Comodo or Something more sinister?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Pixel8ted

Thread Starter
Joined
Sep 13, 2008
Messages
4
System specs:
Win XP-Pro -SP3
Intel Core Duo E8400 -3.0 Ghz
2 GB Ram
Nvidia GeForce 8800GT
Creative sound card
---------------------------------------------------------------------
I have recently posted my HJT, AVG, a2, ISeeYouXP, MS MSRT logs on a different support website, and did scans with ATF, Spybot S&D, & CC Cleaner (I tried SuperAntiSpyware but it conflicted with AVG & a2 so I uninstalled it.) the support site said after reviewing it looked all clear. As did the Symantec Anti-Vi scan.

BUT there is something that isn't right and I wonder if it is connected to Comodo. For the past two weeks I have been experiencing a slow down on my 2 month old system and a green hue in my browser windows (Firefox & IE (which I don't use but just wanted to test it out to isolate the problem.) When I look at my desktop picture also vascillates in color and then it will stop. I noticed that it seems like when this occurs it also seems to be at the same time Comodo is updating yet even when finished, it still will have a hue and lag while browsing or working in applications. I think this is also the reason behind the multiple BSOD/Serious error startups and laggy shutdowns.

Any suggestions on what I should do and has anyone else experienced this? Logs to follow. NOTE: A2 sees ISEEYOUXP, SDFix, Comodo BO, and KillBox as viruses. IDK if that is good or bad as I have used already ISEEYOU.

It also sees the Sim2 games as Heuristic Dialers. The system volume restore dialer IDK what that is. I have not tried any other online scanners (TrendMicro, Panda, Kapersky etc.) just because I hear/read back and forth things about installing JRE and spyware/trojan issues.

I know it is ALOT to look through so I appreciate and thank those that can help me in advance.


#1 A-Squared log
-----------------

a-squared Anti-Malware - Version 4.0
Last update: 9/25/2008 12:21:42 PM

Scan settings:

Objects: Memory, Traces, Cookies, C:\, D:\, E:\, F:\, G:\, H:\
Scan archives: On
Heuristics: On
ADS Scan: On

Scan start: 9/25/2008 12:32:39 PM

C:\Documents and Settings\Authorized User\Local Settings\Application Data\Mozilla\Firefox\Profiles\1dahf1bt.default\Cache\DD0DBD66d01/procs.exe detected: Trojan-Downloader.Win32.Dadobra.HE!IK
C:\Documents and Settings\Authorized User\Local Settings\Application Data\Mozilla\Firefox\Profiles\1dahf1bt.default\Cache\DD0DBD66d01/RestartIt!.exe detected: IM-Worm.Win32.Prex.D!IK
C:\Documents and Settings\Authorized User\My Documents\CPU fitness\CBO_Setup_4.27.exe detected: Win32.SuspectCrc!IK
C:\Documents and Settings\Authorized User\My Documents\CPU fitness\SDFix.exe/procs.exe detected: Trojan-Downloader.Win32.Dadobra.HE!IK
C:\Documents and Settings\Authorized User\My Documents\CPU fitness\SDFix.exe/RestartIt!.exe detected: IM-Worm.Win32.Prex.D!IK
C:\Documents and Settings\Authorized User\My Documents\DL Pgms\New Folder\ISeeYouXP.exe detected: Virus.Win32.Trojan!IK
C:\Documents and Settings\Authorized User\My Documents\DL Pgms\New Folder\KillBox-Beta.exe detected: Virus.Win32.Trojan!IK
G:\Program Files\EA GAMES\The Sims 2 Bon Voyage\TSBin\Sims2EP6.exe detected: Heuristic.Dialer.RAS!A2
G:\Program Files\EA GAMES\The Sims 2 Celebration! Stuff\TSBin\Sims2SP4.exe detected: Heuristic.Dialer.RAS!A2
G:\Program Files\EA GAMES\The Sims 2 FreeTime\TSBin\ORIG_Sims2EP7.exe detected: Heuristic.Dialer.RAS!A2
G:\Program Files\EA GAMES\The Sims 2 Glamour Life Stuff\TSBin\Sims2SP2.exe detected: Heuristic.Dialer.RAS!A2
G:\Program Files\EA GAMES\The Sims 2 H&M® Fashion Stuff\TSBin\Sims2SP5.exe detected: Heuristic.Dialer.RAS!A2
G:\Program Files\EA GAMES\The Sims 2 Nightlife\TSBin\Sims2EP2.exe detected: Heuristic.Dialer.RAS!A2
G:\Program Files\EA GAMES\The Sims 2 Pets\TSBin\Sims2EP4.exe detected: Heuristic.Dialer.RAS!A2
G:\Program Files\EA GAMES\The Sims 2 Seasons\TSBin\Sims2EP5.exe detected: Heuristic.Dialer.RAS!A2
G:\Program Files\EA GAMES\The Sims 2 Teen Style Stuff\TSBin\Sims2SP6.exe detected: Heuristic.Dialer.RAS!A2
G:\System Volume Information\_restore{D5666837-AC25-4A70-BBAA-E960260C6CE5}\RP45\A0017292.exe detected: Heuristic.Dialer.RAS!A2

Scanned

Files: 175186
Traces: 605102
Cookies: 310
Processes: 37

Found

Files: 17
Traces: 0
Cookies: 0
Processes: 0
Registry keys: 0

Scan end: 9/25/2008 3:16:45 PM
Scan time: 2:44:06

==================================================
#2 HiJack This Log 9-25-08

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:10:09 PM, on 9/25/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Maintenance Pgms\A Squared\a-squared Anti-Malware\a2guard.exe
D:\Program Files\Maintenance Pgms\A Squared\a-squared Anti-Malware\a2service.exe
D:\PROGRAM FILES\MAINTENANCE PGMS\A SQUARED\A-SQUARED ANTI-MALWARE\a2scan.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
D:\Program Files\SnagIt\SnagIt32.exe
D:\Program Files\SnagIt\TSCHelp.exe
D:\Program Files\SnagIt\SnagPriv.exe
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\AVG\AVG8\avgscanx.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comodo.com/search/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Program Files\SnagIt\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Program Files\SnagIt\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [a-squared] "D:\Program Files\Maintenance Pgms\A Squared\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1216751871640
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15102/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - D:\Program Files\Maintenance Pgms\A Squared\a-squared Anti-Malware\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7859 bytes
 

Pixel8ted

Thread Starter
Joined
Sep 13, 2008
Messages
4
I couldn't load up the ISEEYOU & AVG 8 logs because they was too long to post.
 

Pixel8ted

Thread Starter
Joined
Sep 13, 2008
Messages
4
*BUMPING POST AFTER REQUISITE 2 FULL DAYS...* Anyone? I could still really use the help. Since my last post, I have been doing several re-scans with different online anti-virus scans and I have scanned off-line with Avir, SuperAntiSpy, Spybot SnD all with updated definitions and nothing thankfully is coming up but since my screen is still green on every startup I still wonder if it is a hidden virus/spyware or if it is the monitor or video card and what kinds of tests I can do to isolate the problem. I have also updated my Nvidia drivers to see if that would help. It didn't. I reset my monitor to factory settings - that didn't help. The green hue is making my eyes hurt and trips to the library to do homework is a nuisance due to the time limits of computer use. But I digress. The green hue effect is like a dimmer switch - it goes from lighter green tint to darker green and then much later it resolves itself only to begin the cycle all over again. I hope that description helps with the troubleshooting part. Any suggestions? Please help. I could really use some insight. Thank you.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top