I found it in my startup through msconfig. I have no idea what it is.
Loads from the c:\docume~1\admini~1\applic~1\find01~1\dvd flaw.exe
Full Version: Dvd Flaw.exe What Is It?
to BC easye35Googling on this name came up empty. The single flaw.exe was reckognized as malware. If you do CTRL ALT DEL do you see it running under processes?
Please downloadProcessExplorer and see where it is refering to by selecting the process and post it here
Not in the list. Itloads at start up, but does stay in memory.
This is what's loaded though
Process PID CPU Description Company Name
System Idle Process 0
Interrupts n/a Hardware Interrupts
DPCs n/a 1.56 Deferred Procedure Calls
System 4
smss.exe 564 Windows NT Session Manager Microsoft Corporation
csrss.exe 620 1.56 Client Server Runtime Process Microsoft Corporation
winlogon.exe 644 Windows NT Logon Application Microsoft Corporation
services.exe 688 Services and Controller app Microsoft Corporation
ati2evxx.exe 856
svchost.exe 868 Generic Host Process for Win32 Services Microsoft Corporation
GoogleToolbarNotifier.exe 3416 GoogleToolbarNotifier Google Inc.
msmsgs.exe 916 Windows Messenger Microsoft Corporation
svchost.exe 952 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1092 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1144 Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 1424 Spooler SubSystem App Microsoft Corporation
FAH504-Console.exe 1180 FAH5.04 Stanford University
FahCore_78.exe 1548 92.19
PDAgent.exe 1200 PDAgent Module Raxco Software, Inc.
SMAgent.exe 1572 SoundMAX service agent component Analog Devices, Inc.
svchost.exe 1664 1.56 Generic Host Process for Win32 Services Microsoft Corporation
PDEngine.exe 2196 PDEngine Module Raxco Software, Inc.
alg.exe 2456 Application Layer Gateway Service Microsoft Corporation
GoogleUpdaterService.exe 272 gusvc Google
svchost.exe 5900 Generic Host Process for Win32 Services Microsoft Corporation
lsass.exe 700 LSA Shell (Export Version) Microsoft Corporation
ati2evxx.exe 1776
explorer.exe 1844 Windows Explorer Microsoft Corporation
SOUNDMAN.EXE 1960 Realtek Sound Manager Realtek Semiconductor Corp.
VTTimer.exe 1980 S3 Graphics, Inc.
SMTray.exe 1988 SoundMAX System Tray Analog Devices, Inc.
jusched.exe 2012 Java™ 2 Platform Standard Edition binary Sun Microsystems, Inc.
jucheck.exe 3704 Java™ Update Checker Sun Microsystems, Inc.
E_S4I2K1.EXE 2032 EPSON Status Monitor 3 SEIKO EPSON CORPORATION
IDMan.exe 152 Internet Download Manager (IDM) Tonec Inc.
IEMonitor.exe 2712 Internet Download Manager agent for click monitoring in IE-based browsers Tonec Inc.
tunebite.exe 188 tunebite RapidSolution Software AG
ctfmon.exe 200 CTF Loader Microsoft Corporation
iexplore.exe 4452 Internet Explorer Microsoft Corporation
EM_EXEC.EXE 208 Logitech Events Handler Application Logitech Inc.
iexplore.exe 436 Internet Explorer Microsoft Corporation
wscntfy.exe 2388 Windows Security Center Notification App Microsoft Corporation
iexplore.exe 3072 Internet Explorer Microsoft Corporation
procexp.exe 5524 3.13 Sysinternals Process Explorer Sysinternals
Also, I seem to have iexplore.exe loaded even whe not using internet. Is this normal? IE7 maybe I'm thinking.
