Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Popups And Evil Url Shortcuts


  • Please log in to reply
3 replies to this topic

#1 magicalmonkeyguy

magicalmonkeyguy

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:24 PM

Posted 28 February 2008 - 12:17 AM

ok so heres my problem.

every time i Logon to my computer there are 3 URL shortcuts that would take me to a so called anti-virus site, and most likely download some sort of Trojan or other sort of virus.

also i get annoying "windows pop-ups" telling me i have a virus that also sometimes open a URL that tries to download a Trojan.

when i run ComboFix it fixes the problem for a while but opon restart everything is back.

COMBO FIX LOG

ComboFix 08-02-25.2 - Steven 2008-02-27 20:57:59.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1455 [GMT -8:00]
Running from: C:\Documents and Settings\Steven\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Steven\Desktop\Error Cleaner.url
C:\Documents and Settings\Steven\Desktop\Privacy Protector.url
C:\Documents and Settings\Steven\Desktop\Spyware&Malware Protection.url
C:\Documents and Settings\Steven\Favorites\Error Cleaner.url
C:\Documents and Settings\Steven\Favorites\Privacy Protector.url
C:\Documents and Settings\Steven\Favorites\Spyware&Malware Protection.url

.
((((((((((((((((((((((((( Files Created from 2008-01-28 to 2008-02-28 )))))))))))))))))))))))))))))))
.

