Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

Missing DLL Errors

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

Missing DLL Errors

Unread postby diamond_diablo » February 17th, 2009, 9:08 am

Can't connect to the Internet and I am getting multiple DLL Errors.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:03:48 AM, on 2/17/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\apps\D_back\Sched_srv.exe
C:\WINDOWS\system32\gatewayipmon_svc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Intuit\DatabaseServer\QBPOSDBService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Intuit\DatabaseServer\QBDBMgrN.exe
C:\Program Files\Common Files\Intuit\DatabaseServer\QBDBMgrN.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\PROMon.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\program files\support.com\bin\tgcmd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\USS\USS.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmon.exe
C:\apps\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customi ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://www.sambassbaseball.org*; http://www.thehitting-zone.com*;http:// ... google.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [tgcmdprovidersbc] "c:\program files\support.com\bin\tgcmd.exe" /server /startmonitor /deaf /nosystray
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [WinVNC] "C:\apps\UltraVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [gcasServ] "C:\apps\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [202f2bce] rundll32.exe "C:\WINDOWS\system32\xcodhnjr.dll",b
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [BMN] "C:\Program Files\Common Files\System Doctor\dcmon.exe" dm=http://systemdoctor.com ad=http://systemdoctor.com sd=http://log.systemdoctor.com/
O4 - HKLM\..\Run: [USS] "C:\Program Files\USS\USS.exe"
O4 - HKLM\..\Run: [Lexmark 4200 Series] "C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe"
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Program Files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... xdm021YYUS
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\GameClient.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... 0.15-3.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/033415bb5e9 ... xIE601.cab
O16 - DPF: {5ACAA414-FCF1-468F-9442-71A7B6D2079E} (CitrixActivator Control) - https://www.myswa.com/maestroap_if/CitrixActivator.cab
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-3.ibm.com/pc/support/IbmEgath.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://atv.disney.go.com/global/downloa ... YAX29b.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://pi.zcorebusiness.com/dwa7W.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EP ... _v1-32.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{144B1893-24EE-4ADB-AF1D-841A997D0107}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{144B1893-24EE-4ADB-AF1D-841A997D0107}: NameServer = 192.168.1.1
O18 - Protocol: qbpos - {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\WINDOWS\System32\QBPOSProtocol.dll
O20 - Winlogon Notify: fccabbc - fccabbc.dll (file missing)
O20 - Winlogon Notify: jkhhe - C:\WINDOWS\system32\jkhhe.dll (file missing)
O20 - Winlogon Notify: pmkhh - C:\WINDOWS\system32\pmkhh.dll (file missing)
O20 - Winlogon Notify: qoMgGwTM - qoMgGwTM.dll (file missing)
O20 - Winlogon Notify: ssqpmmn - ssqpmmn.dll (file missing)
O20 - Winlogon Notify: ssqrq - C:\WINDOWS\system32\ssqrq.dll (file missing)
O20 - Winlogon Notify: __c0077790 - C:\WINDOWS\system32\__c0077790.dat (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: D_back scheduler service - Unknown owner - C:\apps\D_back\Sched_srv.exe
O23 - Service: Gateway IP Monitor (GatewayIPMonitor) - NETIKUS.NET ltd - C:\WINDOWS\system32\gatewayipmon_svc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: PLSRemote Service (PLSRemoteSvc) - Unknown owner - C:\WINDOWS\SYSTEM32\PLSRemote.exe
O23 - Service: QBPOS Database Manager (QBPOSDBServices) - Intuit Inc. - C:\Program Files\Common Files\Intuit\DatabaseServer\QBPOSDBService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
O24 - Desktop Component 0: (no name) - http://emailmg.ipower.com/atmail/imgs/s ... ground.gif

--
End of file - 13054 bytes
diamond_diablo
Regular Member
 
Posts: 28
Joined: June 6th, 2008, 6:47 pm
Top
Advertisement
Register to Remove

Re: Missing DLL Errors

Unread postby ndmmxiaomayi » March 1st, 2009, 12:30 am

Hi diamond_diablo,

If you still need help, please do the following:

Step 1

Please download DDS from Bleeping Computer and save it to your desktop.

Double click on dds to run it.

When done, DDS.txt will open. Another file, Attach.txt will open after a short while. Please save these 2 files to your desktop as they will be deleted once you close them.

Please attach Attach.txt in your next reply by scrolling down to Upload attachment and clicking on Browse....

An image is below for your reference:

Image

Step 2

Please download gmer.zip from Gmer and save it to your desktop.

  1. Right click on gmer.zip and select Extract All....
  2. Click Next on seeing the Welcome to the Compressed (zipped) Folders Extraction Wizard.
  3. Click on the Browse button. Click on Desktop. Then click OK.
  4. Click Next. It will start extracting.
  5. Once done, check (tick) the Show extracted files box and click Finish.

Double click on gmer.exe to run it. It will start running a scan. If it detects rootkit activity, you will receive a prompt to run a full scan. Click Yes.

  • When done, you may receive another notice. Click OK.
  • Click on Save ... to save a log.
  • Copy and paste in Gmer.txt and click Save.
  • Close Gmer.

If you receive no notice, click on the Scan button.

  • It will start scanning again.
  • When done, click on Save ... to save a log.
  • Copy and paste in Gmer.txt and click Save.
  • Close Gmer.

Note: Do not run any programs while Gmer is running.

In your next reply, please post:

  1. DDS.txt
  2. Attach.txt (attached to this topic)
  3. Gmer.txt
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am
Top

