We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
hi all
Comments
-
will run again0
-
RUNDLL32.EXE this has come up flagged by avg0
-
DDS (Ver_2011-06-23.01) - FAT32x86
Internet Explorer: 8.0.6001.18702
Run by user at 21:54:50 on 2011-08-12
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.183 [GMT 1:00]
.
AV: Outpost Security Suite *Enabled/Updated* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
FW: Outpost Security Suite *Enabled*
FW: PC Tools Firewall Plus *Enabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ===============
.
C:\Program Files\AVG\AVG10\AVGCHSVX.EXE
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG10\avgfws.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\TEMP\Application Data\Ozpmpa.exe
C:\Program Files\AVG\AVG10\avgam.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\AVG\AVG10\AVGRSX.EXE
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system320 -
I can see the Ozpmpa.exe problem so we can fix that but first you have multiple security programs installed. As you're using the paid version of AVG, uninstall Outlook Security suite. Let me know when you've done that.0
-
ok thanks will do0
-
When you've done that successfully, read through this below carefully first before doing it. If you're not sure about anything - ask me first. When you do it, your desktop might temporarily disappear - don't worry, it'll come back upon reboot.
Download OTM and save it to your Desktop.
http://oldtimer.geekstogo.com/OTM.exe- Double-click OTM.exe to run it.
:reg [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Ozpmpa"=- :files c:\documents and settings\temp\application data\Ozpmpa.exe :Commands [CreateRestorePoint] [EmptyTemp] [Reboot]
- Return to OTM, right click in the Paste instructions for Items to be Moved window (under the yellow bar) and choose Paste.
- Push the large MoveIt! button.
- OTM may ask to reboot the machine. Please do so if asked.
- The report should appear in Notepad after the reboot. Copy/paste the contents of that report back here in your next reply.
0 -
thanks will do tomorow as getting a bit late.. check back when you can will do saturday as its my day off avg seems to be keeping it safe. will do first thing again thanks for your help.. very much appreciated0
-
No problem - Just don't let that file (Ozpmpa.exe) connect to the internet. From what you said in post #14 the AVG firewall is blocking it for now.0
-
ll processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ozpmpa deleted successfully.
========== FILES ==========
File/Folder c:\documents and settings\temp\application data\Ozpmpa.exe not found.
========== COMMANDS ==========
Restore point Set: OTM Restore Point (0)
[EMPTYTEMP]
User: Default User
->Temp folder emptied: 20265990 bytes
->Temporary Internet Files folder emptied: 33739 bytes
->Flash cache emptied: 56468 bytes
User: All Users
User: NetworkService
->Temp folder emptied: 3279796 bytes
->Temporary Internet Files folder emptied: 92463905 bytes
User: LocalService
->Temp folder emptied: 102700 bytes
->Temporary Internet Files folder emptied: 344358 bytes
User: user
->Temp folder emptied: 724603 bytes
->Temporary Internet Files folder emptied: 82900984 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 5440 bytes
User: Owner
User: Guest
->Temp folder emptied: 26360709 bytes
->Temporary Internet Files folder emptied: 109772032 bytes
->Flash cache emptied: 3698 bytes
User: Administrator
->Temp folder emptied: 20265990 bytes
->Temporary Internet Files folder emptied: 112080 bytes
->Flash cache emptied: 2836 bytes0 -
sorry had a jack daniels and went for it hope this is ik0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.4K Banking & Borrowing
- 253.7K Reduce Debt & Boost Income
- 454.4K Spending & Discounts
- 245.5K Work, Benefits & Business
- 601.3K Mortgages, Homes & Bills
- 177.6K Life & Family
- 259.3K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards