Automatic updates turning off and pop ups!

Heys guys all the sudden my automatic updates are turning off and im getting aton or pop ups like crazy..I have a log from combo fix, i dunno what you guys do with it but here it is. plz guys i hope you can help me, cause i really dont know what im doing, im alittle rusty in this type of computering, so more detail is helpfull.

ComboFix 08-07-04.3 - Jonah & Elizabeth 2008-07-05 4:00:36.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.609 [GMT -4:00]
Running from: C:\Documents and Settings\Jonah & Elizabeth\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Jonah & Elizabeth\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\avunculx.dll
C:\WINDOWS\system32\BKknmnmp.ini
C:\WINDOWS\system32\BKknmnmp.ini2
C:\WINDOWS\system32\ecbvmo.dll
C:\WINDOWS\system32\fdxmcrnc.dll
C:\WINDOWS\system32\gmwtbkgu.ini
C:\WINDOWS\system32\iiffeBUn.dll
C:\WINDOWS\system32\kbgoen.dll
C:\WINDOWS\system32\khjfabqf.ini
C:\WINDOWS\system32\kwtdadao.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\oadadtwk.dll
C:\WINDOWS\system32\pmnmnkKB.dll
C:\WINDOWS\system32\pmnnKASk.dll
C:\WINDOWS\system32\qmvqgdvs.dll

.
((((((((((((((((((((((((( Files Created from 2008-06-05 to 2008-07-05 )))))))))))))))))))))))))))))))
.

2008-07-04 03:15 . 2008-07-04 03:15 <DIR> d-------- C:\Program Files\Lavasoft
2008-07-04 03:15 . 2008-07-04 03:15 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-04 02:57 . 2008-07-04 02:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-04 02:50 . 2008-07-04 02:50 <DIR> d-------- C:\Documents and Settings\Jonah & Elizabeth\Application Data\McAfee
2008-07-04 02:46 . 2008-07-04 02:46 <DIR> d-------- C:\WINDOWS\system32\URTTEMP
2008-07-03 23:03 . 2008-07-05 04:09 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-03 23:03 . 2008-07-03 23:03 1,409 --a------ C:\WINDOWS\QTFont.for
2008-07-03 21:24 . 2008-07-03 21:24 1,694,256 --ahs---- C:\WINDOWS\system32\gmwtbkgu.tmp
2008-06-10 16:16 . 2008-06-13 07:05 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-10 16:16 . 2008-05-08 10:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-06-05 00:29 . 2008-06-05 00:30 <DIR> d-------- C:\Program Files\LimeWire

