rqvnlv encountered a problem and needs to close

Try these tools and show us the logs.
Download Malwarebytes' Anti-Malware to your desktop, check for the tool's Updates before running a scan.
http://www.malwarebytes.org/mbam.php


Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
 

Hi rpgamergirl
since posting the request i went and looked in the process list and found a few processes that looked funny to me.
afisicx.exe
mabidwe.exe
solewxte.exe

I stopped these processes and ran spybot search and destroy which found and removed the affected files(apparently). I am already running malwarebytes in safe mode to double check but I will respond when it is done and I have checked the registry to see if these processes are still there.

well isn't this interesting,
not only could I NOT stop AVG from running, I can't even uninstall it from this system. I did find the infections in the registry but could not delete them.  Any ideas?? I am open to suggestions right now but will reformat this thing to simplify the matter. Here is the COMBOFIX log for your looksee.

thanks in advance
log.txt

How to disable AVG's Resident Shield.
Right click the AVG icon and click Open.
In the Overview panel click on Resident Sheild > Uncheck the Resident Sheild Active box > Save Changes

 
afisicx.exe
mabidwe.exe
solewxte.exe
The above files are not showing in combofix log but combofix had deleted the drivers.
 

Run combofix again using this script.
1. Open Notepad.
2. Now copy/paste the text between the lines below into the Notepad window:
------------------------------------------------------------------------
File::
c:\windows\system32\tdctxte.exe
c:\windows\system32\28F.tmp
c:\windows\system32\286.tmp
c:\windows\adobe.bat
c:\windows\_id.dat

Driver::
tdctxte
------------------------------------------------------------------------
3. Save the above as CFScript.txt on your desktop.
4. Then drag the CFScript.txt into ComboFix.exe. This will start ComboFix again.

 

rpggamergirl:
this is the reuslt of your directions. I'm new to Combofix so tell me does this look like it did the trick?



thanks in advance
ComboFix.txt

in regedit I did find an entry for mabidwe.exe in

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\applets\regedit   which was under the last key entry and ended with LEGACY_MABIDWE

will this affect the system later on or is it ok?

Hi rpggamergirl:
first of all thanks for all your help. this has seemed to do the trick for this laptop. second of all THANKS FOR ALL YOUR HELP!!  lol this was a messy system to work on with viruses and malware on all his jump drives and supposedly safe and secure backups. I have never used the Combofix before but it works great on those things that just wouldn't go away at the end.

again,,, thanks

TrueGeek,

You're welcome, glad we could assist.
To uninstall Combofix:
Go to Start > Run and 'copy and paste' next command in the field:

ComboFix /u

The above procedure will remove all files belonging to or related to Combofix(as well as its created backup) and will also reset System Restore.

Thanks!