Jump to content

MB won't run Need help have dds attach and ark


Recommended Posts

I am sure this has something to do with a hidden file called Mowepeki.dll . Anytime I open a program I get and error stating XX.exe -bad image and in the box its says " The application or DLL C:\Windows\system32\mowepeki.dll is not a valid Windows image. Please check this against your installation diskette." I dont have one as my computer came preloaded.

Malware bytes has always run fine on my computer until now. It (MB) is the only scanner that has detected this file (mowepeki.dll) but as soon as it did it shut down. Runtime error 9 it showed. Subscript out of range. I am also getting blue screen errors within the last 24hrs. It happens usually when I have IE up.

I dont know what of that is relevent and whats not but i hope someone can help me.

Thanks in advance for you time and effort. :D

DDS (Ver_09-12-01.01) - NTFSx86

Run by Owner at 23:15:28.21 on Sun 12/20/2009

Internet Explorer: 8.0.6001.18702

============== Running Processes ===============

============== Pseudo HJT Report ===============

uSearch Page = hxxp://search.yahoo.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uWindow Title = Windows Internet Explorer provided by Yahoo!

uDefault_Page_URL = hxxp://att.net

uSearch Bar = hxxp://www.yahoo.com/ext/search/search.html

uStart Page = hxxp://att.my.yahoo.com/

mDefault_Page_URL = hxxp://www.yahoo.com

mDefault_Search_URL = hxxp://search.yahoo.com

mSearch Page = hxxp://search.yahoo.com

mStart Page = hxxp://www.yahoo.com

mSearch Bar = hxxp://www.yahoo.com/ext/search/search.html

uInternet Settings,ProxyOverride = 127.0.0.1;localhost;*.local

uSearchURL,(Default) = hxxp://search.yahoo.com

BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {243b17de-77c7-46bf-b94b-0b5f309a0e64} - c:\program files\microsoft money\system\mnyside.dll

BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Big Fish Games Toolbar: {c7c9fc25-88b0-4682-9c9f-2608e9117647} - c:\program files\bfgbar\bfg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll

BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File

TB: HP View: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hewlett-packard\digital imaging\bin\hpdtlk02.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: Big Fish Games Toolbar: {c7c9fc25-88b0-4682-9c9f-2608e9117647} - c:\program files\bfgbar\bfg.dll

TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

TB: {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [NVIEW] rundll32.exe nview.dll,nViewLoadHook

uRun: [backupNotify] "c:\program files\hewlett-packard\digital imaging\bin\backupnotify.exe"

uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\isuspm.exe" -scheduler

mRun: [storageGuard] "c:\program files\common files\sonic\update manager\sgtray.exe" /r

mRun: [Recguard] "c:\windows\sminst\RECGUARD.EXE"

mRun: [PS2] "c:\windows\system32\ps2.exe"

mRun: [PrinTray] "c:\windows\system32\spool\drivers\w32x86\3\printray.exe"

mRun: [nwiz] "c:\windows\system32\nwiz.exe" /installquiet /keeploaded /nodetect

mRun: [NvCplDaemon] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvCpl.dll,NvStartup

mRun: [KBD] "c:\hp\kbd\KBD.EXE"

mRun: [iPInSightMonitor 02] "c:\program files\visual networks\visual ip insight\sbc\IPMon32.exe"

mRun: [iPInSightLAN 02] "c:\program files\visual networks\visual ip insight\sbc\IPClient.exe" -l

mRun: [igfxTray] "c:\windows\system32\igfxtray.exe"

mRun: [hpsysdrv] "c:\windows\system\hpsysdrv.exe"

mRun: [HPHmon05] "c:\windows\system32\hphmon05.exe"

mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"

mRun: [CamMonitor] c:\program files\hewlett-packard\digital imaging\\unload\hpqcmon.exe

mRun: [bJCFD] "c:\program files\broadjump\client foundation\CFD.exe"

mRun: [AlcxMonitor] "c:\windows\ALCXMNTR.EXE"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide

mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto

mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

StartupFolder: c:\docume~1\owner\startm~1\programs\startup\spamsu~1.lnk - c:\program files\intermute\spamsubtract\SpamSubtract.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe

IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\owner\start menu\programs\imvu\Run IMVU.lnk

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll

IE: {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - {DD6687B5-CB43-4211-BFC9-2942CCBDCB3E} - c:\program files\microsoft money\system\mnyside.dll

Trusted Zone: internet

Trusted Zone: mcafee.com

DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} - hxxp://coupons.smartsource.com/download/cscmv5X.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230934504421

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230934481937

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Notify: igfxcui - igfxsrvc.dll

Notify: OPXPGina - c:\program files\softex\omnipass\opxpgina.dll

AppInit_DLLs: c:\windows\system32\mowepeki.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

LSA: Notification Packages = scecli scecli c:\windows\system32\mowepeki.dll

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

============= SERVICES / DRIVERS ===============

=============== Created Last 30 ================

2100-02-23 20:35:34 768 -c--a-w- c:\program files\x73_lut.dat

2100-02-08 22:03:54 53248 ----a-w- c:\program files\ACMonitor_X73.exe

2009-12-21 05:07:21 0 ----a-w- c:\documents and settings\owner\defogger_reenable

2009-12-20 23:25:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-12-20 23:25:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-12-20 01:30:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Nick_Chase_2_survey

2009-12-15 14:49:31 0 d-----w- c:\docume~1\owner\applic~1\Game Mill Entertainment

2009-12-12 09:01:06 56040 ---ha-w- c:\windows\system32\mlfcache.dat

2009-12-11 11:36:45 0 d-----w- c:\program files\iPod

2009-12-11 11:36:26 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2009-12-10 19:55:37 0 d-----w- c:\docume~1\owner\applic~1\iMaxGen

2009-12-04 18:07:18 0 ----a-w- c:\windows\EEventManager.INI

2009-11-30 23:47:38 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys

2009-11-30 23:47:38 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

2009-11-30 23:42:59 0 d-----w- c:\program files\Epson Software

2009-11-30 23:42:18 86528 ----a-w- c:\windows\system32\E_FLBFBA.DLL

2009-11-30 23:42:18 78848 ----a-w- c:\windows\system32\E_FD4BFBA.DLL

2009-11-30 23:41:34 0 d-----w- c:\docume~1\alluse~1\applic~1\EPSON

2009-11-30 23:40:55 9216 ----a-w- c:\windows\system32\escdev.dll

2009-11-30 23:40:55 342016 ----a-w- c:\windows\system32\eswiaud.dll

2009-11-30 23:40:46 0 d-----w- c:\program files\epson

2009-11-30 23:39:15 45 ----a-w- c:\windows\EPNX110.ini

2009-11-29 14:37:17 0 d-----w- c:\docume~1\owner\applic~1\Orneon

==================== Find3M ====================

2009-10-11 10:17:27 411368 -c--a-w- c:\windows\system32\deploytk.dll

2008-05-25 14:38:02 1096 -c--a-w- c:\program files\install.log

2008-02-27 02:38:48 0 -c--a-w- c:\program files\temp01

2001-07-26 22:58:46 47 -c--a-w- c:\program files\ACMonitor_X73.ini

2001-07-05 18:46:44 8116 -c--a-w- c:\program files\OSLO3071b2.USB

2001-05-08 22:36:42 114688 -c--a-w- c:\program files\lxarscan.dll

2001-04-23 20:22:14 1437 -c--a-w- c:\program files\gtx73.ini

2007-06-10 07:00:02 0 -csha-w- c:\windows\sminst\HPCD.SYS

2007-07-25 06:30:59 56 -csh--r- c:\windows\system32\E36073606F.sys

1601-01-01 00:12:31 0 --sha-w- c:\windows\system32\mowepeki.dll

2009-09-19 19:54:47 245760 -csha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat

============= FINISH: 23:18:47.87 ===============

ark.zip

Attach.zip

Link to post
Share on other sites

Hello MooshiMe

Welcome to Malwarebytes.