This is what's loaded though
Process PID CPU Description Company Name
System Idle Process 0
Interrupts n/a Hardware Interrupts
DPCs n/a 1.56 Deferred Procedure Calls
System 4
smss.exe 564 Windows NT Session Manager Microsoft Corporation
csrss.exe 620 1.56 Client Server Runtime Process Microsoft Corporation
winlogon.exe 644 Windows NT Logon Application Microsoft Corporation
services.exe 688 Services and Controller app Microsoft Corporation
ati2evxx.exe 856
svchost.exe 868 Generic Host Process for Win32 Services Microsoft Corporation
GoogleToolbarNotifier.exe 3416 GoogleToolbarNotifier Google Inc.
msmsgs.exe 916 Windows Messenger Microsoft Corporation
svchost.exe 952 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1092 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1144 Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 1424 Spooler SubSystem App Microsoft Corporation
FAH504-Console.exe 1180 FAH5.04 Stanford University
FahCore_78.exe 1548 92.19
PDAgent.exe 1200 PDAgent Module Raxco Software, Inc.
SMAgent.exe 1572 SoundMAX service agent component Analog Devices, Inc.
svchost.exe 1664 1.56 Generic Host Process for Win32 Services Microsoft Corporation
PDEngine.exe 2196 PDEngine Module Raxco Software, Inc.
alg.exe 2456 Application Layer Gateway Service Microsoft Corporation
GoogleUpdaterService.exe 272 gusvc Google
svchost.exe 5900 Generic Host Process for Win32 Services Microsoft Corporation
lsass.exe 700 LSA Shell (Export Version) Microsoft Corporation
ati2evxx.exe 1776
explorer.exe 1844 Windows Explorer Microsoft Corporation
SOUNDMAN.EXE 1960 Realtek Sound Manager Realtek Semiconductor Corp.
VTTimer.exe 1980 S3 Graphics, Inc.
SMTray.exe 1988 SoundMAX System Tray Analog Devices, Inc.
jusched.exe 2012 Java™ 2 Platform Standard Edition binary Sun Microsystems, Inc.
jucheck.exe 3704 Java™ Update Checker Sun Microsystems, Inc.
E_S4I2K1.EXE 2032 EPSON Status Monitor 3 SEIKO EPSON CORPORATION
IDMan.exe 152 Internet Download Manager (IDM) Tonec Inc.
IEMonitor.exe 2712 Internet Download Manager agent for click monitoring in IE-based browsers Tonec Inc.
tunebite.exe 188 tunebite RapidSolution Software AG
ctfmon.exe 200 CTF Loader Microsoft Corporation
iexplore.exe 4452 Internet Explorer Microsoft Corporation
EM_EXEC.EXE 208 Logitech Events Handler Application Logitech Inc.
iexplore.exe 436 Internet Explorer Microsoft Corporation
wscntfy.exe 2388 Windows Security Center Notification App Microsoft Corporation
iexplore.exe 3072 Internet Explorer Microsoft Corporation
procexp.exe 5524 3.13 Sysinternals Process Explorer Sysinternals
Also, I seem to have iexplore.exe loaded even whe not using internet. Is this normal? IE7 maybe I'm thinking.
Please try the following :
Start Run and type msconfig. Go to Startup and look for the entry dvd flaw.exe. Untick it Save and reboot. If it is not in the startup than you might have something nasty on your hands therefor please read and follow all instructions in the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". You may have performed some of these steps already. About half way down are instructions for downloading HijackThis and creating a log.
When you have done that, post a log in the HijackThis Logs and Analysis Forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.
Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An expert will analyze your log and reply with instructions advising you what to fix.
Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.
If after 5 days you still have received no response, then post a link to your HJT log here.
After posting a log you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc.) unless advised by a HJT Team member. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make may cause confusion for the member assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
Start Run and type msconfig. Go to Startup and look for the entry dvd flaw.exe. Untick it Save and reboot. If it is not in the startup than you might have something nasty on your hands therefor please read and follow all instructions in the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". You may have performed some of these steps already. About half way down are instructions for downloading HijackThis and creating a log.
When you have done that, post a log in the HijackThis Logs and Analysis Forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.
Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An expert will analyze your log and reply with instructions advising you what to fix.
Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.
If after 5 days you still have received no response, then post a link to your HJT log here.
After posting a log you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc.) unless advised by a HJT Team member. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make may cause confusion for the member assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
I figured it out. Has to do with the CiD pop up. I just uninstalled it from add/remove programs. They are gone now, and I have no more sex related pop-ups
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.