2008-02-27 19:55 . 2008-02-27 19:55 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-27 17:42 . 2008-02-27 17:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-26 22:34 . 2007-11-21 21:07 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Roxio
2008-02-26 22:34 . 2007-11-21 20:46 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InstallShield
2008-02-26 22:34 . 2007-11-21 20:59 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\GTek
2008-02-24 20:40 . 2008-02-24 20:40 34 --a------ C:\WINDOWS\AW_HIKA.INI
2008-02-24 20:40 . 2008-02-24 20:40 34 --a------ C:\WINDOWS\AW_GEND.INI
2008-02-24 16:11 . 2008-02-24 03:07 335,872 --a------ C:\WINDOWS\bxlrvps.dll
2008-02-24 16:11 . 2008-02-24 03:07 294,912 --a------ C:\WINDOWS\alofkmn.dll
2008-02-24 16:11 . 2008-02-24 03:07 90,112 --a------ C:\WINDOWS\fkxvkns.exe
2008-02-24 15:55 . 2008-02-24 15:56 40 --a------ C:\WINDOWS\AW_REI.INI
2008-02-24 15:52 . 2008-02-24 15:52 32 --a------ C:\WINDOWS\AW_SHIN.INI
2008-02-24 15:51 . 2008-02-24 20:40 48 --a------ C:\WINDOWS\AW_ASKA.INI
2008-02-22 21:20 . 2008-02-22 23:00 171 --a------ C:\WINDOWS\icecast2.ini
2008-02-22 21:08 . 2008-02-22 22:28 <DIR> d-------- C:\Documents and Settings\Steven\Application Data\Winamp
2008-02-20 21:21 . 2008-02-26 20:54 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-20 21:21 . 2008-02-20 21:21 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-13 21:43 . 2008-02-13 21:43 4 --a------ C:\WINDOWS\system32\ulfconfig0103.ulf
2008-02-13 17:36 . 2008-02-13 17:36 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
2008-02-10 16:46 . 2008-02-10 16:46 113,116 --a------ C:\WINDOWS\xobglu32.dll
2008-02-10 16:46 . 2008-02-10 16:46 63,488 --a------ C:\WINDOWS\xobglu16.dll
2008-02-09 18:37 . 2008-02-09 18:37 <DIR> d--h----- C:\WINDOWS\PIF
2008-02-09 13:23 . 2008-02-09 13:31 528 -r-hs---- C:\WINDOWS\PCGWIN32.LI4
2008-02-09 12:56 . 2008-02-09 12:57 <DIR> d-------- C:\Program Files\ShoopedLife
2008-02-09 07:56 . 2008-02-09 07:56 <DIR> d-------- C:\Program Files\Disney
2008-02-06 22:33 . 2008-02-12 20:51 <DIR> d-------- C:\Documents and Settings\Steven\Application Data\Corel
2008-02-06 20:12 . 2008-02-06 20:12 <DIR> d-------- C:\Documents and Settings\Steven\Application Data\968 Series
2008-02-06 06:33 . 2008-02-26 16:36 <DIR> d-------- C:\Documents and Settings\All Users\Dl_cats
2008-02-06 06:32 . 2008-02-06 06:33 <DIR> d-------- C:\logs
2008-02-06 06:32 . 2007-08-03 09:08 348,160 --a------ C:\WINDOWS\system32\dldocoin.dll
2008-02-06 06:32 . 2006-07-31 21:53 40,960 --a------ C:\WINDOWS\system32\dldovs.dll
2008-02-06 06:31 . 2007-09-06 12:40 692,224 --a------ C:\WINDOWS\system32\dldodrs.dll
2008-02-06 06:31 . 2001-08-17 22:36 87,040 --a------ C:\WINDOWS\system32\wiafbdrv.dll
2008-02-06 06:31 . 2001-08-17 22:36 87,040 --a------ C:\WINDOWS\system32\dllcache\wiafbdrv.dll
2008-02-06 06:31 . 2007-06-14 12:45 69,632 --a------ C:\WINDOWS\system32\dldocnv4.dll
2008-02-06 06:31 . 2007-08-31 10:51 65,536 --a------ C:\WINDOWS\system32\dldocaps.dll
2008-02-06 06:31 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-06 06:31 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys
2008-02-06 06:30 . 2008-02-06 06:30 <DIR> d-------- C:\My Music
2008-02-06 06:29 . 2008-02-06 06:29 <DIR> d-------- C:\Program Files\Corel
2008-02-06 06:29 . 2008-02-06 06:30 <DIR> d-------- C:\Program Files\Common Files\Corel
2008-02-06 06:28 . 2008-02-06 06:29 <DIR> d-------- C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-02-06 05:58 . 2008-02-06 05:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\968 Series
2008-02-06 05:58 . 2007-07-19 07:21 339,968 --a------ C:\WINDOWS\system32\IMGMAN32.DLL
2008-02-06 05:58 . 2007-07-19 07:21 98,345 --a------ C:\WINDOWS\system32\IMHOST32.DLL
2008-02-06 05:58 . 2007-07-19 07:21 98,304 --a------ C:\WINDOWS\system32\IM31XPNG.DEL
2008-02-06 05:58 . 2007-07-19 07:21 69,632 --a------ C:\WINDOWS\system32\IM31XTIF.DEL
2008-02-06 05:58 . 2007-07-19 07:21 49,152 --a------ C:\WINDOWS\system32\IM31IMG.DIL
2008-02-06 05:58 . 2007-06-11 05:01 49,152 --a------ C:\WINDOWS\system32\dldooem.dll
2008-02-06 05:58 . 2007-09-17 06:24 45,056 --a------ C:\WINDOWS\system32\DLDOPMON.DLL
2008-02-06 05:58 . 2007-09-17 06:24 32,768 --a------ C:\WINDOWS\system32\DLDOFXPU.DLL
2008-02-06 05:58 . 2007-09-17 06:26 12,288 --a------ C:\WINDOWS\system32\DLDOPMRC.DLL
2008-02-05 22:20 . 2008-02-06 06:31 <DIR> d-------- C:\Program Files\Dell 968 AIO Printer
2008-02-05 22:18 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-01-28 09:20 . 2008-01-30 19:58 <DIR> d-------- C:\Program Files\WebcamMax