=====================

Please download OTM

  • Save it to your desktop.
  • Please double-click OTM to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    :Files
    c:\program files\temp01
    c:\windows\system32\mowepeki.dll

    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=""

    :Commands
    [emptytemp]
    [Reboot]


  • Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM and reboot your PC.

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

=============================

Update Run Malwarebytes

Please update\run Malwarebytes' Anti-Malware.

Double Click the Malwarebytes Anti-Malware icon to run the application.

  • Click on the update tab then click on Check for updates.
  • If an update is found, it will download and install the latest version.
  • Once the update has loaded, go to the Scanner tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.

=====

* Go here to run an online scannner from ESET.

  • Note: You will need to use Internet explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Check next options: Remove found threats and Scan unwanted applications.
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Link to post
Share on other sites

First, thank you very much for helping me. Secondly, here's the logs you asked for in the order of the steps. And btw, after the otm it had me shut down and there is no more "bad image" error messages. Not sure if that means anything but just thought I'd let you know. Let me know if I need to do anything else and thanks again for helping.

All processes killed

========== FILES ==========

c:\program files\temp01 moved successfully.

LoadLibrary failed for c:\windows\system32\mowepeki.dll

c:\windows\system32\mowepeki.dll moved successfully.

========== REGISTRY ==========

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!

========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

User: All Users

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService

->Temp folder emptied: 65716 bytes

->Temporary Internet Files folder emptied: 40621 bytes

User: NetworkService

->Temp folder emptied: 36054 bytes

->Temporary Internet Files folder emptied: 1060747 bytes

User: Owner

->Temp folder emptied: 6159580 bytes

->Temporary Internet Files folder emptied: 20019238 bytes

->Java cache emptied: 96687072 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 215616 bytes

%systemroot%\System32 .tmp files removed: 2577 bytes

Windows Temp folder emptied: 307356150 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 216927 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 412.00 mb

OTM by OldTimer - Version 3.1.3.0 log created on 12222009_103718

Files moved on Reboot...

File C:\WINDOWS\temp\mcmsc_AsXTvQsPoL1dp2N not found!

Registry entries deleted on Reboot...

Malwarebytes' Anti-Malware 1.42

Database version: 3408

Windows 5.1.2600 Service Pack 2

Internet Explorer 8.0.6001.18702

12/22/2009 11:09:23 AM

mbam-log-2009-12-22 (11-09-23).txt

Scan type: Quick Scan

Objects scanned: 118274

Time elapsed: 15 minute(s), 23 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6211

# api_version=3.0.2

# EOSSerial=9673b7c0d0eb134cab73f14c14e9d93f

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2009-12-22 07:21:07

# local_time=2009-12-22 01:21:07 (-0600, Central Standard Time)

# country="United States"

# lang=9

# osver=5.1.2600 NT Service Pack 2

# compatibility_mode=crash

# scanned=134309

# found=0

# cleaned=0

# scan_time=7470

Link to post
Share on other sites

Very good let's see a new dds log and we will wrap it up.

You are welcome.

I didn't know if you wanted the attach log as well so I've attached it just in case. Had to put a 2 on there cause the other was still saved to my desktop. Do I delete the dds and the defogger and gmer after we are done?

Thanks

DDS (Ver_09-12-01.01) - NTFSx86

Run by Owner at 0:39:41.70 on Wed 12/23/2009

Internet Explorer: 8.0.6001.18702

============== Running Processes ===============

============== Pseudo HJT Report ===============

uSearch Page = hxxp://search.yahoo.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uWindow Title = Windows Internet Explorer provided by Yahoo!

