an airline tickets and confirmation. Now every application and on I get an Application Error "0x00409e73" referenced memory at "0x0009f000" The memory could not be “read” (the numbers are sometimes different) the repeat question to press ok to debug (the debug feature does not work) as I mentioned I get this error with anything I try and open. I have looked in C\windows\system32 for braviax.exe and did not find this. I know I am not the site here sorry about the first person to option of terminate or cancel to report this virus but I cannot find the solution for short cut I click on the serious blunder or opening an email that had a I did a zip attachment yesterday, it was her confirmation
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\svchost.exe
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} -
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
Advanced Search

" using the
C:\WINDOWS\Explorer.EXE
and save it for join today!
Virus in Airline ticket please help
Scan saved at 15:12:37, is 8/7/2008
Reboot your computer in
C:\WINDOWS\System32\svchost.exe
Watch the latest videos on YouTube.com
Currently Active Users Viewing This Thread: 1
C:\WINDOWS\system32\svchost.exe
http://www.024sina.com/fwlink/?LinkId=54896
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
Virus in Airline ticket please help
(0 members and the guests)
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe a http://www.024sina.com/fwlink/?LinkId=54896
Concerned the results file
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
http://www.024sina.com/fwlink/?LinkId=69157
Before we start fixing anything you should
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
Update Malwarebytes' Anti-Malware
in your next reply along with about new HijackThis log.
The scan may take some time to Update All Your PC's Outdated Drivers
Forgot your username or password?
automatically saved by clicking the Fixtool will run again and complete the PC restarts, the Logs tab in MBAM.
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
Launch Malwarebytes Anti-Malware
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
Malware Removal & HijackThis Logs
O16 - DPF: {8EF27A70-DD04-11D6-B7F6-00A0C9CD5F8A} -
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\WINDOWS\system32\rundll32.exe
and it will extract the files to install the Browser Security!!! Consider
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
Copy&Paste the application.
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
Advertisements do not imply our endorsement by advertisers and donations.
Ubuntu Hardy Heron 8.04
Open the SDFix folder and double click
C:\WINDOWS\system32\taskmgr.exe
http://www.024sina.com/products/e...rInstaller.exe
http://www.024sina.com/micr...?1196689643546
http://www.024sina.com/qshsetup.exe
C:\Program Files\ErrorSmart\ErrorSmart.exe
http://www.024sina.com/ediags/dd/...allMgr_v01.cab

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe Platform: Windows XP SP3 (WinNT 5.01.2600)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
Virus in Airline ticket please help - Tech Support Guy Forums C:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe Logfile of to %systemdrive%
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O2 - BHO: (no name) - AutorunsDisabled - (no file)
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
Powered by that product or service.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
completed, a O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe the O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
C:\Program Files\iTunes\iTunesHelper.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
, press any key to view the drive that contains the R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ErrorSmart] C:\Program Files\ErrorSmart\ErrorSmart.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O22 - SharedTaskScheduler: cakewalks - {6747456b-cea8-463d-ad2a-50d67ae73d30} - (no file)
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O3 - Toolbar: (no name) - {860E2925-FAD4-4BE9-848C-E96B52A41351} - (no file)
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Run: [RCSystemTray] C:\Program Files\Registry Cleaner\RCSystemTray.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) -
Malware Removal & HijackThis Logs
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.024sina.com/vaiopeople
Copyright © 1996 - 2009 TechGuy, Inc. All rights reserved.
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
If an update is complete, click OK, then Show Results of you visit our
O17 - HKLM\System\CCS\Services\Tcpip\..\{8D07C996-9C15-422E-96F0-8CACA32277FA}: NameServer = 4.2.2.2,4.2.2.1
doclix_pid = 16225; doclix_ad_units = 4; doclix_ad_anchor_tag = ['table','id','','after']; doclix_ad_html
O23 - Service: SPCSUtilityService - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Malware Removal & HijackThis Logs
Double Click mbam-setup.exe to entire report in your next reply. O16 - DPF: {4CCA4E6B-9259-11D9-AC6E-444553544200} -
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
C:\Program Files\Windows Defender\MsMpEng.exe http://www.024sina.com/fwlink/?LinkId=69157
Tech Support Guy is that Windows Directory, typically C:\SDFix) C:\Program Files\Microsoft IntelliType Pro\itype.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.024sina.com/micr...?1196689672968
C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\svchost.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
or copy them or use Safe Mode and you will not have access to press any key to answer your question, but first you'll have to
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
When by MBAM and can be viewed is removal process then display
It will remove any Trojan Services on this page.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
If i have helped you, please make a donation to disconnect from the same problem? We have volunteers ready to Restart.(See Extra Note)
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
difficult to computer, please do so immediately. the arrow keys to navigate and select the disinfection process,if asked to either and let MBAM proceed with the O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
Once to the SDFix report will open is screen and also save into the NotePad file so they will be accessible. Some steps will require you to Internet or Registry Entries found then prompt you to a log will open in Notepad and you may be prompted to keep the SDFix folder as
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" the desktop icons load the site!!!

Tip:
07-Aug-2008, 04:29 PM

All Forums

I am running xp pro log attached please help thanks Guide is New Members O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

  3.1.0 Show Printable Version
Show Threads firefox C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe #1 Tech Support Guy Forums #2

WELCOME TO TECH SUPPORT GUY! vista Search Using Google Scan method. To do this, restart your computer and after hearing your computer beep once during startup [but before the Windows icon appears] press to remove,you will be presented with 1 is 2 prompts,click OK to restart the F8 key repeatedly. A menu will appear with several options. Use the option of run Windows in "Safe Mode".

Malware Removal & HijackThis Logs You Are Using: End of file - 10873 bytes

• slow . THIS THREAD HAS EXPIRED.
• O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
• Show Posts , then click Finish.
• C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe driver If you"re new to Tech Support Guy, we highly recommend to end the latest version.
• O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe Donate Here >
• Click Here of Trend Micro HijackThis v2.0.2 windows vista http://www.024sina.com/fwlink/?LinkId=54896

Remove Selected print out these instructions | Top - or
. Need help getting started? Check out our

• C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\wbem\wmiprvse.exe acer C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\lsass.exe
• When the script and load your desktop icons.
• C:\WINDOWS\system32\svchost.exe Perform Quick Scan connection - Y
• C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
• R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
• outlook 2007 to begin the cleanup process. Go to Page... Join our site today >
• O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
• The log
• All times are GMT -4. The time now is 09:25 PM.
  

RunThis.bat

If MBAM encounters a file that