Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

virusprotection2008 and other popups

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: virusprotection2008 and other popups

Unread postby empyreanlc » February 13th, 2009, 8:16 pm

ComboFix 09-02-05.01 - Andy II 2009-02-07 12:59:30.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.958.348 [GMT -5:00]
Running from: c:\documents and settings\Andy II\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Andy II\Desktop\CFScript.txt
AV: Norton Internet Security 2006 *On-access scanning enabled* (Outdated)
FW: Norton Internet Worm Protection *disabled*
* Created a new restore point

FILE ::
c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
c:\windows\awotowuwuq.dll
c:\windows\Kvadulazexizuxaw.dll
c:\windows\system32\asruxdnb.ini
c:\windows\system32\cbXOIxyW.dll
c:\windows\system32\dcwspssj.ini
c:\windows\system32\ffsvwgpi.ini
c:\windows\system32\gwaufbeh.ini
c:\windows\system32\ilptejtl.ini
c:\windows\system32\jkkHYOHB.dll
c:\windows\system32\khikatrm.ini
c:\windows\system32\ofhclomg.ini
c:\windows\system32\opdharhu.ini
c:\windows\system32\ovtcowma.ini
c:\windows\system32\qoMgfFWM
c:\windows\system32\ukdndhsv.ini
c:\windows\system32\wvUkLdCt.dll
c:\windows\system32\yjnlrudd.ini
c:\windows\system32\ypchckxx.ini
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Aaron\Application Data\DNA
c:\documents and settings\Aaron\Application Data\DNA\dht.dat
c:\documents and settings\Aaron\Application Data\DNA\dht.dat.old
c:\documents and settings\Aaron\Application Data\DNA\dna.lng
c:\documents and settings\Aaron\Application Data\DNA\resume.dat
c:\documents and settings\Aaron\Application Data\DNA\resume.dat.old
c:\documents and settings\Aaron\Application Data\DNA\rss.dat
c:\documents and settings\Aaron\Application Data\DNA\rss.dat.old
c:\documents and settings\Aaron\Application Data\DNA\settings.dat
c:\documents and settings\Aaron\Application Data\DNA\settings.dat.old
c:\documents and settings\Andy II\Application Data\BitTorrent
c:\documents and settings\Andy II\Application Data\BitTorrent\[a4e]Metal_Skin_Panic_Madox-01[divx5.1.1].mkv.torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\[ILA] MADOX-01.torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\Conan The Barbarian (Complete Score).torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\dht.dat
c:\documents and settings\Andy II\Application Data\BitTorrent\resume.dat
c:\documents and settings\Andy II\Application Data\BitTorrent\resume.dat.old
c:\documents and settings\Andy II\Application Data\BitTorrent\Rifts Backup.torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\Rifts World Books.torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\RIFTS.torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\rss.dat
c:\documents and settings\Andy II\Application Data\BitTorrent\settings.dat
c:\documents and settings\Andy II\Application Data\BitTorrent\settings.dat.old
c:\documents and settings\Andy II\Application Data\BitTorrent\The Rifter 1-30.rar.torrent
c:\documents and settings\Andy II\Application Data\cogad
c:\documents and settings\Andy II\Application Data\cogad\cogad.exe
c:\documents and settings\Andy II\Application Data\Twain
c:\documents and settings\Andy II\Application Data\VirusRemover2008
c:\documents and settings\Andy II\Application Data\VirusRemover2008\Logs\scns.log
c:\documents and settings\Andy II\Local Settings\Temporary Internet Files\fbk.sts
c:\program files\DNA
c:\program files\DNA\btdna.exe
c:\program files\DNA\DNAcpl.cpl
c:\program files\DNA\plugins\npbtdna.dll
c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
c:\program files\WebShow
c:\program files\WebShow\WebShow.dll
c:\windows\awotowuwuq.dll
c:\windows\Kvadulazexizuxaw.dll
c:\windows\system32\asruxdnb.ini
c:\windows\system32\cbXOIxyW.dll
c:\windows\system32\dcwspssj.ini
c:\windows\system32\ffsvwgpi.ini
c:\windows\system32\gwaufbeh.ini
c:\windows\system32\ilptejtl.ini
c:\windows\system32\jkkHYOHB.dll
c:\windows\system32\khikatrm.ini
c:\windows\system32\ofhclomg.ini
c:\windows\system32\opdharhu.ini
c:\windows\system32\ovtcowma.ini
c:\windows\system32\ukdndhsv.ini
c:\windows\system32\wvUkLdCt.dll
c:\windows\system32\yjnlrudd.ini
c:\windows\system32\ypchckxx.ini
c:\windows\Tasks\At25.job
c:\windows\Tasks\At26.job
c:\windows\Tasks\At27.job
c:\windows\Tasks\At28.job
c:\windows\Tasks\At29.job
c:\windows\Tasks\At30.job
c:\windows\Tasks\At31.job
c:\windows\Tasks\At32.job
c:\windows\Tasks\At33.job
c:\windows\Tasks\At34.job
c:\windows\Tasks\At35.job
c:\windows\Tasks\At36.job
c:\windows\Tasks\At37.job
c:\windows\Tasks\At38.job
c:\windows\Tasks\At39.job
c:\windows\Tasks\At40.job
c:\windows\Tasks\At41.job
c:\windows\Tasks\At42.job
c:\windows\Tasks\At43.job
c:\windows\Tasks\At44.job
c:\windows\Tasks\At45.job
c:\windows\Tasks\At46.job
c:\windows\Tasks\At47.job
c:\windows\Tasks\At48.job
c:\windows\Tasks\At49.job
c:\windows\Tasks\At50.job
c:\windows\Tasks\At51.job
c:\windows\Tasks\At52.job
c:\windows\Tasks\At53.job
c:\windows\Tasks\At54.job
c:\windows\Tasks\At55.job
c:\windows\Tasks\At56.job
c:\windows\Tasks\At57.job
c:\windows\Tasks\At58.job
c:\windows\Tasks\At59.job
c:\windows\Tasks\At60.job
c:\windows\Tasks\At61.job
c:\windows\Tasks\At62.job
c:\windows\Tasks\At63.job
c:\windows\Tasks\At64.job
c:\windows\Tasks\At65.job
c:\windows\Tasks\At66.job
c:\windows\Tasks\At67.job
c:\windows\Tasks\At68.job
c:\windows\Tasks\At69.job
c:\windows\Tasks\At70.job
c:\windows\Tasks\At71.job
c:\windows\Tasks\At72.job