Re: Missing DLL Errors

Unread postby diamond_diablo » March 2nd, 2009, 11:13 pm

DDS (Ver_09-02-01.01) - NTFSx86
Run by Proshop at 19:09:08.95 on Mon 03/02/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.515 [GMT -6:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\apps\D_back\Sched_srv.exe
C:\WINDOWS\system32\gatewayipmon_svc.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intuit\DatabaseServer\QBPOSDBService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Intuit\DatabaseServer\QBDBMgrN.exe
C:\Program Files\Common Files\Intuit\DatabaseServer\QBDBMgrN.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PROMon.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\USS\USS.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmon.exe
C:\apps\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AVG\AVG8\aAvgApi.exe
C:\Program Files\Intuit\QuickBooks Point of Sale 4.0\qbpos.exe
C:\Program Files\Intuit\QuickBooks Point of Sale 4.0\EftSvr.exe
F:\VIRUS\THZ\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.yahoo.com/search/ie.html
mDefault_Page_URL = hxxp://yahoo.sbc.com/dsl
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://red.clientapps.yahoo.com/customi ... ch/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = 127.0.0.1
uInternet Settings,ProxyOverride = hxxp://www.sambassbaseball.org*; http://www.thehitting-zone.com*;http:// ... google.com
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customi ... .yahoo.com
mSearchAssistant = hxxp://www.google.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: NoExplorer - No File
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - No File
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\program files\yahoo!\messenger\yhexbmes.dll
EB: {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [tgcmd]
uRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
uRun: [DriverUpdaterPro] c:\program files\xpc tools\driver updater pro\DriverUpdaterPro.exe -t
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
mRun: [PROMon.exe] PROMon.exe
mRun: [Smapp] c:\program files\analog devices\soundmax\Smtray.exe
mRun: [Tgcmd]
mRun: [StorageGuard] "c:\program files\veritas software\update manager\sgtray.exe" /r
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [UC_SMB]
mRun: [BJCFD] c:\program files\broadjump\client foundation\CFD.exe
mRun: [tgcmdprovidersbc] "c:\program files\support.com\bin\tgcmd.exe" /server /startmonitor /deaf /nosystray
mRun: [PinnacleDriverCheck] c:\windows\system32\PSDrvCheck.exe
mRun: [WinVNC] "c:\apps\ultravnc\WinVNC.exe" -servicehelper
mRun: [gcasServ] "c:\apps\microsoft antispyware\gcasServ.exe"
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [202f2bce] rundll32.exe "c:\windows\system32\xcodhnjr.dll",b
mRun: [My Web Search Bar] rundll32 c:\progra~1\mywebs~1\bar\2.bin\MWSBAR.DLL,S
mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\2.bin\mwsoemon.exe
mRun: [BMN] "c:\program files\common files\system doctor\dcmon.exe" dm=http://systemdoctor.com ad=http://systemdoctor.com sd=http://log.systemdoctor.com/
mRun: [USS] "c:\program files\uss\USS.exe"
mRun: [Lexmark 4200 Series] "c:\program files\lexmark 4200 series\lxbmbmgr.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [SMSTray] c:\program files\samsung\samsung media studio 5\SMSTray.exe
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\proshop\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
IE: &Search - http://edits.mywebsearch.com/toolbaredi ... xdm021YYUS
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\PartyPoker.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\GameClient.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2499216C-4BA5-11D5-BD9C-000103C116D5} - {2499216C-4BA5-11D5-BD9C-000103C116D5} - c:\program files\yahoo!\common\ylogin.dll
IE: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - {4C171D40-8277-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\messenger\yhexbmes.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - hxxp://www.ipix.com/download/ipixx.cab
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocach ... 0.15-3.cab
DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} - hxxp://www.streamaudio.com/download/ccpm_0237.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/ ... vc1dmo.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/ ... mv9VCM.CAB
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab
DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - hxxp://software-dl.real.com/033415bb5e9 ... xIE601.cab
DPF: {5ACAA414-FCF1-468F-9442-71A7B6D2079E} - hxxps://www.myswa.com/maestroap_if/CitrixActivator.cab
DPF: {74FFE28D-2378-11D5-990C-006094235084} - hxxp://www-3.ibm.com/pc/support/IbmEgath.cab
DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://atv.disney.go.com/global/downloa ... YAX29b.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {9CF28A69-7659-4C51-BFD5-9ADE19E19EC3} - hxxp://download.yahoo.com/dl/installs/b ... regcfg.cab
DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - hxxp://download.yahoo.com/dl/installs/ymail/ymmapi.dll
DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - hxxp://download.yahoo.com/dl/installs/yab_af.cab
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - hxxp://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxp://pi.zcorebusiness.com/dwa7W.cab
DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} - hxxp://tools.ebayimg.com/eps/activex/EP ... _v1-32.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: qbpos - {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - c:\windows\system32\QBPOSProtocol.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: fccabbc - fccabbc.dll
Notify: igfxcui - igfxsrvc.dll
Notify: jkhhe - c:\windows\system32\jkhhe.dll
Notify: pmkhh - c:\windows\system32\pmkhh.dll
Notify: qoMgGwTM - qoMgGwTM.dll
Notify: ssqpmmn - ssqpmmn.dll
Notify: ssqrq - c:\windows\system32\ssqrq.dll
Notify: __c0077790 - c:\windows\system32\__c0077790.dat
SEH: Microsoft.AntiSpyware.ShellExecuteHook.1: {9ef34ff2-3396-4527-9d27-04c8c1c67806} - c:\apps\microsoft antispyware\shellextension.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\geBUnlIA
LSA: Notification Packages = scecli

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\proshop\applic~1\mozilla\firefox\profiles\4hfcfzh5.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbarff\components\vmAVGConnector.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-18 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-18 27656]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-18 107272]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-18 298264]
R2 D_back scheduler service;D_back scheduler service;c:\apps\d_back\sched_srv.exe [2004-12-7 167936]
R2 GatewayIPMonitor;Gateway IP Monitor;c:\windows\system32\gatewayipmon_svc.exe [2003-10-19 77824]
R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2005-5-30 14336]
R2 SECYPECP;SECYPECP;c:\windows\system32\drivers\SECYPECP.sys [2004-6-3 14032]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-10 24652]