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-28 04:57 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-02-28 04:01 --------- d-----w C:\Program Files\Steam
2008-02-28 03:57 --------- d-----w C:\Documents and Settings\Steven\Application Data\WTablet
2008-02-24 19:52 --------- d-----w C:\Program Files\World of Warcraft
2008-02-24 01:15 --------- d-----w C:\Documents and Settings\Steven\Application Data\LimeWire
2008-02-21 15:45 --------- d-----w C:\Documents and Settings\LocalService\Application Data\WTablet
2008-02-18 20:07 --------- d-----w C:\Program Files\Project64 1.6
2008-02-09 21:07 --------- d-----w C:\Documents and Settings\Steven\Application Data\SecondLife
2008-02-09 01:32 --------- d-----w C:\Program Files\Google
2008-01-28 17:48 --------- d-----w C:\Program Files\Macromedia
2008-01-28 17:48 --------- d-----w C:\Program Files\Common Files\Macromedia
2008-01-26 03:26 --------- d-----w C:\Program Files\Springboard
2008-01-26 03:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Six Mile Creek Systems
2008-01-25 07:13 --------- d-----w C:\Program Files\Sony
2008-01-24 06:55 --------- d-----w C:\Program Files\NIGHTSTUD V1.0d
2008-01-24 06:07 --------- d-----w C:\Program Files\Java
2008-01-24 02:23 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-01-24 02:23 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2008-01-24 02:23 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-01-24 02:23 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-01-24 02:23 --------- d-----w C:\Program Files\Symantec
2008-01-24 02:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-24 02:14 --------- d-----w C:\Documents and Settings\Steven\Application Data\Yahoo!
2008-01-24 02:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-01-24 02:02 --------- d-----w C:\Program Files\Yahoo!
2008-01-21 20:30 --------- d-----w C:\Program Files\Pcsx2_0.9.4
2008-01-19 23:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Magix Shared
2008-01-19 23:16 --------- d-----w C:\Program Files\MAGIX
2008-01-19 23:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\MAGIX
2008-01-19 04:47 --------- d-----w C:\Program Files\Audacity
2008-01-14 05:35 --------- d-----w C:\Program Files\Common Files\DirectX
2008-01-12 07:32 --------- d-----w C:\Program Files\Swypeout Battle Racing
2008-01-12 01:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-11 05:14 --------- d-----w C:\Program Files\Microsoft Games
2008-01-11 05:00 --------- d-----w C:\Program Files\Logitech
2008-01-11 05:00 --------- d-----w C:\Program Files\Common Files\Logitech
2008-01-09 04:07 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment
2008-01-07 03:06 --------- d-----w C:\Program Files\Blender Foundation
2008-01-05 15:28 --------- d-----w C:\Program Files\Common Files\Thraex Software
2008-01-05 12:07 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-01-05 07:18 --------- d-----w C:\Program Files\Matroska Pack
2008-01-05 04:31 --------- d-----w C:\Documents and Settings\Steven\Application Data\Media Player Classic
2008-01-03 21:18 --------- d-----w C:\Documents and Settings\Steven\Application Data\Atari
2008-01-03 20:49 --------- d-----w C:\Program Files\Common Files\PocketSoft
2008-01-03 20:49 --------- d-----w C:\Documents and Settings\Steven\Application Data\Leadertech
2008-01-03 20:43 --------- d-----w C:\Program Files\Atari
2008-01-03 08:56 --------- d-----w C:\Program Files\Game Cam
2008-01-01 08:31 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-31 02:11 --------- d-----w C:\Documents and Settings\Steven\Application Data\Xfire
2007-12-31 02:07 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\Xfire
2007-12-30 22:30 --------- d-----w C:\Program Files\LucasFan Games
2007-12-30 09:42 --------- d-----w C:\Documents and Settings\Steven\Application Data\Apple Computer
2007-12-30 09:26 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-30 01:58 --------- d-----w C:\Program Files\QuickTime
2007-12-30 01:47 --------- d-----w C:\Documents and Settings\Steven\Application Data\ArcSoft
2007-12-30 01:46 --------- d-----w C:\Program Files\Common Files\ArcSoft
2007-12-30 01:46 --------- d-----w C:\Program Files\ArcSoft
2007-12-30 01:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-30 01:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-12-29 10:08 --------- d-----w C:\Program Files\Sonic Foundry
2007-12-29 10:08 --------- d-----w C:\Program Files\Pure Motion
2007-12-29 10:08 --------- d-----w C:\Program Files\DebugMode
2007-12-29 08:37 --------- d-----w C:\Program Files\Sony Setup
2007-12-29 08:34 --------- d-----w C:\Documents and Settings\Steven\Application Data\Sony
2007-12-29 08:34 --------- d-----w C:\Documents and Settings\Steven\Application Data\Publish Providers
2007-12-29 08:01 --------- d-----w C:\Program Files\MSBuild
2007-12-29 07:58 --------- d-----w C:\Program Files\Reference Assemblies
2007-12-29 07:47 --------- d-----w C:\Documents and Settings\Steven\Application Data\Sony Setup
2007-12-29 07:39 --------- d-----w C:\Program Files\MagicISO
2007-12-29 06:11 --------- d-----w C:\Program Files\LimeWire
2007-12-29 04:06 --------- d--h--r C:\Documents and Settings\Steven\Application Data\SecuROM
2007-12-29 03:37 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-12-28 10:05 --------- d-----w C:\Program Files\Xvid
2007-12-28 09:01 --------- d-----w C:\Program Files\Common Files\AIPTEK HD-DV
2007-12-18 09:51 179,584 ------w C:\WINDOWS\system32\dllcache\mrxdav.sys
2007-12-14 19:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2007-12-11 22:34 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-12-11 22:34 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-12-06 10:05 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:38 550,912 ------w C:\WINDOWS\system32\dllcache\oleaut32.dll
2007-11-22 04:48 76 -csh--r C:\WINDOWS\CT4CET.bin
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 10:09 460784]
"Steam"="c:\program files\steam\steam.exe" [2007-12-25 19:54 1266936]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 08:24 1694208]
"AIM"="C:\Program Files\AIM\aim.exe" [2006-08-01 15:35 67112]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-07-11 06:15 198704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-07-09 20:21 851968]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-06 13:39 8429568]
"nwiz"="nwiz.exe" [2007-06-06 13:40 1626112 C:\WINDOWS\system32\nwiz.exe]
"NVHotkey"="nvHotkey.dll" [2007-06-06 13:39 67584 C:\WINDOWS\system32\nvhotkey.dll]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-06 13:39 81920]
"OEM02Mon.exe"="C:\WINDOWS\OEM02Mon.exe" [2007-08-28 12:54 36864]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2007-07-03 11:57 1228800]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2007-03-16 01:10 1392640]
"DELL Webcam Manager"="C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 14:43 118784]
"SigmatelSysTrayApp"="stsystra.exe" [2007-07-09 20:03 405504 C:\WINDOWS\stsystra.exe]
"KADxMain"="C:\WINDOWS\system32\KADxMain.exe" [2006-11-02 12:05 282624]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 09:35 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 09:37 81920]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 09:22 221184]
"RoxioDragToDisc"="C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 07:00 1116920]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-04-16 14:10 184320]
"dscactivate"="c:\dell\dsca.exe" [2007-07-30 02:40 16384]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"ECenter"="C:\Dell\E-Center\EULALauncher.exe" [2007-05-24 05:03 17920]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56 286720]
"ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-10-08 10:03 31232]
"Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe" [2007-09-25 15:03 93208]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [2007-10-26 15:42 509224]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 21:59 115816]
"osCheck"="C:\PROGRA~1\Symantec\osCheck.exe" [2007-01-13 23:11 771704]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2008-01-23 22:07 77824]
"WebcamMaxMoniter"="C:\Program Files\WebcamMax\CAMTHINS.exe" [2007-01-16 02:57 81920]
"dldomon.exe"="C:\Program Files\Dell 968 AIO Printer\dldomon.exe" [2007-10-05 05:30 455920]
"MemoryCardManager"="C:\Program Files\Dell 968 AIO Printer\memcard.exe" [2007-10-05 05:30 410864]
"Dell 968 AIO Printer Fax Server"="C:\Program Files\Dell 968 AIO Printer\fm3032.exe" [2007-10-05 05:31 312560]
"WinampAgent"="E:\Program Files\Winamp\winampa.exe" [2008-01-15 14:54 37376]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe" [2007-03-21 01:33 478800]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-01-01 00:31:25 113664]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-11-21 20:46:42 50688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"bxlrvps"= {AC9E2185-6FB9-4C9C-A531-01F303C11BD0} - C:\WINDOWS\bxlrvps.dll [2008-02-24 03:07 335872]
"alofkmn"= {ECE27AAE-50D0-4747-9310-181FF8D65CBE} - C:\WINDOWS\alofkmn.dll [2008-02-24 03:07 294912]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\dldocoms.exe"=
"C:\\Program Files\\Dell 968 AIO Printer\\dldomon.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldopswx.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldotime.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldojswx.exe"=
"C:\\Program Files\\Dell 968 AIO Printer\\dldoaiox.exe"=