.
((((((((((((((((((((((((( Files Created from 2009-01-07 to 2009-02-07 )))))))))))))))))))))))))))))))
.

2009-02-07 12:57 . 2009-02-07 12:57 <DIR> d-------- C:\32788R22FWJFW
2009-02-02 17:45 . 2009-02-02 17:45 <DIR> d-------- c:\documents and settings\Andy II\Application Data\vlc
2009-01-25 13:53 . 2009-01-25 13:29 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-01-25 13:29 . 2009-01-25 13:29 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-01-25 13:28 . 2009-01-25 13:28 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-25 02:56 . 2009-01-25 02:56 <DIR> d-------- c:\program files\Trend Micro
2009-01-25 02:30 . 2009-01-25 02:30 <DIR> d-------- c:\program files\Enigma Software Group
2009-01-23 19:35 . 2008-08-15 23:22 198,941 --a------ c:\windows\system32\nvapps.nvb
2009-01-23 19:34 . 2008-08-06 07:51 453,152 --a------ c:\windows\system32\NVUNINST.EXE
2009-01-23 19:33 . 2009-01-23 19:33 <DIR> d-------- C:\NVIDIA
2009-01-23 18:24 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\system32\D3DX9_40.dll
2009-01-23 18:24 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\system32\D3DCompiler_40.dll
2009-01-23 18:24 . 2008-10-27 10:04 514,384 --a------ c:\windows\system32\XAudio2_3.dll
2009-01-23 18:24 . 2008-10-10 04:52 452,440 --a------ c:\windows\system32\d3dx10_40.dll
2009-01-23 18:24 . 2008-10-27 10:04 235,856 --a------ c:\windows\system32\xactengine3_3.dll
2009-01-23 18:24 . 2008-10-27 10:04 70,992 --a------ c:\windows\system32\XAPOFX1_2.dll
2009-01-23 18:24 . 2008-10-27 10:04 23,376 --a------ c:\windows\system32\X3DAudio1_5.dll
2009-01-23 18:23 . 2009-01-23 18:28 <DIR> d--h----- c:\windows\msdownld.tmp
2009-01-23 18:05 . 2009-01-23 18:07 <DIR> d-------- c:\program files\Microsoft Games for Windows - LIVE
2009-01-23 17:54 . 2009-01-23 17:54 <DIR> d-------- c:\windows\system32\xlive
2009-01-23 15:55 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
2009-01-23 15:55 . 2006-12-08 12:02 251,672 --a------ c:\windows\system32\xactengine2_5.dll
2009-01-23 15:54 . 2009-01-23 15:54 <DIR> d-------- c:\windows\Logs
2009-01-23 14:19 . 2009-02-05 21:06 <DIR> d-------- c:\program files\Steam
2009-01-22 10:16 . 2009-02-05 21:07 <DIR> d-------- c:\documents and settings\Andy II\Application Data\OpenOffice.org2
2009-01-22 10:16 . 2009-01-22 10:16 <DIR> d-------- c:\documents and settings\Andy II\Application Data\NJStar
2009-01-19 18:41 . 2009-01-19 18:41 <DIR> d-------- c:\documents and settings\Andy II\Application Data\AdobeUM
2009-01-19 17:37 . 2009-01-19 18:07 56 --a------ c:\windows\kgt2k.INI
2009-01-19 17:36 . 53,052 c:\windows\,Q,cSi"ªŸcŸN?[Ÿ<,Q,Z,,.mid
2009-01-19 16:29 . 2009-01-19 16:29 <DIR> d-------- c:\documents and settings\Andy II\Application Data\acccore
2009-01-19 16:28 . 2009-01-19 16:29 <DIR> d-------- c:\program files\AIM Toolbar
2009-01-19 16:28 . 2009-01-19 16:28 <DIR> d-------- c:\program files\AIM Search
2009-01-19 04:45 . 2009-01-19 04:45 <DIR> d-------- c:\documents and settings\Andy II\Application Data\HP
2009-01-11 22:17 . 2009-02-05 21:06 54,156 --ah----- c:\windows\QTFont.qfn
