Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

automatic updates wont turn on


  • Please log in to reply
1 reply to this topic

#1 arabelle

arabelle

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 24 December 2008 - 01:23 AM

My automatic updates wont turn on when i turn it to automatic and then click start i get Error: 1058 and i keep getting pop-ups.

DDS (Version 1.1.0) - NTFSx86
Run by admin at 1:00:46.48 on Wed 12/24/2008
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.89 [GMT -5:00]

AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Documents and Settings\admin\Application Data\gadcom\gadcom.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\admin\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.adelphia.net/
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://www.irfanview.net/faq.htm
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: c:\windows\system32\xxyvusPj.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: c:\windows\system32\ozjcwg.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\3.0.1225.9868\swg.dll
BHO: c:\windows\system32\fccyxwvu.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
TB: Veoh Browser Plug-in: {D0943516-5076-4020-A3B5-AEFAF26AB263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Veoh] "c:\program files\veoh networks\veoh\VeohClient.exe" /VeohHide
uRun: [<NO NAME>]
uRun: [gadcom] "c:\documents and settings\admin\application data\gadcom\gadcom.exe" 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\UdaterUI.exe" /StartedFromRunKey
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [c8002f79] rundll32.exe "c:\windows\system32\xkopubbn.dll",b
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Notify: AtiExtEvent - Ati2evxx.dll
Notify: xxyvusPj - xxyvusPj.dll
AppInit_DLLs: ozjcwg.dll
c:\windows\system32\xxyvusPj.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\fccyxwvu

============= SERVICES / DRIVERS ===============

R1 mferkdk;VSCore mferkdk;\??\c:\program files\mcafee\virusscan enterprise\mferkdk.sys [2006-11-30 31944]
R2 McAfeeFramework;McAfee Framework Service;"c:\program files\mcafee\common framework\FrameworkService.exe" /ServiceStart [2008-7-3 104000]
R2 McShield;McAfee McShield;"c:\program files\mcafee\virusscan enterprise\Mcshield.exe" [2006-11-30 144960]
R2 McTaskManager;McAfee Task Manager;"c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe" [2006-11-30 54872]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2008-7-3 72264]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2008-7-3 34152]
R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2008-7-3 168776]
R3 OZSCR;O2Micro SmartCardBus Smartcard Reader;c:\windows\system32\drivers\ozscr.sys [2008-7-3 92550]

=============== Created Last 30 ================

2008-12-24 00:41 <DIR> --d----- c:\program files\trend micro
2008-12-24 00:15 250 a------- c:\windows\gmer.ini
2008-12-23 23:25 1,661,209 ---sh--- c:\windows\system32\nbbupokx.ini
2008-12-23 23:25 92,160 a------- c:\windows\system32\xkopubbn.dll
2008-12-23 23:19 130,048 a------- c:\windows\system32\ozjcwg.dll
2008-12-23 23:19 130,048 a------- c:\windows\system32\ebuycexc.dll
2008-12-22 23:14 <DIR> --d----- c:\windows\system32\LogFiles
2008-12-22 23:14 1,661,209 ---sh--- c:\windows\system32\ieqnwuxs.ini
2008-12-22 23:14 92,160 -------- c:\windows\system32\sxuwnqei.dll
2008-12-22 23:11 131,584 a------- c:\windows\system32\cmynje.dll
2008-12-22 23:11 131,584 a------- c:\windows\system32\gdnfolhr.dll
2008-12-22 23:08 737 a--sh--- c:\windows\system32\uvwxyccf.ini2
2008-12-22 23:08 737 a--sh--- c:\windows\system32\uvwxyccf.ini
2008-12-22 23:07 293,376 a------- c:\windows\system32\fccyxwvu.dll
2008-12-22 23:03 <DIR> --d----- c:\docume~1\admin\applic~1\gadcom
2008-12-22 23:02 45,056 a------- c:\windows\system32\pmnkIAqP.dll
2008-12-22 23:02 58,880 a------- c:\windows\system32\xxyvusPj.dll
2008-12-22 23:02 70,656 a------- c:\windows\system32\prunnet.exe
2008-12-22 23:02 <DIR> --d----- C:\QUARANTINE
2008-12-16 13:17 221,184 a------- c:\windows\system32\wmpns.dll
2008-12-10 22:15 <DIR> --d----- c:\docume~1\admin\applic~1\Shape games
2008-12-10 19:05 <DIR> --d----- c:\docume~1\admin\applic~1\Artogon
2008-12-09 22:19 1,409 a------- c:\windows\system32\tmpD6EE1.FOT
2008-12-09 22:19 1,409 a------- c:\windows\system32\tmpBEDE1.FOT
2008-12-09 22:19 1,409 a------- c:\windows\system32\tmp9BDE1.FOT
2008-12-09 22:19 1,409 a------- c:\windows\system32\tmp55DE1.FOT
2008-12-09 22:19 1,409 a------- c:\windows\system32\tmp54EE1.FOT
2008-12-09 22:19 1,409 a------- c:\windows\system32\tmp31EE1.FOT
2008-12-09 18:50 <DIR> --d----- c:\program files\Mortimer and the Enchanted Castle
2008-12-09 18:49 <DIR> --d----- c:\program files\ReflexiveArcade
2008-12-08 21:33 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Gold Casual Games
2008-12-08 21:33 <DIR> --d----- c:\docume~1\admin\applic~1\Gold Casual Games
2008-12-05 20:22 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SpinTop Games
2008-12-05 19:14 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SpinTopV1005
2008-11-30 18:30 1,409 a------- c:\windows\system32\tmpD0988.FOT
2008-11-30 18:30 1,409 a------- c:\windows\system32\tmp94988.FOT
2008-11-30 18:30 1,409 a------- c:\windows\system32\tmp7C888.FOT
2008-11-30 18:30 1,409 a------- c:\windows\system32\tmp53988.FOT
2008-11-30 18:30 1,409 a------- c:\windows\system32\tmp17988.FOT
2008-11-30 18:30 1,409 a------- c:\windows\system32\tmp09988.FOT
2008-11-30 16:50 <DIR> --d----- c:\docume~1\admin\applic~1\SpinTop Games
2008-11-30 00:48 <DIR> --d----- c:\docume~1\admin\applic~1\SpinTop
2008-11-28 14:56 <DIR> --d----- c:\docume~1\admin\applic~1\Sandlot Games
2008-11-28 14:56 <DIR> --dsh--- c:\windows\ftpcache
2008-11-28 14:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Trymedia
2008-11-28 14:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NeoEdge Networks

==================== Find3M ====================

2008-11-10 05:43 410,984 a------- c:\windows\system32\deploytk.dll
2008-10-23 07:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-16 15:38 826,368 a------- c:\windows\system32\wininet.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-03 05:02 247,326 a------- c:\windows\system32\strmdll.dll

============= FINISH: 1:02:51.53 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Rosty

Rosty

    Skydive junkie


  • Malware Response Team
  • 1,220 posts
  • OFFLINE
  •  
  • Local time:06:47 PM

Posted 05 January 2009 - 05:54 AM

Hi,

sorry for the delay in getting back to you.
If you still needs help, please do next:

Click here to download HijackThis.
Save HJTInstall.exe to your Desktop.
Double click on the HJTInstall.exe icon to start the program.
By default it will install to C:\Program Files\Trend Micro\HijackThis
After the final dialogue box it will launch HijackThis.

Click on the scan button. It will scan and then ask you to save the log.
Save the log, and post me it in your next reply.
Posted Image
Proud member of ASAP since 2007




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users