|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
|
|
LinkBack | Thread Tools |
07-04-2009, 11:48 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jul 2009
Posts: 3
OS: WINDOWS XP
|
Overclick findings??
I had run into the overclick.com thing where it jumps me from one link to another when i try to google it. I found the website and tried what you guys had recommended to another user. it worked great but you guys had asked to post the text so here i am
ComboFix 09-07-04.04 - Owner 07/05/2009 1:34.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.638.425 [GMT -4:00] Running from: c:\documents and settings\Owner\My Documents\fixcombo.exe AV: McAfee VirusScan *On-access scanning disabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall Plus *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\95209206.ini c:\program files\Manson\liser.dll c:\windows\Installer\1324b.msi c:\windows\system32\drivers\SKYNEToyalcfir.sys c:\windows\system32\drivers\UACikrdtdpmbjfjjtk.sys c:\windows\system32\mlfcache.dat c:\windows\system32\net.net c:\windows\system32\SKYNETdiigpjct.dll c:\windows\system32\SKYNETposrmtus.dll c:\windows\system32\SKYNETqddamyau.dat c:\windows\system32\SKYNETvupunvmc.dat c:\windows\system32\UACbrmrconkoafqdsd.dll c:\windows\system32\UACdppbnjnkvstbdpjvm.log c:\windows\system32\UACdpxvbsgidxnulum.dll c:\windows\system32\uacinit.dll c:\windows\system32\UACjcfcmehewpsyavnkw.dll c:\windows\system32\UACjeafhbwgftlwbiuxk.log c:\windows\system32\UAClamyxyqxhosrrvbxr.dll c:\windows\system32\UACrnvxuxovmyxfltofx.dll c:\windows\system32\UACsfnitpwwkyoffmt.dll c:\windows\system32\UACwsxelqehkffeogm.dll c:\windows\system32\UACxnujibejxtxvrjoob.dll c:\windows\system32\UACyisypbsblsgsbxv.dat D:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SKYNETednhioyx ((((((((((((((((((((((((( Files Created from 2009-06-05 to 2009-07-05 ))))))))))))))))))))))))))))))) . 2009-06-30 04:08 . 2009-06-30 04:08 1915520 ----a-w- c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe 2009-06-24 08:03 . 2009-07-04 06:36 117760 ----a-w- c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-06-24 08:01 . 2009-06-24 08:01 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-06-21 05:31 . 2009-06-21 05:31 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\WMTools Downloaded Files 2009-06-21 02:33 . 2009-06-21 02:33 -------- d-----w- c:\program files\iPod 2009-06-21 02:32 . 2009-06-21 02:33 -------- d-----w- c:\program files\iTunes 2009-06-21 02:31 . 2009-06-21 02:31 -------- d-----w- c:\program files\QuickTime 2009-06-21 02:29 . 2009-06-21 02:29 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe 2009-06-21 00:45 . 2009-07-05 05:37 -------- d-sh--r- c:\program files\Manson 2009-06-07 21:26 . 2009-06-13 00:52 -------- d-----w- C:\World of Warcraft 2009-06-07 21:26 . 2009-06-07 22:34 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2009-06-07 21:21 . 2009-06-07 21:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-05 01:18 . 2009-01-18 03:18 -------- d-----w- c:\program files\Starcraft 2009-07-04 18:58 . 2009-01-18 01:36 -------- d-----w- c:\program files\Google 2009-06-30 00:08 . 2009-02-08 06:32 -------- d-----w- c:\documents and settings\Owner\Application Data\LimeWire 2009-06-28 08:44 . 2009-05-29 20:39 -------- d-----w- c:\documents and settings\Owner\Application Data\Apple Computer 2009-06-25 07:35 . 2009-03-17 04:59 -------- d-----w- c:\program files\SUPERAntiSpyware 2009-06-24 08:02 . 2009-03-17 04:59 -------- d-----w- c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com 2009-06-21 02:33 . 2009-05-29 20:34 -------- d-----w- c:\program files\Common Files\Apple 2009-06-20 04:40 . 2009-02-08 06:30 -------- d-----w- c:\program files\LimeWire 2009-05-29 20:39 . 2009-05-29 20:39 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-05-29 20:39 . 2009-05-29 20:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2009-05-29 20:38 . 2009-05-29 20:38 -------- d-----w- c:\program files\Bonjour 2009-05-29 20:35 . 2009-05-29 20:35 -------- d-----w- c:\program files\Apple Software Update 2009-05-29 20:34 . 2009-05-29 20:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple 2009-05-14 18:27 . 2009-05-14 18:27 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles 2009-05-10 01:19 . 2009-05-10 01:19 -------- d-----w- c:\program files\InterActual 2009-05-08 01:41 . 2009-05-08 01:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion 2009-05-08 01:26 . 2009-05-08 01:26 -------- d-----w- c:\program files\Yahoo! 2009-05-08 01:26 . 2009-05-08 01:26 -------- d-----w- c:\documents and settings\Owner\Application Data\Yahoo! 2009-05-07 15:32 . 2009-01-18 01:15 345600 ----a-w- c:\windows\system32\localspl.dll 2009-05-06 12:57 . 2009-05-06 12:57 -------- d-----w- c:\program files\Coupons 2009-04-29 04:56 . 2009-01-18 01:16 827392 ----a-w- c:\windows\system32\wininet.dll 2009-04-29 04:55 . 2009-01-18 01:14 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-17 12:26 . 2009-01-18 01:16 1847168 ----a-w- c:\windows\system32\win32k.sys 2009-04-15 14:51 . 2009-01-18 01:16 585216 ----a-w- c:\windows\system32\rpcrt4.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-28 68856] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\aba05356-8c1b-4f7a-bdf9-95cae8ca384a.exe" [2009-06-23 1830128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-09-18 7204864] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-09-18 86016] "readericon"="c:\program files\Digital Media Reader\readericon45G.exe" [2005-08-27 139264] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2005-02-26 966656] "HostManager"="c:\program files\Common Files\AOL\1232243101\EE\AOLHostManager.exe" [2004-11-03 125528] "AOL Spyware Protection"="c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [2004-10-19 79448] "VSOCheckTask"="c:\progra~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 151552] "OASClnt"="c:\program files\McAfee.com\VSO\oasclnt.exe" [2005-08-12 53248] "MCAgentExe"="c:\progra~1\mcafee.com\agent\mcagent.exe" [2005-09-22 303104] "MCUpdateExe"="c:\progra~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 212992] "MSKAGENTEXE"="c:\progra~1\McAfee\SPAMKI~1\MskAgent.exe" [2005-09-26 110592] "MSKDetectorExe"="c:\progra~1\McAfee\SPAMKI~1\MSKDetct.exe" [2006-11-07 1121280] "VirusScan Online"="c:\progra~1\mcafee.com\vso\mcvsshld.exe" [2005-08-10 163840] "MPFExe"="c:\progra~1\McAfee.com\PERSON~1\MpfTray.exe" [2005-11-11 1005096] "MPSExe"="c:\progra~1\mcafee.com\mps\mscifapp.exe" [2006-03-30 296488] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-08 136600] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136] "SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2005-09-26 90112] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-09-18 1519616] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Power2GoExpress"="NA" [X] c:\documents and settings\All Users\Start Menu\Programs\Startup\ BigFix.lnk - c:\program files\BigFix\bigfix.exe [2009-1-17 2168360] hp psc 2000 Series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2003-4-6 323646] hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-22 16:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"= "c:\\Program Files\\America Online 9.0\\waol.exe"= "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"= "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"= "c:\\Program Files\\Common Files\\AOL\\1232243101\\EE\\AOLServiceHost.exe"= "c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"= "c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"= "c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"= "c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3047:TCP"= 3047:TCP:xbox R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [6/23/2009 11:01 AM 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [6/23/2009 11:01 AM 72944] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [6/23/2009 11:01 AM 7408] . Contents of the 'Scheduled Tasks' folder 2009-07-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34] 2009-04-18 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 2170 series5E771253C1676EBED677BF361FDFC537825E15B8232248147.job - c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-06 05:52] . - - - - ORPHANS REMOVED - - - - HKLM-Run-net - c:\windows\system32\net.net . ------- Supplementary Scan ------- . uStart Page = hxxp://yahoo.com/ mStart Page = hxxp://www.myspace.com/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 LSP: c:\windows\system32\mclsp.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-05 01:37 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(672) c:\program files\SUPERAntiSpyware\SASWINLO.dll - - - - - - - > 'lsass.exe'(728) c:\windows\system32\mclsp.dll c:\windows\system32\SPORDER.dll c:\windows\system32\mclsphlr\gdlsphlr.dll c:\windows\system32\McRtl32.dll . Completion time: 2009-07-05 1:38 ComboFix-quarantined-files.txt 2009-07-05 05:38 Pre-Run: 131,754,831,872 bytes free Post-Run: 131,826,438,144 bytes free WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect 199 --- E O F --- 2009-06-12 07:02 and the second one Adobe Flash Player 10 Plugin Adobe Reader 7.0 America Online (Choose which version to remove) AOL Coach Version 2.0(Build:20041026.5 en) AOL Connectivity Services AOL Spyware Protection Apple Mobile Device Support Apple Software Update BigFix Bonjour Browser Address Error Redirector CCleaner (remove only) Coupon Printer for Windows Critical Update for Windows Media Player 11 (KB959772) Digital Media Reader DVD Solution Google Toolbar for Internet Explorer Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB952287) HP Memories Disc HP Photo and Imaging 2.0 - All-in-One HP Photo and Imaging 2.0 - All-in-One Drivers HP Photo and Imaging 2.0 - hp psc 2170 series hp psc 2170 series InterActual Player iTunes J2SE Runtime Environment 5.0 Update 2 Java(TM) 6 Update 11 LimeWire 5.0.11 McAfee Uninstall Wizard Microsoft .NET Framework 2.0 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Digital Image Library 9 - Blocker Microsoft Digital Image Starter Edition 2006 Microsoft Digital Image Starter Edition 2006 Editor Microsoft Digital Image Starter Edition 2006 Library Microsoft Internationalized Domain Names Mitigation APIs Microsoft Money 2006 Microsoft National Language Support Downlevel APIs Microsoft Office Basic Edition 2003 Microsoft Office Standard Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Works MSXML 4.0 SP2 (KB954430) Napster Napster Burn Engine NVIDIA Drivers Power2Go 4.0 PowerDVD Pure Networks Port Magic QuickTime RealPlayer Basic Realtek AC'97 Audio Recovery Software Suite eMachines Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960714) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) Soft Data Fax Modem with SmartCP Starcraft SUPERAntiSpyware Free Edition Update for Windows XP (KB951978) Update for Windows XP (KB953356) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Viewpoint Media Player WebFldrs XP Windows Backup Utility Windows Internet Explorer 7 Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 World of Warcraft Yahoo! Toolbar Thanks again guys it was a real help |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
| Thread Tools | |
|
|