2009-01-11 22:17 . 2009-01-11 22:17 1,409 --a------ c:\windows\QTFont.for
2009-01-11 07:07 . 2009-01-11 07:07 <DIR> d-------- c:\windows\system32\XPSViewer
2009-01-11 07:07 . 2009-01-11 07:07 <DIR> d-------- c:\program files\Reference Assemblies
2009-01-11 07:05 . 2009-01-11 07:11 <DIR> d-------- c:\windows\SxsCaPendDel
2009-01-11 07:05 . 2009-01-11 07:07 <DIR> d-------- C:\ed730cada51539590ca06baec8c5
2009-01-11 07:05 . 2008-07-06 07:06 1,676,288 --a------ c:\windows\system32\xpssvcs.dll
2009-01-11 07:05 . 2008-07-06 07:06 1,676,288 --------- c:\windows\system32\dllcache\xpssvcs.dll
2009-01-11 07:05 . 2008-07-06 05:50 597,504 --------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-01-11 07:05 . 2008-07-06 07:06 575,488 --a------ c:\windows\system32\xpsshhdr.dll
2009-01-11 07:05 . 2008-07-06 07:06 575,488 --------- c:\windows\system32\dllcache\xpsshhdr.dll
2009-01-11 07:05 . 2008-07-06 07:06 117,760 --a------ c:\windows\system32\prntvpt.dll
2009-01-11 07:05 . 2008-07-06 07:06 89,088 --------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-01-11 07:00 . 2009-01-11 07:00 <DIR> d-------- c:\program files\MSXML 6.0
2009-01-11 06:56 . 2009-01-11 06:56 <DIR> d-------- c:\program files\Wizards of the Coast

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-06 02:05 --------- d-----w c:\documents and settings\Andy II\Application Data\WTablet
2009-02-06 02:03 --------- d-----w c:\documents and settings\LocalService\Application Data\WTablet
2009-01-30 06:46 --------- d-----w c:\documents and settings\Aaron\Application Data\OpenOffice.org2
2009-01-30 06:45 --------- d-----w c:\documents and settings\Aaron\Application Data\WTablet
2009-01-25 18:28 --------- d-----w c:\program files\Lavasoft
2009-01-25 18:28 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-01-19 21:29 --------- d-----w c:\program files\AIM6
2009-01-19 21:28 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2009-01-17 19:43 --------- d-----w c:\documents and settings\Aaron\Application Data\Skype
2009-01-16 06:47 --------- d-----w c:\documents and settings\Aaron\Application Data\BitTorrent
2009-01-15 08:01 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-06 07:22 --------- d-----w c:\program files\Common Files\DirectX
2008-12-30 08:38 --------- d-----w c:\program files\Common Files\Blizzard Entertainment
2008-12-12 17:27 3,067,392 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-12 08:13 --------- d-----w c:\program files\Common Files\Software Update Utility
2008-12-12 08:13 --------- d-----w c:\documents and settings\All Users\Application Data\AIM Toolbar
2008-12-12 08:13 --------- d-----w c:\documents and settings\All Users\Application Data\acccore
2008-12-12 07:59 --------- d-----w c:\documents and settings\All Users\Application Data\AOL Downloads
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-11 11:57 333,184 ------w c:\windows\system32\dllcache\srv.sys
2007-01-20 00:36 88 --sh--r c:\windows\system32\4032A62C6F.sys
2007-01-20 00:36 2,516 -csha-w c:\windows\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of c:\windows\system32\xlive ----