=============== Created Last 30 ================

2009-02-19 18:45 65 a------- c:\windows\FISHUI.INI
2009-02-19 18:16 <DIR> --d----- c:\program files\Samsung
2009-02-19 18:16 <DIR> --d----- c:\docume~1\proshop\applic~1\DataCast
2009-02-19 18:16 <DIR> --d----- c:\program files\MarkAny
2009-02-18 20:30 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-02-18 20:12 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-02-18 20:12 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-02-18 20:12 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-02-18 20:12 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-02-18 20:12 <DIR> --d----- c:\docume~1\proshop\applic~1\AVGTOOLBAR
2009-02-18 20:11 <DIR> --d----- c:\program files\AVG
2009-02-18 20:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-02-18 03:02 <DIR> --d----- c:\program files\MSXML 4.0
2009-02-17 16:59 272,128 -------- c:\windows\system32\dllcache\bthport.sys
2009-02-17 16:58 666,112 -------- c:\windows\system32\dllcache\wininet.dll
2009-02-17 16:58 619,520 -------- c:\windows\system32\dllcache\urlmon.dll
2009-02-17 16:58 1,499,136 -------- c:\windows\system32\dllcache\shdocvw.dll
2009-02-17 16:58 1,846,400 -------- c:\windows\system32\dllcache\win32k.sys
2009-02-17 16:58 2,189,184 -------- c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-17 16:58 2,145,280 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-17 16:58 2,023,936 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-17 16:58 2,066,048 -------- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-17 16:58 3,067,904 -------- c:\windows\system32\dllcache\mshtml.dll
2009-02-17 16:57 203,136 -------- c:\windows\system32\dllcache\rmcast.sys
2009-02-17 16:57 455,296 -------- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-17 16:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2009-02-17 16:57 331,776 -------- c:\windows\system32\dllcache\msadce.dll
2009-02-17 16:57 691,712 -------- c:\windows\system32\dllcache\inetcomm.dll
2009-02-17 16:57 1,203,770 -------- c:\windows\system32\dllcache\sysmain.sdb
2009-02-17 16:57 247,326 -------- c:\windows\system32\dllcache\strmdll.dll
2009-02-17 16:57 337,408 -------- c:\windows\system32\dllcache\netapi32.dll
2009-02-17 16:57 1,106,944 -------- c:\windows\system32\dllcache\msxml3.dll
2009-02-17 13:10 <DIR> --d----- c:\windows\system32\scripting
2009-02-17 13:10 <DIR> --d----- c:\windows\system32\en
2009-02-17 13:10 <DIR> --d----- c:\windows\l2schemas
2009-02-17 13:05 <DIR> --d----- c:\windows\network diagnostic
2009-02-17 12:45 276,992 -------- c:\windows\system32\wmphoto.dll
2009-02-17 12:45 69,120 -------- c:\windows\system32\wlanapi.dll
2009-02-17 12:45 712,704 -------- c:\windows\system32\windowscodecs.dll
2009-02-17 12:45 346,112 -------- c:\windows\system32\windowscodecsext.dll
2009-02-17 12:45 53,248 -------- c:\windows\system32\tsgqec.dll
2009-02-17 12:45 50,688 -------- c:\windows\system32\tspkg.dll
2009-02-17 12:45 10,240 -------- c:\windows\system32\drivers\sffp_mmc.sys
2009-02-17 12:45 32,768 -------- c:\windows\system32\setupn.exe
2009-02-17 12:45 290,304 -------- c:\windows\system32\rhttpaa.dll
2009-02-17 09:21 5,426 a------- c:\windows\system32\spupdsvc.inf
2009-02-17 09:03 <DIR> --d----- c:\windows\ServicePackFiles
2009-02-17 07:03 <DIR> --d----- c:\program files\Trend Micro
2009-02-16 22:09 <DIR> --d----- C:\fixwareout
2009-02-16 21:51 <DIR> --d----- c:\windows\Internet Logs
2009-02-16 21:23 12,160 a------- c:\windows\system32\drivers\mouhid.sys

==================== Find3M ====================

2009-02-17 13:14 77,543 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-30 18:30 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-11 13:46 172,465 a------- c:\windows\hpoins28.dat
2009-01-08 20:02 123,085 a------- c:\windows\HPHins12.dat
2007-07-02 18:55 774,144 a------- c:\program files\RngInterstitial.dll
2008-05-16 19:08 1,355,576 a--sh--- c:\windows\system32\AIlnUBeg.ini2
2008-05-14 17:52 6,797 a--sh--- c:\windows\system32\BeeMlUtv.ini2
2008-05-14 18:20 7,145 a--sh--- c:\windows\system32\bLmpqBeg.ini2
2008-05-14 18:20 7,515 a--sh--- c:\windows\system32\CKlRAJjl.ini2
2007-10-06 06:33 16,569 a--sh--- c:\windows\system32\ehhkj.bak1
2007-10-05 06:32 23,772 a--sh--- c:\windows\system32\ehhkj.bak2
2007-10-06 15:36 14,543 a--sh--- c:\windows\system32\ehhkj.ini2
2007-10-01 01:00 23,722 a--sh--- c:\windows\system32\hhkmp.bak1
2007-09-29 04:21 24,543 a--sh--- c:\windows\system32\qrqss.bak1
2007-10-31 17:02 64,384 a--sh--- c:\windows\system32\tvvwa.bak1
2007-11-01 16:13 55,867 a--sh--- c:\windows\system32\tvvwa.bak2
2008-04-17 22:20 6,823 a--sh--- c:\windows\system32\yGhhNXyb.ini2

============= FINISH: 19:10:32.06 ===============


GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2009-03-02 20:57:03
Windows 5.1.2600 Service Pack 3


---- Devices - GMER 1.0.14 ----

Device \FileSystem\Fastfat \Fat tfsnifs.sys (Direct Access Component/VERITAS Software, Inc.)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Ip ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp ntoskrnl.exe (NT Kernel & System/Microsoft Corporation)

---- EOF - GMER 1.0.14 ----
You do not have the required permissions to view the files attached to this post.
diamond_diablo
Regular Member
 
Posts: 28
Joined: June 6th, 2008, 6:47 pm
Top

Re: Missing DLL Errors

Unread postby ndmmxiaomayi » March 3rd, 2009, 8:22 am

Hi diamond_diablo,

With reference to Malware Removal's P2P Programs Policy, please uninstall the following programs before we continue:

  1. Click on Start > Control Panel and double click on Add/Remove Programs.
  2. Locate LimeWire 5.0.11 and click on the Change/Remove button to uninstall it.
  3. Close Add/Remove Programs and Control Panel when done.
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am
Top

Re: Missing DLL Errors

Unread postby diamond_diablo » March 3rd, 2009, 9:56 am

Ok, that has been removed. Thanks!
diamond_diablo
Regular Member
 
Posts: 28
Joined: June 6th, 2008, 6:47 pm
Top

Re: Missing DLL Errors

Unread postby ndmmxiaomayi » March 3rd, 2009, 10:48 am

Hi diamond_diablo,

Step 1

Please open the AVG 8 Control Center, by right clicking on the AVG 8 icon on task bar.

  • Click on Tools.
  • Select Advanced Settings.
  • In the left hand pane, scroll down to Resident Shield.
  • In the main pane, deselect the option to Enable Resident Shield.
  • To re-enable AVG 8, please select Enable Resident Shield again.

Step 2

Please visit this page to download and run Combofix - http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Save it to your desktop.

  • Double click on ComboFix.exe & follow the prompts.

  • As part of its process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. You will see the following message if Microsoft Windows Recovery Console is not installed.

    Image

    With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue its malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Image


Click on Yes to continue scanning for malware.

When finished, a log will be produced. Please post this log in your next reply.

Do not mouse click on Combofix while it is running. That may cause it to stall.
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am
Top

Re: Missing DLL Errors

Unread postby NonSuch » March 8th, 2009, 5:50 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Top
Advertisement
Register to Remove
Topic locked
  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 159 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index