R1 DLARTL_M;DLARTL_M;C:\WINDOWS\system32\Drivers\DLARTL_M.SYS [2006-08-11 08:35]
R2 ACDaemon;ArcSoft Connect Daemon;C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2007-10-08 10:03]
R2 CamthWDM;WebcamMax, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\CamthWDM.sys [2007-01-10 21:39]
R2 dldo_device;dldo_device;C:\WINDOWS\system32\dldocoms.exe [2007-10-05 05:30]
R2 TabletServiceWacom;TabletServiceWacom;C:\WINDOWS\system32\Wacom_Tablet.exe [2007-09-07 11:40]
R3 DXEC02;DXEC02;C:\WINDOWS\system32\drivers\dxec02.sys [2006-11-02 10:31]
R3 OEM02Dev;Creative Camera OEM002 Driver;C:\WINDOWS\system32\DRIVERS\OEM02Dev.sys [2007-08-28 12:54]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\WINDOWS\system32\DRIVERS\OEM02Vfx.sys [2007-08-28 12:55]
R3 wacommousefilter;Wacom Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11:12]
R3 wacomvhid;Wacom Virtual Hid Driver;C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 10:30]
R3 WacomVKHid;Virtual Keyboard Driver;C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 16:11]
S2 dldoCATSCustConnectService;dldoCATSCustConnectService;C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldoserv.exe [2007-10-05 05:30]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18]

