Sign In
Create Account
1
I keep getting this error message when I scan with mbam.
I've already tried rebooting and reintalling, but they didn't work.
Does anyone know how to fix this problem?
Back to top
#2
Posted 31 January 2009 - 08:12 PM
-
- Experts
-
- 10,166 posts
I Love Andriana
- Gender:Male
- Location:Bulgaria, EU
- Interests:Information security and web development
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here
#3
Posted 31 January 2009 - 08:33 PM
-
- Members
-
- 15 posts
New Member
Maniac, on Jan 31 2009, 02:12 PM, said:
See this topic:
http://www.malwareby...?showtopic=8200
http://www.malwareby...?showtopic=8200
Attached Images
#4
Posted 31 January 2009 - 09:45 PM
-
- Trusted Advisors
-
- 5,534 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
Have you tried running mbam-clean.exe after uninstalling and rebooting? It may clear up the issue.
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#5
Posted 01 February 2009 - 12:58 AM
-
- Members
-
- 15 posts
New Member
GT500, on Jan 31 2009, 03:45 PM, said:
Have you tried running mbam-clean.exe after uninstalling and rebooting? It may clear up the issue.
I get same error message every time I run a scan.
#6
Posted 01 February 2009 - 02:26 AM
-
- Trusted Advisors
-
- 5,534 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
Error 731 means that there was a problem adding something to the results list.
Normally restarting your computer clears this up, but it sounds like something on your computer is interfering with MBAM. What security software do you have installed?
Normally restarting your computer clears this up, but it sounds like something on your computer is interfering with MBAM. What security software do you have installed?
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#7
Posted 01 February 2009 - 03:34 AM
-
- Members
-
- 15 posts
New Member
GT500, on Jan 31 2009, 08:26 PM, said:
Error 731 means that there was a problem adding something to the results list.
Normally restarting your computer clears this up, but it sounds like something on your computer is interfering with MBAM. What security software do you have installed?
Normally restarting your computer clears this up, but it sounds like something on your computer is interfering with MBAM. What security software do you have installed?
#8
Posted 01 February 2009 - 03:37 AM
-
- Trusted Advisors
-
- 5,534 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
rOadToIS said:
Comodo Internet Security without antivirus and Avira AntiVir Personal Edition
I'm not aware of any issues with Comodo, but try turning it off and see if the issue persists.
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#9
Posted 01 February 2009 - 02:10 PM
-
- Members
-
- 15 posts
New Member
GT500, on Jan 31 2009, 09:37 PM, said:
I'm not aware of any issues with Comodo, but try turning it off and see if the issue persists.
#10
Posted 01 February 2009 - 07:18 PM
-
- Trusted Advisors
-
- 5,534 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
Have you tried reinstalling with Comodo turned off?
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#11
Posted 01 February 2009 - 07:39 PM
-
- Members
-
- 15 posts
New Member
GT500, on Feb 1 2009, 01:18 PM, said:
Have you tried reinstalling with Comodo turned off?
So, I don't think COMODO nor Avira are the problem.
By the way, thanks for the prompt support.
#12
Posted 01 February 2009 - 08:04 PM
-
- Trusted Advisors
-
- 5,534 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
OK, download HijackThis, run a scan, and copy and paste the log into a reply.
Advanced Setup will probably reply with instructions to get help in our malware removal forum the moment he sees the log. It's mostly because he skims through here looking for logs in order to tell people where to post them. In this case I just want to see it to get an idea of what might be causing this issue.
Advanced Setup will probably reply with instructions to get help in our malware removal forum the moment he sees the log. It's mostly because he skims through here looking for logs in order to tell people where to post them. In this case I just want to see it to get an idea of what might be causing this issue.