uDefault_Page_URL = hxxp://att.net

uSearch Bar = hxxp://www.yahoo.com/ext/search/search.html

uStart Page = hxxp://att.my.yahoo.com/

mDefault_Page_URL = hxxp://www.yahoo.com

mDefault_Search_URL = hxxp://search.yahoo.com

mSearch Page = hxxp://search.yahoo.com

mStart Page = hxxp://www.yahoo.com

mSearch Bar = hxxp://www.yahoo.com/ext/search/search.html

uInternet Settings,ProxyOverride = 127.0.0.1;localhost;*.local

uSearchURL,(Default) = hxxp://search.yahoo.com

BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {243b17de-77c7-46bf-b94b-0b5f309a0e64} - c:\program files\microsoft money\system\mnyside.dll

BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Big Fish Games Toolbar: {c7c9fc25-88b0-4682-9c9f-2608e9117647} - c:\program files\bfgbar\bfg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll

BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File

TB: HP View: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hewlett-packard\digital imaging\bin\hpdtlk02.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: Big Fish Games Toolbar: {c7c9fc25-88b0-4682-9c9f-2608e9117647} - c:\program files\bfgbar\bfg.dll

TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

TB: {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [NVIEW] rundll32.exe nview.dll,nViewLoadHook

uRun: [backupNotify] "c:\program files\hewlett-packard\digital imaging\bin\backupnotify.exe"

uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\isuspm.exe" -scheduler

mRun: [storageGuard] "c:\program files\common files\sonic\update manager\sgtray.exe" /r

mRun: [Recguard] "c:\windows\sminst\RECGUARD.EXE"

mRun: [PS2] "c:\windows\system32\ps2.exe"

mRun: [PrinTray] "c:\windows\system32\spool\drivers\w32x86\3\printray.exe"

mRun: [nwiz] "c:\windows\system32\nwiz.exe" /installquiet /keeploaded /nodetect

mRun: [NvCplDaemon] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvCpl.dll,NvStartup

mRun: [KBD] "c:\hp\kbd\KBD.EXE"

mRun: [iPInSightMonitor 02] "c:\program files\visual networks\visual ip insight\sbc\IPMon32.exe"

mRun: [iPInSightLAN 02] "c:\program files\visual networks\visual ip insight\sbc\IPClient.exe" -l

mRun: [igfxTray] "c:\windows\system32\igfxtray.exe"

mRun: [hpsysdrv] "c:\windows\system\hpsysdrv.exe"

mRun: [HPHmon05] "c:\windows\system32\hphmon05.exe"

mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"

mRun: [CamMonitor] c:\program files\hewlett-packard\digital imaging\\unload\hpqcmon.exe

mRun: [bJCFD] "c:\program files\broadjump\client foundation\CFD.exe"

mRun: [AlcxMonitor] "c:\windows\ALCXMNTR.EXE"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide

mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto

mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

StartupFolder: c:\docume~1\owner\startm~1\programs\startup\spamsu~1.lnk - c:\program files\intermute\spamsubtract\SpamSubtract.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe

IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\owner\start menu\programs\imvu\Run IMVU.lnk

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll

IE: {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - {DD6687B5-CB43-4211-BFC9-2942CCBDCB3E} - c:\program files\microsoft money\system\mnyside.dll

Trusted Zone: internet

Trusted Zone: mcafee.com

DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} - hxxp://coupons.smartsource.com/download/cscmv5X.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230934504421

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230934481937

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Notify: igfxcui - igfxsrvc.dll

Notify: OPXPGina - c:\program files\softex\omnipass\opxpgina.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

LSA: Notification Packages = scecli scecli c:\windows\system32\mowepeki.dll

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

============= SERVICES / DRIVERS ===============

=============== Created Last 30 ================

2100-02-23 20:35:34 768 -c--a-w- c:\program files\x73_lut.dat

2100-02-08 22:03:54 53248 ----a-w- c:\program files\ACMonitor_X73.exe

2009-12-22 17:12:35 0 d-----w- c:\program files\ESET

2009-12-22 16:37:18 0 d-----w- C:\_OTM

2009-12-21 05:07:21 0 ----a-w- c:\documents and settings\owner\defogger_reenable

2009-12-20 23:25:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-12-20 23:25:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-12-20 01:30:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Nick_Chase_2_survey