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2008-02-22 03:45:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-19 04:01:04 C:\WINDOWS\Tasks\Norton Security Online - Run Full System Scan - Steven.job"
- C:\PROGRA~1\Symantec\Norton AntiVirus\Navw32.exeh/TASK:
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-27 21:02:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-27 21:03:08
ComboFix-quarantined-files.txt 2008-02-28 05:03:06
ComboFix2.txt 2008-02-27 07:02:10
.
2008-02-27 00:28:49 --- E O F ---

END LOG

is there any way to get rid of this problem for good?

Full virus scan says nothing is wrong, what elce can i do?

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,987 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:24 PM

Posted 29 February 2008 - 01:24 AM

:flowers: to BC magicalmonkeyguy,

Combofix is a powerful tool intended by its creator to be used under the direction of an expert, NOT for private use. You should NOT use Combofix unless a Malware Removal Expert has told you to. Improper use of this tool can seriously damage your operating system and may even prevent it from starting again. Please read Combofix's Disclaimer.

Please follow the directions in this guide. If you cannot do a step, then skip it and go to the next. Then create an HJT log, you will find the directions in Step 9 of the guide.

Create a new topic in the HJT forum, not here and give it a good descriptive title. Briefly summarize what the problems are, what you have done to try to solve it, and what worked and didn't work. Paste in your HJT log being sure to include the Top Portion of the log which lists the version information.

After you post your log, DO NOT make any further changes to your computer: deleting files, editing the registry, using special fix tools, installing or uninstalling software etc. as this will make it more difficult for the HJT team to help you.

When you have created your new thread, please post the link to your HJT thread as a reply to this thread so we know you are receiving help from the HJT team.

Please be patient as the HJT team is very busy. DO NOT bump your log as the team may think that someone is already helping you. If you have not had a response in five days, add a response to the five days no response topic and paste in the link to your thread.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 magicalmonkeyguy

magicalmonkeyguy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:24 PM

Posted 29 February 2008 - 11:21 PM

new topic

Edited by magicalmonkeyguy, 29 February 2008 - 11:23 PM.


#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,987 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:24 PM

Posted 01 March 2008 - 01:01 AM

Thanks for posting the link to your log magicalmonkeyguy. Good luck getting your infections sorted out and your computer up and running properly.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users