3 XDva356;XDva356;\??\c:\windows\system32\xdva356.sys --> c:\windows\system32\XDva356.sys [?] =============== Created Last 30 ================ 2010-08-14 01:03:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-14 01:03:36 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-14 01:03:36 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-14 00:07:08 0 d-----w- c:\windows\system32\wbem\Repository 2010-08-12 03:46:04 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2010-08-12 03:46:04 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2010-07-28 22:24:57 0 d-----w- C:\gPotato 2010-07-28 21:22:39 0 d-----w- c:\docume~1\alluse~1\applic~1\PMB Files 2010-07-28 21:21:32 0 d-----w- c:\program files\Pando Networks ==================== Find3M ==================== 2009-12-23 05:45:04 88 --sh--r- c:\windows\system32\0D3B9F4113.sys 2006-05-03 09:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll 2009-12-23 05:45:11 2672 --sha-w- c:\windows\system32\KGyGaAvL.sys 2007-02-21 10:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll 2007-11-06 21:14:56 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat 2008-06-25 02:21:19 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008062420080625\index.dat ============= FINISH: 23:04:17.09 ===============
  5. sugarsugar
    I seem to have difficulty running MBAM. When it reaches the file "C:\windows\system32\pintlpad.hlp", it simply crashes. And then drwatson32.exe also crashes right after. I've uninstalled and reinstalled to no avail. Is there any way to fix this? Thanks in advance!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.