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#13
Posted 01 February 2009 - 08:45 PM
-
- Members
-
- 15 posts
New Member
Just tell me if you cannot read parts of the log since they may not be in English.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 오전 5:40:50, on 2009-02-02
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI 제어판\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Documents and Settings\welcome\desktop\Security\HiJackThis.exe
R3 - URLSearchHook: 야후! 툴바 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI 제어판\atiptaxx.exe"
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] "C:\Windows\SMINST\RecGuard.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [imekrmig7.0] "C:\Program Files\Common Files\Microsoft Shared\IME\IMKR7\IMEKRMIG.EXE"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min /nosplash
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Microsoft Excel로 내보내기(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: 리서치 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=KO_KR&c=Q106&bd=presario&pf=laptop
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {02431A5A-0036-4851-AB6A-69783F89364A} (CiEBSWAX Class) - http://www.ebsi.co.k...veX/iEBSWAX.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2086592C-34CB-46BC-A042-715910AFBE81} (EBSSessionCheck.SessionCheck) - http://img.ebs.co.kr...essionCheck.CAB
O16 - DPF: {27E4B2A9-D554-40DE-B6CD-F11E9B44FBD0} (SimFileControl Control) - http://simfile.chol....FileControl.cab
O16 - DPF: {2D394D05-A066-4678-BA38-E85882B09B2E} (Controller Class) - http://www.cosmotan....net/myspeed.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.com/wizmodules/testgen/i...GenXInstall.cab
O16 - DPF: {3BE0021D-5CC6-4701-B8B1-F5D45A5BCC88} (XFileUploadListUp.ListUpCTL) - http://219.240.37.83...XFileUpload.CAB
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1006.cab
O16 - DPF: {5DAEF053-DEF0-4752-A963-CCE9B49B0B79} - http://blog.naver.co...n/item/nbgm.cab
O16 - DPF: {68253470-5D4F-4CDF-8D9C-353C14A2F013} (SVPorsche Control) - http://www.ebsi.co.k...X/SVPorsche.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1191718827437
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/activex/dmcc2.c...ersion=1,0,0,10
O16 - DPF: {93F79C47-F414-4EEE-95C5-A0F0ACE59A0E} (ALDx Class) - http://www.altools.co.kr/ALDX.cab
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.co...nstallAsst2.cab
O16 - DPF: {970E1B88-8AC1-4E31-86D6-BFA769CEF7A6} (eGSignPlus For_EBS Class) - http://www.ebsi.co.k...tiveX/eGEBS.cab
O16 - DPF: {97745861-F1A6-45B2-8AD1-0C17334550E6} (YahooCabinet Control) - http://img.yahoo.co....ahooCabinet.cab
O16 - DPF: {9B75502C-BBED-4BBD-8FE2-822E5E0AD32C} (MagicLockOCX Control) - http://www.diodeo.com/DioDeoPlayer.cab
O16 - DPF: {A1830188-679E-4A67-B121-570F37F18ACC} (Naver Music Player ActiveX) - http://blog.naver.co...n/item/nbgm.cab
O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} (Daum ActiveX manager Class) - http://cafeimg.hanma...cab?ver=1,2,3,1
O16 - DPF: {C16D796C-337C-11DB-8C7F-0003FF053800} (BrainPower_EBSi.BrainPower) - http://www.ebsi.co.kr/ebs/ActiveX/megabrai...nPower_EBSi.CAB
O16 - DPF: {D272260F-D335-4198-B0E5-B22F61141D79} (EBSiPlayerLibrary Control) - http://www.ebsi.co.k...SiPlayer_hd.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DF6B7F10-E995-4327-87CF-1300D974B82C} (EBS_TopMost.EBS_Top) - http://www.ebs.co.kr/Player/EBS.CAB
O16 - DPF: {E1CDC08F-F464-4682-AE6A-7689451387C0} (CAFE multiupload control) - http://cafeimg.hanma...ersion=1,0,0,22
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.co.../MathPlayer.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
--
End of file - 9605 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 오전 5:40:50, on 2009-02-02
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI 제어판\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HPQ\SHARED\HPQTOA~1.EXE
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Documents and Settings\welcome\desktop\Security\HiJackThis.exe
R3 - URLSearchHook: 야후! 툴바 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI 제어판\atiptaxx.exe"
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] "C:\Windows\SMINST\RecGuard.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [imekrmig7.0] "C:\Program Files\Common Files\Microsoft Shared\IME\IMKR7\IMEKRMIG.EXE"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min /nosplash
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Microsoft Excel로 내보내기(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: 리서치 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=KO_KR&c=Q106&bd=presario&pf=laptop
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {02431A5A-0036-4851-AB6A-69783F89364A} (CiEBSWAX Class) - http://www.ebsi.co.k...veX/iEBSWAX.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2086592C-34CB-46BC-A042-715910AFBE81} (EBSSessionCheck.SessionCheck) - http://img.ebs.co.kr...essionCheck.CAB
O16 - DPF: {27E4B2A9-D554-40DE-B6CD-F11E9B44FBD0} (SimFileControl Control) - http://simfile.chol....FileControl.cab
O16 - DPF: {2D394D05-A066-4678-BA38-E85882B09B2E} (Controller Class) - http://www.cosmotan....net/myspeed.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.com/wizmodules/testgen/i...GenXInstall.cab