2009-12-15 14:49:31 0 d-----w- c:\docume~1\owner\applic~1\Game Mill Entertainment

2009-12-12 09:01:06 56040 ---ha-w- c:\windows\system32\mlfcache.dat

2009-12-11 11:36:45 0 d-----w- c:\program files\iPod

2009-12-11 11:36:26 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2009-12-10 19:55:37 0 d-----w- c:\docume~1\owner\applic~1\iMaxGen

2009-12-04 18:07:18 0 ----a-w- c:\windows\EEventManager.INI

2009-11-30 23:47:38 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys

2009-11-30 23:47:38 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

2009-11-30 23:42:59 0 d-----w- c:\program files\Epson Software

2009-11-30 23:42:18 86528 ----a-w- c:\windows\system32\E_FLBFBA.DLL

2009-11-30 23:42:18 78848 ----a-w- c:\windows\system32\E_FD4BFBA.DLL

2009-11-30 23:41:34 0 d-----w- c:\docume~1\alluse~1\applic~1\EPSON

2009-11-30 23:40:55 9216 ----a-w- c:\windows\system32\escdev.dll

2009-11-30 23:40:55 342016 ----a-w- c:\windows\system32\eswiaud.dll

2009-11-30 23:40:46 0 d-----w- c:\program files\epson

2009-11-30 23:39:15 45 ----a-w- c:\windows\EPNX110.ini

2009-11-29 14:37:17 0 d-----w- c:\docume~1\owner\applic~1\Orneon

==================== Find3M ====================

2009-10-11 10:17:27 411368 -c--a-w- c:\windows\system32\deploytk.dll

2008-05-25 14:38:02 1096 -c--a-w- c:\program files\install.log

2001-07-26 22:58:46 47 -c--a-w- c:\program files\ACMonitor_X73.ini

2001-07-05 18:46:44 8116 -c--a-w- c:\program files\OSLO3071b2.USB

2001-05-08 22:36:42 114688 -c--a-w- c:\program files\lxarscan.dll

2001-04-23 20:22:14 1437 -c--a-w- c:\program files\gtx73.ini

2007-06-10 07:00:02 0 -csha-w- c:\windows\sminst\HPCD.SYS

2007-07-25 06:30:59 56 -csh--r- c:\windows\system32\E36073606F.sys

2009-09-19 19:54:47 245760 -csha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat

============= FINISH: 0:40:57.89 ===============

Attach2.zip

Link to post
Share on other sites

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

First, we need to backup your registry:

Please go to Start > Run

Paste in the following line:regedit /e c:\registrybackup.reg

Click OK.

It won't appear to be doing anything, that's normal.

Your mouse pointer may turn to an hour glass for a minute.

Please continue when it no longer has the hour glass.

Please open up Notepad and copy all of the items in the code box below.

Change the "Save As Type" to "All Files". Save it as fixthis.reg on your Desktop.

REGEDIT4

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"=hex(7):73,63,65,63,6c,69,00,00

Now double-click fixthis.reg.

A window will come up asking if you want to let it merge with the registry.

Click yes.

Reboot for the changes to take place and post a new dds log after that no need to attach anything,

Link to post
Share on other sites

Here's the log. Thanks :)

DDS (Ver_09-12-01.01) - NTFSx86

Run by Owner at 9:11:07.18 on Wed 12/23/2009

Internet Explorer: 8.0.6001.18702

============== Running Processes ===============

============== Pseudo HJT Report ===============

uSearch Page = hxxp://search.yahoo.com

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

uWindow Title = Windows Internet Explorer provided by Yahoo!