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-05 07:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-04 07:47 --------- d-----w C:\Program Files\Common Files\Webroot Shared
2008-07-04 07:03 --------- d-----w C:\Program Files\McAfee
2008-07-04 06:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-07-04 04:31 --------- d-----w C:\Program Files\Windows Live
2008-07-03 01:36 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\Apple Computer
2008-06-29 22:11 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\Azureus
2008-06-29 20:43 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-06-27 04:25 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\LimeWire
2008-06-17 21:18 --------- d-----w C:\Program Files\Azureus
2008-06-13 11:05 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-03 17:27 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-29 22:15 --------- d-----w C:\Program Files\Apple Software Update
2008-05-29 16:56 --------- d-----w C:\Program Files\MagicISO
2008-05-29 16:55 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-05-29 16:49 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-29 16:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-29 16:42 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\Media Player Classic
2008-05-29 16:31 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-05-29 16:28 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-05-29 16:28 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\DAEMON Tools
2008-05-29 16:18 --------- d-----w C:\Program Files\ImgBurn
2008-05-29 16:18 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\ImgBurn
2008-05-23 06:14 --------- d-----w C:\Program Files\AWS
2008-05-23 06:14 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\WeatherBug
2008-05-23 06:10 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\Viewpoint
2008-05-23 06:04 --------- d-----w C:\Program Files\iTunes
2008-05-23 06:04 --------- d-----w C:\Program Files\iPod
2008-05-23 06:03 --------- d-----w C:\Program Files\QuickTime
2008-05-23 06:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-23 06:01 --------- d-----w C:\Program Files\Common Files\Apple
2008-05-23 06:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-05-23 05:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Webroot
2008-05-23 05:45 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\MSN6
2008-05-23 05:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\MSN6
2008-05-23 05:34 --------- d-----w C:\Program Files\Diskeeper Corporation
2008-05-23 05:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation
2008-05-23 05:23 --------- d-----w C:\Program Files\McAfee.com
2008-05-23 05:23 --------- d-----w C:\Program Files\Common Files\McAfee
2008-05-23 05:12 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-05-23 05:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-05-23 05:00 --------- d-----w C:\Program Files\AIM6
2008-05-23 05:00 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\acccore
2008-05-23 04:59 --------- d-----w C:\Program Files\Viewpoint
2008-05-23 04:59 --------- d-----w C:\Program Files\Common Files\AOL
2008-05-23 04:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-05-23 04:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
2008-05-23 04:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-05-23 04:57 --------- d-----w C:\Program Files\Java
2008-05-23 04:56 --------- d-----w C:\Program Files\Common Files\Java
2008-05-23 02:57 --------- d-----w C:\Program Files\Webroot
2008-05-23 02:57 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\Webroot
2008-05-23 02:49 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-23 02:48 --------- d-----w C:\Program Files\Creative
2008-05-23 02:48 --------- d-----w C:\Documents and Settings\Jonah & Elizabeth\Application Data\Creative
2008-05-23 02:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Creative
2008-05-23 02:38 --------- d-----w C:\Program Files\Analog Devices
2008-05-23 02:36 --------- d-----w C:\Program Files\Intel
2008-05-23 02:02 558,142 ----a-w C:\WINDOWS\java\Packages\E607ZH7Z.ZIP
2008-05-23 02:02 155,995 ----a-w C:\WINDOWS\java\Packages\NDBNNLVL.ZIP
2008-05-23 02:02 --------- d-----w C:\Program Files\microsoft frontpage
2008-05-16 15:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:12 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-14 09:42 985,088 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 09:42 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 09:41 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-14 00:25 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 00:16 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 00:13 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-04-14 00:13 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 00:13 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll
2008-04-14 00:13 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-04-14 00:11 997,376 ----a-w C:\WINDOWS\system32\msgina.dll
2008-04-14 00:10 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 00:10 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 00:10 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
2008-04-13 21:00 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-13 19:30 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-13 19:27 2,188,928 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 18:35 24,064 ----a-w C:\WINDOWS\system32\pidgen.dll
2008-04-13 18:31 7,424 ----a-w C:\WINDOWS\system32\kd1394.dll
2008-04-13 18:31 2,065,792 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-13 18:30 61,440 ----a-w C:\WINDOWS\system32\msvcrt40.dll
2008-04-13 18:14 76,800 ----a-w C:\WINDOWS\system32\msshavmsg.dll
2008-04-13 17:39 438,784 ----a-w C:\WINDOWS\system32\xpob2res.dll
2008-04-13 17:39 2,897,920 ----a-w C:\WINDOWS\system32\xpsp2res.dll
2008-04-13 17:39 187,392 ----a-w C:\WINDOWS\system32\xpsp1res.dll
2008-04-13 17:37 208,384 ----a-w C:\WINDOWS\system32\rsaenh.dll
2008-04-13 17:37 138,752 ----a-w C:\WINDOWS\system32\dssenh.dll
2008-04-13 17:27 79,872 ----a-w C:\WINDOWS\system32\msxml6r.dll
2008-04-13 17:26 94,208 ----a-w C:\WINDOWS\system32\odbcint.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\odbcp32r.dll
2008-04-13 17:26 12,288 ----a-w C:\WINDOWS\system32\mscpx32r.dll
2008-04-13 17:24 20,480 ----a-w C:\WINDOWS\system32\msorc32r.dll
2008-04-13 17:21 733,696 ----a-w C:\WINDOWS\system32\qedwipes.dll
2008-04-13 17:09 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-13 17:03 63,488 ----a-w C:\WINDOWS\system32\browselc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Window Washer"="C:\Program Files\Webroot\Washer\wwDisp.exe" [2007-11-26 14:47 1206600]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2008-03-25 16:21 50528]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [2007-08-29 10:55 1347584]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 05:39 486856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 20:12 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-04-04 13:38 774144]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-29 01:00 28672]
"CTStartup"="C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-20 01:00 28672]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2005-02-24 09:32 5537792]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2005-02-24 09:32 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-11-01 19:12 582992]
"McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [2007-11-30 05:42 1164576]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [2007-01-16 13:59 4838952]
"MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [2007-01-08 11:22 20480]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 05:56 24576 C:\WINDOWS\system32\CTHELPER.EXE]
"nwiz"="nwiz.exe" [2005-02-24 09:32 1495040 C:\WINDOWS\system32\nwiz.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ctmp3"= C:\WINDOWS\System32\ctmp3.acm
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\AIM6\\aim6.exe"=
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]
R2 wwEngineSvc;Window Washer Engine;C:\Program Files\Webroot\Washer\WasherSvc.exe [2007-11-26 14:47]

.
Contents of the 'Scheduled Tasks' folder
"2008-07-03 02:14:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-23 05:23:22 C:\WINDOWS\Tasks\McDefragTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe'
"2008-07-01 05:00:06 C:\WINDOWS\Tasks\McQcTask.job"
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe
.
- - - - ORPHANS REMOVED - - - -

BHO-{01667648-9237-4a62-a863-6120f5842639} - C:\WINDOWS\system32\kbgoen.dll
BHO-{427B37EF-B6C5-4823-A97C-10B88977E398} - C:\WINDOWS\system32\pmnnKASk.dll
BHO-{7D162D68-AD16-49EF-9BD6-0C29525D53EC} - C:\WINDOWS\system32\pmnmnkKB.dll
HKLM-Run-84578c55 - C:\WINDOWS\system32\oadadtwk.dll
HKLM-Run-TCASUTIEXE - TCAUDIAG.exe
ShellExecuteHooks-{427B37EF-B6C5-4823-A97C-10B88977E398} - C:\WINDOWS\system32\pmnnKASk.dll

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-05 04:08:13
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????&3?????\??? ??? ???\???\???????????5?B~e?B~\???\?????????a??????C@?\???\??????s????\??????s\????&3?A??s?&3??C@?x???`|?w\?????@

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> ?:\WINDOWS\system32\SETUPAPI.dll
-> ?:\WINDOWS\System32\msvcp60.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\McAfee\MSK\msksrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-07-05 4:10:56 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-05 08:10:45

Pre-Run: 141,152,575,488 bytes free
Post-Run: 141,100,892,160 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

262 --- E O F --- 2008-07-05 07:26:57

#1
skywitit23

Posted 05 July 2008 - 02:54 AM

Advertisements

#2
Rorschach112

Posted 05 July 2008 - 07:01 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us