O16 - DPF: {3BE0021D-5CC6-4701-B8B1-F5D45A5BCC88} (XFileUploadListUp.ListUpCTL) - http://219.240.37.83...XFileUpload.CAB
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1006.cab
O16 - DPF: {5DAEF053-DEF0-4752-A963-CCE9B49B0B79} - http://blog.naver.co...n/item/nbgm.cab
O16 - DPF: {68253470-5D4F-4CDF-8D9C-353C14A2F013} (SVPorsche Control) - http://www.ebsi.co.k...X/SVPorsche.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1191718827437
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/activex/dmcc2.c...ersion=1,0,0,10
O16 - DPF: {93F79C47-F414-4EEE-95C5-A0F0ACE59A0E} (ALDx Class) - http://www.altools.co.kr/ALDX.cab
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.co...nstallAsst2.cab
O16 - DPF: {970E1B88-8AC1-4E31-86D6-BFA769CEF7A6} (eGSignPlus For_EBS Class) - http://www.ebsi.co.k...tiveX/eGEBS.cab
O16 - DPF: {97745861-F1A6-45B2-8AD1-0C17334550E6} (YahooCabinet Control) - http://img.yahoo.co....ahooCabinet.cab
O16 - DPF: {9B75502C-BBED-4BBD-8FE2-822E5E0AD32C} (MagicLockOCX Control) - http://www.diodeo.com/DioDeoPlayer.cab
O16 - DPF: {A1830188-679E-4A67-B121-570F37F18ACC} (Naver Music Player ActiveX) - http://blog.naver.co...n/item/nbgm.cab
O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} (Daum ActiveX manager Class) - http://cafeimg.hanma...cab?ver=1,2,3,1
O16 - DPF: {C16D796C-337C-11DB-8C7F-0003FF053800} (BrainPower_EBSi.BrainPower) - http://www.ebsi.co.kr/ebs/ActiveX/megabrai...nPower_EBSi.CAB
O16 - DPF: {D272260F-D335-4198-B0E5-B22F61141D79} (EBSiPlayerLibrary Control) - http://www.ebsi.co.k...SiPlayer_hd.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DF6B7F10-E995-4327-87CF-1300D974B82C} (EBS_TopMost.EBS_Top) - http://www.ebs.co.kr/Player/EBS.CAB
O16 - DPF: {E1CDC08F-F464-4682-AE6A-7689451387C0} (CAFE multiupload control) - http://cafeimg.hanma...ersion=1,0,0,22
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.co.../MathPlayer.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
--
End of file - 9605 bytes
#14
Posted 01 February 2009 - 11:46 PM
-
- Trusted Advisors
-
- 5,534 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
I see two odd things in your HijackThis log.
The first is a useless entry you can tell HijackThis to fix. Just put a check mark in the box to the left of the line I list below, and click the 'Fix' button:
R3 - URLSearchHook: 야후! 툴바 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
The second is Sandboxie. While I know of now issues with Sandboxie, it may be prudent to disable or uninstall it just to make sure that MBAM isn't accidentally running in a sandbox when it shouldn't be.
The first is a useless entry you can tell HijackThis to fix. Just put a check mark in the box to the left of the line I list below, and click the 'Fix' button:
R3 - URLSearchHook: 야후! 툴바 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
The second is Sandboxie. While I know of now issues with Sandboxie, it may be prudent to disable or uninstall it just to make sure that MBAM isn't accidentally running in a sandbox when it shouldn't be.
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#15
Posted 02 February 2009 - 12:00 AM
-
- Members
-
- 15 posts
New Member
Unfortunately, disabling sandboxie didn't solve this problem; I got the same error message.
In addition, mbam runs fine on my desktop, where sandboxie is also installed.
Again, thanks for the support.
In addition, mbam runs fine on my desktop, where sandboxie is also installed.
Again, thanks for the support.
#16
Posted 02 February 2009 - 12:14 AM
-
- Trusted Advisors
-
- 5,534 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
Are you running as a limited user, or as an administrator?
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#18
Posted 02 February 2009 - 02:15 AM
-
- Trusted Advisors
-
- 5,534 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
That's very odd.
Lets try downloading Malwarebytes' Anti-Malware from a different website. Click this link, and then click the download button. Try the whole uninstall, reboot, mbam-clean.exe thing again, and this time reinstall with the new copy you downloaded from the link in the previous sentence.
Lets try downloading Malwarebytes' Anti-Malware from a different website. Click this link, and then click the download button. Try the whole uninstall, reboot, mbam-clean.exe thing again, and this time reinstall with the new copy you downloaded from the link in the previous sentence.
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#19
Posted 02 February 2009 - 02:58 AM
-
- Members
-
- 15 posts
New Member
I hate to say this, but I got the same error message.
#20
Posted 02 February 2009 - 03:52 AM
-
- Trusted Advisors
-
- 5,534 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
Well, this is annoying.
I know there was an odd issue with Chinese characters in Unicode, because Visual Basic doesn't support Unicode. I need to go look that one up.
I know there was an odd issue with Chinese characters in Unicode, because Visual Basic doesn't support Unicode. I need to go look that one up.
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