uDefault_Page_URL = hxxp://att.net

uSearch Bar = hxxp://www.yahoo.com/ext/search/search.html

uStart Page = hxxp://att.my.yahoo.com/

mDefault_Page_URL = hxxp://www.yahoo.com

mDefault_Search_URL = hxxp://search.yahoo.com

mSearch Page = hxxp://search.yahoo.com

mStart Page = hxxp://www.yahoo.com

mSearch Bar = hxxp://www.yahoo.com/ext/search/search.html

uInternet Settings,ProxyOverride = 127.0.0.1;localhost;*.local

uSearchURL,(Default) = hxxp://search.yahoo.com

BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {243b17de-77c7-46bf-b94b-0b5f309a0e64} - c:\program files\microsoft money\system\mnyside.dll

BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Big Fish Games Toolbar: {c7c9fc25-88b0-4682-9c9f-2608e9117647} - c:\program files\bfgbar\bfg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll

BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File

TB: HP View: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hewlett-packard\digital imaging\bin\hpdtlk02.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: Big Fish Games Toolbar: {c7c9fc25-88b0-4682-9c9f-2608e9117647} - c:\program files\bfgbar\bfg.dll

TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

TB: {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [NVIEW] rundll32.exe nview.dll,nViewLoadHook

uRun: [backupNotify] "c:\program files\hewlett-packard\digital imaging\bin\backupnotify.exe"

uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\isuspm.exe" -scheduler

mRun: [storageGuard] "c:\program files\common files\sonic\update manager\sgtray.exe" /r

mRun: [Recguard] "c:\windows\sminst\RECGUARD.EXE"

mRun: [PS2] "c:\windows\system32\ps2.exe"

mRun: [PrinTray] "c:\windows\system32\spool\drivers\w32x86\3\printray.exe"

mRun: [nwiz] "c:\windows\system32\nwiz.exe" /installquiet /keeploaded /nodetect

mRun: [NvCplDaemon] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvCpl.dll,NvStartup

mRun: [KBD] "c:\hp\kbd\KBD.EXE"

mRun: [iPInSightMonitor 02] "c:\program files\visual networks\visual ip insight\sbc\IPMon32.exe"

mRun: [iPInSightLAN 02] "c:\program files\visual networks\visual ip insight\sbc\IPClient.exe" -l

mRun: [igfxTray] "c:\windows\system32\igfxtray.exe"

mRun: [hpsysdrv] "c:\windows\system\hpsysdrv.exe"

mRun: [HPHmon05] "c:\windows\system32\hphmon05.exe"

mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"

mRun: [CamMonitor] c:\program files\hewlett-packard\digital imaging\\unload\hpqcmon.exe

mRun: [bJCFD] "c:\program files\broadjump\client foundation\CFD.exe"

mRun: [AlcxMonitor] "c:\windows\ALCXMNTR.EXE"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide

mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto

mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

StartupFolder: c:\docume~1\owner\startm~1\programs\startup\spamsu~1.lnk - c:\program files\intermute\spamsubtract\SpamSubtract.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe

IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\owner\start menu\programs\imvu\Run IMVU.lnk

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll

IE: {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - {DD6687B5-CB43-4211-BFC9-2942CCBDCB3E} - c:\program files\microsoft money\system\mnyside.dll

Trusted Zone: internet

Trusted Zone: mcafee.com

DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} - hxxp://coupons.smartsource.com/download/cscmv5X.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230934504421

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230934481937

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Notify: igfxcui - igfxsrvc.dll

Notify: OPXPGina - c:\program files\softex\omnipass\opxpgina.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

============= SERVICES / DRIVERS ===============

=============== Created Last 30 ================

2100-02-23 20:35:34 768 -c--a-w- c:\program files\x73_lut.dat

2100-02-08 22:03:54 53248 ----a-w- c:\program files\ACMonitor_X73.exe

2009-12-23 15:00:54 102587916 ----a-w- C:\registrybackup.reg

2009-12-22 17:12:35 0 d-----w- c:\program files\ESET

2009-12-22 16:37:18 0 d-----w- C:\_OTM

2009-12-21 05:07:21 0 ----a-w- c:\documents and settings\owner\defogger_reenable

2009-12-20 23:25:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-12-20 23:25:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-12-20 01:30:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Nick_Chase_2_survey

2009-12-15 14:49:31 0 d-----w- c:\docume~1\owner\applic~1\Game Mill Entertainment

2009-12-12 09:01:06 56040 ---ha-w- c:\windows\system32\mlfcache.dat

2009-12-11 11:36:45 0 d-----w- c:\program files\iPod

2009-12-11 11:36:26 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2009-12-10 19:55:37 0 d-----w- c:\docume~1\owner\applic~1\iMaxGen

2009-12-04 18:07:18 0 ----a-w- c:\windows\EEventManager.INI

2009-11-30 23:47:38 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys

2009-11-30 23:47:38 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

2009-11-30 23:42:59 0 d-----w- c:\program files\Epson Software

2009-11-30 23:42:18 86528 ----a-w- c:\windows\system32\E_FLBFBA.DLL

2009-11-30 23:42:18 78848 ----a-w- c:\windows\system32\E_FD4BFBA.DLL

2009-11-30 23:41:34 0 d-----w- c:\docume~1\alluse~1\applic~1\EPSON

2009-11-30 23:40:55 9216 ----a-w- c:\windows\system32\escdev.dll

2009-11-30 23:40:55 342016 ----a-w- c:\windows\system32\eswiaud.dll

2009-11-30 23:40:46 0 d-----w- c:\program files\epson

2009-11-30 23:39:15 45 ----a-w- c:\windows\EPNX110.ini

2009-11-29 14:37:17 0 d-----w- c:\docume~1\owner\applic~1\Orneon

==================== Find3M ====================

2009-10-11 10:17:27 411368 -c--a-w- c:\windows\system32\deploytk.dll

2008-05-25 14:38:02 1096 -c--a-w- c:\program files\install.log

2001-07-26 22:58:46 47 -c--a-w- c:\program files\ACMonitor_X73.ini

2001-07-05 18:46:44 8116 -c--a-w- c:\program files\OSLO3071b2.USB

2001-05-08 22:36:42 114688 -c--a-w- c:\program files\lxarscan.dll

2001-04-23 20:22:14 1437 -c--a-w- c:\program files\gtx73.ini

2007-06-10 07:00:02 0 -csha-w- c:\windows\sminst\HPCD.SYS

2007-07-25 06:30:59 56 -csh--r- c:\windows\system32\E36073606F.sys

2009-09-19 19:54:47 245760 -csha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat

============= FINISH: 9:13:28.76 ===============

Link to post
Share on other sites

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

======================Clear out infected System Restore points======================

Then we need to reset your System Restore points.

The link below shows how to do this.

How to Turn On and Turn Off System Restore in Windows XP

http://support.microsoft.com/kb/310405/en-us

If you are using Vista then see this link: http://www.bleepingcomputer.com/tutorials/...143.html#manual

Delete\uninstall anything else that we have used that is leftover.

=====================================

After that your all set.

The following are some articles and a Windows Update link that I like to suggest to people to prevent malware and general PC maintenance.

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Prevention article To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes.

If your computer is slow Is a tutorial on what you can do if your computer is slow.

File sharing program dangers Reasons to stay away from File sharing programs for ex: BitTorrent,Limewire,Kazaa,emule,Utorrent,Limewire etc...

Link to post
Share on other sites

Ran the OTC.

Just two more questions....do I go ahead and run the defogger and re-enable the CD Emulation drivers or leave them off? Also should I turn on system restore? I dont remember why it was off in the first place I think it had something to do with installing my antivirus.

Thanks again for your help.

Link to post
Share on other sites

.do I go ahead and run the defogger and re-enable the CD Emulation drivers or leave them off? Also should I turn on system restore? I dont remember why it was off in the first place I think it had something to do with installing my antivirus.
Yes re-enable your virtual drives via defogger.

Yes also turn on system restore.

After that you should be all set.

Link to post
Share on other sites

You are welcome :)

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If your the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.