2007-09-18 15:01 134144 --a------ c:\windows\system32\xlive\sqmapi.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-15 13570048]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 52840]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-02-20 185896]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-10-26 136600]
"EPSON Stylus CX4800 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE" [2005-02-02 98304]
"EPSON Stylus CX4800 Series (Copy 1)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE" [2005-02-02 98304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-31 385024]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-02-19 267048]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-15 86016]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-25 507224]
"SigmatelSysTrayApp"="stsystra.exe" [2006-08-15 c:\windows\stsystra.exe]
"nwiz"="nwiz.exe" [2008-08-15 c:\windows\system32\nwiz.exe]

c:\documents and settings\Aaron\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 393216]

c:\documents and settings\Andy II\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 393216]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL ACS"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\pol.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-01-25 64160]
R2 Dynex DX-WGPUSB WLService;Dynex Wireless G Enhanced Adapter Service;c:\program files\Dynex Wireless G Enhanced Adapter\WLService.exe [2008-05-12 49152]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 942416]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-02-15 24652]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2007-04-06 106808]
S3 padenum;Enumerador de dispositivos de NTPAD;c:\windows\system32\DRIVERS\padenum.sys --> c:\windows\system32\DRIVERS\padenum.sys [?]
S3 VendorJoystickEnabler;Driver para joystick paralelo de consola;c:\windows\system32\drivers\ntpad.sys --> c:\windows\system32\drivers\ntpad.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2009-02-01 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-25 13:29]

2009-02-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3941659726-3948666053-3483446295-1008.job
- c:\documents and settings\Andy II\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-05 21:21]

2009-02-07 c:\windows\Tasks\Norton AntiVirus - Run Full System Scan - Aaron.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe []
.
.
------- Supplementary Scan -------
.
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=5070117
mStart Page = hxxp://www.dell.com
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Andy II\Application Data\Mozilla\Firefox\Profiles\ato97zw1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/sli ... ie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/sli ... rab&query=
FF - plugin: c:\documents and settings\Andy II\Local Settings\Application Data\Google\Update\1.2.133.37\npGoogleOneClick7.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-07 13:04:59
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-02-07 13:16:34
ComboFix-quarantined-files.txt 2009-02-07 18:16:31
ComboFix2.txt 2009-02-06 02:11:32

Pre-Run: 6,460,796,928 bytes free
Post-Run: 6,423,334,912 bytes free

333 --- E O F --- 2009-01-15 08:01:09
empyreanlc
Active Member
 
Posts: 10
Joined: January 29th, 2009, 12:50 am
Advertisement
Register to Remove

Re: virusprotection2008 and other popups

Unread postby MikeSwim07 » February 14th, 2009, 9:39 am

Did you post the old ComboFix log or did you re-run ComboFix? Did you drag the old CFScipt.txt into combofix or did you make the new one above?

It appears that you have dragged the other CFScript.txt onto ComboFix. Please delete the CFScript.txt on your desktop and then follow the instructions for ComboFix in the previous post to run ComboFix again.

Please post the ComboFix log and a new Hijackthis log.
MikeSwim07
Regular Member
 
Posts: 4215
Joined: August 27th, 2007, 9:44 am
Location: Gone

Re: virusprotection2008 and other popups

Unread postby MikeSwim07 » February 17th, 2009, 8:29 am

Do you still need help?
MikeSwim07
Regular Member
 
Posts: 4215
Joined: August 27th, 2007, 9:44 am
Location: Gone

Re: virusprotection2008 and other popups

Unread postby Blade81 » February 20th, 2009, 4:14 am

Due to lack of response this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Blade81
Admin/Teacher
Admin/Teacher
 
Posts: 5245
Joined: July 17th, 2006, 3:36 am
Location: Finland
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 22 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware