|
| ||
| BGOBFJOL.DLL problem Hi everyone! I'm new and this is my first thread. I did do multiple search on this "bgobfjol.dll" problem and I have not found any. I am very reluctant to attempt any of the resolutions I have found in the forum for other dll problems. I am just not sure if my problem is similar to other dll problem or not. I'd rather play it safe than sorry. This is when I power on my laptop. I received the following message: RUNDLL error loading C:\WINDOWS\System32\bgobfjol.dll Specified module could not be found Anyone has experienced with the "bgobfjol" situation? Please advise and thank you for your time to help. Debbie |
| ||
| Re: BGOBFJOL.DLL problem Hello and welcome to daniweb Pls do the following: 1. - Download Malwarebytes' Anti-Malware (http://www.download.com/Malwarebytes...=dl&tag=button) to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure to checkmark the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform full scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here. Make sure that you restart the computer. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt 2. - Download hijackthis and post the log. In your reply, post the logs (in this order): 1. - Malware Bytes Log 2. - Hijackthis Log Thanks, Cohen |
| ||
| Re: BGOBFJOL.DLL problem Cohen, I followed your instructions. Well, at least the beginning of your instructions. I downloaded the Malwarebytes (based on your link). Received 1048 errors. Malware began to fix and then next thing I knew, it stated that I got the first 20 free fix but I must buy the product before it fixes my errors. Needless to say, I deleted the malware because I now question it's integrity. So it is probably a good thing that I never downloaded the "hijackthis" as you recommended. If I was told that it is a paid product, I would have had the opportunity to choose whether to purchase or not ahead of time. Is there a reason why I wasn't told? |
| ||
| Re: BGOBFJOL.DLL problem Can anyone help me rectify my bgobfjol.dll problem? I appreciate any efforts to help me out. Thanx. Debbie |
| ||
| Re: BGOBFJOL.DLL problem 1. - No you don't need to buy the program, and i wouldn't have thought that you need to buy it... I have got my PC clean numerous times with MBA-M and it has never asked me to buy it..... 2. - Hijackthis is a problem that tells us your problems and can help us in what actions we need to take to get your PC clean. 3. - Can you pls post the MBA-M log and download hijackthis and post the log. Pls follow my instructions. Once we have those logs, then we can continue and help you in what actions we need to take to clean the virus out of your PC. Thankyou, Cohen |
| ||
| Re: BGOBFJOL.DLL problem My apology for not getting back sooner. My sick family kept me pretty busy! As soon as I tried to download both Malware and HiJack This, I kept receiving the following messages: Malwarebyte's Anti-Malware Run-time error: '50003': Unexpected error HiJack This Run-time error: '5003': Unexpected error I have done multiple restarts, uninstallations/re-installations, etc. So far, I'm still getting the same Run-time error: '5003'. In case you're wondering----I have received no reports, no scannings, etc. Absolutely nothing happened. Just immediately received the Run-time error: '5003'. Malware & HiJack This appeared to have been downloaded since I received the shortcut icons on my desktop. I did, however, downloaded the SpyDoctor. The following messages I received: 6 threats & 246 infections in your computer Low threat --- Application.TrackingCookies (153 threats) Low threat --- Adware.Advertising (80 threats) Elevated threat --- Trojan.Virtumonde (2 threats) Medium threat --- Trojan.agent (5 threats) Medium threat --- Adware.agent.BN (5 threats) Low threat --- Trojan.Generu (1 threat) I attempted to have them fixed, removed, etc but I kept receiving the message of "Registration". In other words, it wanted me to purchase the product. I didn't purchase because I've no idea of the SpyDoctor's reputation. BTW---I've searched those so-called Adware, Trojan, etc. on my computer. My search came up nada. Therefore, makes me suspicious of the SpyDoctor's integrity (or lack of). Every night, I do a normal shut down. Each morning (including this morning) I turn it on, I am still getting the message of: RUNDLL Error loading C:\WINDOWS\system32\bgobfjol.dll OK This is where I am at and I don't know what else to do. Please advise. |
| ||
| Re: BGOBFJOL.DLL problem alright, Pls do the following: Please download ComboFix by sUBs from HERE or HERE
Note: Do not mouse-click combofix's window while it is running. That may cause it to stall. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine. Then, see if you can get HJT and MBA-M to run without the error. Thanks, Cohen |
| ||
| Re: BGOBFJOL.DLL problem 1 Attachment(s) Thanx for the reply, Cohen. Here are the outcomes--- Downloaded the ComboFix as per your link. I followed all instructions (yours and ComboFix's). Received first error: Query - Recovery Console ComboFix has detected that this machine does not have the 'WINDOWS RECOVERY CONSOLE' It would be in your BEST INTEREST to have it installed. Would you like to do so now? *NOTE* - This requires an active internet connection. I enabled the internet connection and it installed the recovery. Then the message came up: Please click "YES" in the End User License Agreement (EULA) dialog that follows.....OK I clicked "yes". ComboFix finished, rebooted and produced the report. See attachment provided. I tried to run both Malware and HiJackThis. Both received the same error: Malwarebyte's Anti-Malware Run-time error: '50003': Unexpected error HiJack This Run-time error: '5003': Unexpected error Where do I go from here? Thanx for your help! Debbie |
| ||
| Re: BGOBFJOL.DLL problem OK, 1. - When we ask for logs, can you pls post them in a reply. 2. - I'm stumped on where to go from here, i have no idea.... i'll refer this thread off to Judy and Crunchie, and they might be able to help you. Thanks, Cohen |
| ||
| Re: BGOBFJOL.DLL problem Quote:
ComboFix 08-12-16.03 - Debbie 2008-12-16 16:41:28.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2414 [GMT -6:00] Running from: c:\downloads from websites\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\iSAccccf.ini c:\windows\system32\iSAccccf.ini2 c:\windows\system32\lojfbogb.ini c:\windows\system32\sovvxeia.ini . ((((((((((((((((((((((((( Files Created from 2008-11-16 to 2008-12-16 ))))))))))))))))))))))))))))))) . 2008-12-16 12:16 . 2008-12-16 12:16 <DIR> d-------- c:\program files\Hijack This 2008-12-16 11:40 . 2008-12-16 11:41 <DIR> d-------- c:\program files\Malware Spyware Doctor 2008-12-16 11:40 . 2008-08-25 12:36 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys 2008-12-16 11:40 . 2008-08-25 12:36 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys 2008-12-16 11:40 . 2008-08-25 12:36 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys 2008-12-16 11:40 . 2008-06-02 16:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys 2008-12-16 11:18 . 2008-12-16 11:18 <DIR> d-------- c:\program files\Intel 2008-12-16 11:18 . 2008-05-01 16:35 53,248 --a------ c:\windows\system32\CSVer.dll 2008-12-16 11:17 . 2008-12-16 11:17 <DIR> d-------- C:\Intel 2008-12-16 10:55 . 2008-12-16 10:55 <DIR> d-------- c:\program files\Uniblue 2008-12-16 10:55 . 2008-12-16 10:58 <DIR> d-------- c:\documents and settings\All Users\Application Data\DriverScanner 2008-12-16 10:54 . 2008-12-16 10:55 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5} 2008-12-16 10:49 . 2008-12-16 10:49 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-16 10:49 . 2008-12-16 10:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-16 10:49 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-16 10:49 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-15 19:10 . 2008-12-15 19:10 <DIR> d-------- c:\program files\GPLGS 2008-12-15 19:09 . 2008-12-15 19:09 <DIR> d-------- c:\program files\Acro Software 2008-12-15 19:09 . 2007-07-12 22:33 87,552 --a------ c:\windows\system32\cpwmon2k.dll 2008-12-14 18:46 . 2008-12-14 18:46 <DIR> d-------- c:\program files\Avant Home 2008-12-12 18:38 . 2008-12-16 16:31 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP 2008-12-12 12:07 . 2008-12-12 12:07 <DIR> d-------- c:\program files\Common Files\Adobe AIR 2008-11-28 14:06 . 2008-11-28 14:06 99,501 --a------ c:\windows\system32\Brother Port . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-16 22:39 --------- d-----w c:\program files\Mozilla Firefox 3 Beta 5 2008-12-16 00:48 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2008-12-12 18:12 --------- d-----w c:\program files\NOS 2008-12-12 18:12 --------- d-----w c:\documents and settings\All Users\Application Data\NOS 2008-12-12 18:03 --------- d-----w c:\program files\Common Files\Adobe 2008-12-03 22:56 --------- d-----w c:\program files\Google 2008-11-28 04:31 --------- d-----w c:\program files\FastDraft Version 4 2008-11-15 22:27 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-15 22:27 --------- d-----w c:\program files\Creative 2008-11-15 22:26 --------- d-----w c:\program files\Creative Live! Cam 2008-11-15 22:25 --------- d-----w c:\program files\Dell 2008-11-15 21:45 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2008-11-15 21:45 --------- d-----r c:\program files\Skype 2008-11-15 21:44 --------- d-----w c:\program files\Common Files\Skype 2008-11-13 23:42 --------- d-----w c:\documents and settings\All Users\Application Data\NeatReceipts Professional 2008-11-13 23:37 --------- d-----w c:\documents and settings\All Users\Application Data\ScanSoft 2008-11-13 23:13 --------- d-----w c:\program files\Common Files\The Neat Company 2008-11-13 23:13 --------- d-----w c:\program files\Common Files\NeatReceipts 2008-11-13 23:13 --------- d-----w c:\program files\Common Files\Intuit 2008-11-13 23:13 --------- d-----w c:\program files\Common Files\impacct 2008-11-13 23:12 --------- d-----w c:\documents and settings\All Users\Application Data\The Neat Company 2008-11-13 23:03 --------- d-----w c:\program files\Microsoft SQL Server 2008-11-13 22:59 --------- d-----w c:\program files\NeatReceipts 2008-11-13 22:54 --------- d-----w c:\program files\NeatWorks 2008-11-07 19:26 --------- d-----w c:\documents and settings\All Users\Application Data\HotSync 2008-11-07 19:23 --------- d-----w c:\program files\palmOne 2008-11-07 19:21 53,248 ----a-w c:\windows\PalmDevC.dll 2008-11-03 23:07 --------- d-----w c:\program files\Freeze.com 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-19 01:23 --------- d-----w c:\documents and settings\All Users\Application Data\BitDefender 2008-07-25 22:38 60,744 ----a-w c:\documents and settings\Debbie\g2mdlhlpx.exe 2008-05-02 17:55 0 ----a-w c:\program files\error.dat 2008-01-26 00:55 60,968 ----a-w c:\documents and settings\Debbie\GoToAssistDownloadHelper.exe 2007-12-15 21:50 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat 2005-05-26 19:35 1,422 ----a-w c:\program files\ReadMe.txt 2008-09-13 20:51 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008091320080914\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] "WorldTime2006"="c:\program files\Calendar\AnyTime Organizer Deluxe\WorldTime.exe" [2006-09-23 1646592] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-10 68856] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-10-29 25795368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-07-09 851968] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-06 8429568] "OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-28 36864] "Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2007-07-03 1228800] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-10-09 2183168] "KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184] "RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 1116920] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-04-16 184320] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-12-10 1838592] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-10-09 16384] "atr.exe"="c:\progra~1\Calendar\ANYTIM~1\atr.exe" [2006-07-19 462848] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632] "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-23 663552] "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 61440] "BDAgent"="c:\program files\BitDefender\BitDefender 2008\bdagent.exe" [2008-09-15 368640] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "avast!"="c:\progra~1\AVANTH~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "nwiz"="nwiz.exe" [2007-06-06 c:\windows\system32\nwiz.exe] "NVHotkey"="nvHotkey.dll" [2007-06-06 c:\windows\system32\nvhotkey.dll] "NvMediaCenter"="NvMCTray.dll" [2007-06-06 c:\windows\system32\nvmctray.dll] "SigmatelSysTrayApp"="stsystra.exe" [2007-07-09 c:\windows\stsystra.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-26 434528] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2008-01-25 18:55 10792 c:\program files\Citrix\GoToAssist\480\g2awinlogon.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winny31.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-14 111184] R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-12-14 20560] R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ [2006-04-14 28933976] R2 NeatWorksDatabaseController;NeatWorks Database Controller;"c:\program files\NeatReceipts\NeatWorks\exec\NeatWorksDatabaseController.exe" [2008-09-20 334968] R2 WinDefend;Windows Defender;"c:\program files\Windows Defender\MsMpEng.exe" [2006-11-03 13592] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\bdfndisf.sys [2008-06-02 86792] R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\system32\DRIVERS\OEM02Dev.sys [2007-12-10 235520] R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\system32\DRIVERS\OEM02Vfx.sys [2007-12-10 7424] S0 Winny31;Winny31;c:\windows\system32\Drivers\Winny31.sys [] S2 gupdate1c9092a80cf60f6;Google Update Service (gupdate1c9092a80cf60f6);"c:\program files\Google\Update\GoogleUpdate.exe" /svc [2008-08-28 133104] S3 MSSQL$NR2007;SQL Server (NR2007);"c:\program files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe" -sNR2007 [2007-02-10 29178224] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Malware Spyware Doctor\pctsAuxs.exe [2008-12-16 356920] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c39a0d9a-43c8-11dd-8bdb-001d09abc4f7}] \Shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e349eaff-43c5-11dd-8bda-001d09abc4f7}] \Shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e349eb01-43c5-11dd-8bda-001d09abc4f7}] \Shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\Neat ADF Scanner 2008] reg copy "HKLM\Software\The Neat Company\Neat ADF Scanner 2008" "HKCU\Software\The Neat Company\Neat ADF Scanner 2008" /s /f . Contents of the 'Scheduled Tasks' folder 2008-12-12 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2008-12-16 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2008-08-28 15:47] 2008-12-16 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20] . - - - - ORPHANS REMOVED - - - - BHO-{B68FD3AC-D05D-40EA-B431-422F52BC7CBC} - (no file) HKCU-Run-DW6 - c:\progra~1\THEWEA~1\Desktop\DesktopWeather.exe HKLM-Run-ECenter - c:\dell\E-Center\EULALauncher.exe HKLM-Run-3c6e4b40 - c:\windows\system32\bgobfjol.dll HKLM-Run-iTunesHelper - e:\program files\Apple\iTunes\iTunesHelper.exe HKLM-Run-trioService - c:\progra~1\Freeze.com\Halloween\\trioService.exe HKLM-Run-BCROReminder - c:\program files\ByteCrusher\RegistryOptimax\BCRO.exe Notify-khfFXrSJ - khfFXrSJ.dll . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6071210 uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6071210 uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd FF - ProfilePath - c:\documents and settings\Debbie\Application Data\Mozilla\Firefox\Profiles\kp2fgsv2.default\ FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll FF - plugin: c:\program files\Mozilla Firefox 3 Beta 5\plugins\nphssb.dll FF - plugin: c:\program files\Mozilla Firefox 3 Beta 5\plugins\npOGAPlugin.dll FF - plugin: c:\program files\Mozilla Firefox 3 Beta 5\plugins\npRLCT4Player.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-16 16:45:53 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... c:\docume~1\Debbie\LOCALS~1\Temp\etilqs_yLIaDPoi41A9w0kvBGu4 4096 bytes c:\docume~1\Debbie\LOCALS~1\Temp\etilqs_yLIaDPoi41A9w0kvBGu4-journal 1544 bytes scan completed successfully hidden files: 2 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(608) c:\program files\Citrix\GoToAssist\480\G2AWinLogon.dll c:\windows\System32\BCMLogon.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\WLTRYSVC.EXE c:\windows\system32\BCMWLTRY.EXE c:\program files\Avant Home\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Avant Home\Alwil Software\Avast4\ashServ.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe c:\windows\system32\nvsvc32.exe c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe c:\program files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe c:\program files\BitDefender\BitDefender 2008\vsserv.exe c:\windows\system32\rundll32.exe c:\windows\system32\rundll32.exe c:\program files\Avant Home\Alwil Software\Avast4\ashMaiSv.exe c:\windows\system32\wscntfy.exe c:\program files\Avant Home\Alwil Software\Avast4\ashWebSv.exe c:\windows\system32\rundll32.exe c:\program files\Brother\ControlCenter3\BrccMCtl.exe c:\program files\Brother\Brmfcmon\BrMfimon.exe c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe c:\program files\Digital Line Detect\DLG.exe c:\program files\SimpleTech\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe c:\program files\Calendar\AnyTime Organizer Deluxe\Atw.exe c:\program files\Skype\Plugin Manager\skypePM.exe . ************************************************************************** . Completion time: 2008-12-16 16:51:42 - machine was rebooted ComboFix-quarantined-files.txt 2008-12-16 22:51:37 Pre-Run: 123,537,764,352 bytes free Post-Run: 123,795,558,400 bytes free WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect 255 --- E O F --- 2008-12-10 23:09:45 |
| All times are GMT -4. The time now is 3:01 pm. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC