Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adultfriend Finder


  • This topic is locked This topic is locked
2 replies to this topic

#1 stefos

stefos

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:36 AM

Posted 14 January 2009 - 05:09 PM

hello good people, I've never been in this section before and would be grateful for your assistance.
I don't know how this ever appeared (but I'm sure that's what they all say!)but I periodically get an unsavoury video opening in the middle of my screen. a Google search has not resolved the problem and I am now at the end of my tether having practically thrown the kitchen sink at it - spybot,ccleaner,spywareblaster,etc

DDS (Ver_09-01-07.01) - NTFSx86
Run by stephen at 20:02:09.06 on 14/01/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2039.1295 [GMT 0:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
AV: avast! antivirus 4.8.1296 [VPS 090114-0] *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe
C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Linksys\Compact Wireless-G Internet Video Camera\asfplayer.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\stephen\Desktop\Downloads\dds.com

============== Pseudo HJT Report ===============

uStart Page = about:blank
uInternet Settings,ProxyOverride = localhost
mWinlogon: Shell=Explorer.exe "c:\docume~1\stephen\locals~1\temp\svchost.exe"
mWinlogon: Userinit=c:\windows\system32\userinit.exe,"c:\docume~1\stephen\locals~1\temp\svchost.exe",
BHO: IE7Pro BHO: {00011268-e188-40df-a514-835fcd78b1bf} - c:\program files\iepro\iepro.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\contribute 4\contributeieplugin.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: BitComet ClickCapture: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - BitComet Helper
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
{3ffcd0da-76b6-4aa6-9a24-2d490a1c69da}
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Malicious Scripts Scanner: {55ea1964-f5e4-4d6a-b9b2-125b37655fcb} - URLDetector Class
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: VGOIEBHO Helper: {b6fa00d9-86ec-4158-9488-d00dff897e86} - VGOIEHelper Class
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\contribute 4\contributeieplugin.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [Firefox] c:\progra~1\mozill~1\FIREFOX.EXE
uRun: [MS000354] c:\docume~1\stephen\locals~1\temp\rarsfx6\services.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [DAVG] c:\docume~1\stephen\locals~1\temp\rarsfx6\services.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [Asfplayer] c:\program files\linksys\compact wireless-g internet video camera\asfplayer.exe
dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
uPolicies-explorer: NoThemesTab = 0 (0x0)
uPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoColorChoice = 0 (0x0)
uPolicies-system: NoSizeChoice = 0 (0x0)
uPolicies-system: NoVisualStyleChoice = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - c:\program files\iepro\iepro.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: com.tw\www.msi
TCP: {DA428782-0056-4489-AE1F-C8006E5CFD96} = 192.168.1.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp3.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: WebProxy - - No File
SEH: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - SABShellExecuteHook Class

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\stephen\applic~1\mozilla\firefox\profiles\uvoc3gi2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.bbc.co.uk/home/beta/
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPAdbESD.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npBBCPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npcsau7.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npitunes.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlc\npvlc.dll
FF - plugin: c:\windows\system32\Npindeo.dll
FF - plugin: c:\windows\system32\npmirage.dll
FF - plugin: c:\windows\system32\npwmsdrm.dll
FF - plugin: j:\program files\divx\divx player\npDivxPlayerPlugin.dll
FF - plugin: j:\program files\divx\divx web player\npdivx32.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-6-15 111184]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-5-28 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-5-28 26824]
R1 PrevxTdi;PREVX TDI filter;c:\windows\system32\drivers\pxtdi.sys [2007-1-14 28040]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2008-6-15 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2008-6-15 352920]
R3 Bonifay;Bonifay;c:\windows\system32\drivers\Bonifay.sys [2007-3-31 12160]
R3 PhTVTune;Philips WDM TVTuner;c:\windows\system32\drivers\PhTVTune.sys [2006-7-16 19520]
R3 VBus;Virtual Bus;c:\windows\system32\drivers\NkVBus.sys [2005-6-17 17664]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-6-15 20560]
R4 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2008-6-15 155160]
R4 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-4 875288]
R4 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-4 231704]
R4 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-5-28 76040]
R4 NkPtpEnumP2;NkPtpEnumP2;c:\program files\nikon\wireless camera setup utility\NkPtpEnum.exe [2005-6-17 24064]
R4 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2008-6-1 34064]
R4 Prvflder;Prvflder;c:\windows\system32\drivers\prvflder.sys [2006-4-21 70912]
R4 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-1-6 353680]
S0 ntcdrdrv;ntcdrdrv;c:\windows\system32\drivers\ntcdrdrv.sys --> c:\windows\system32\drivers\ntcdrdrv.sys [?]
S1 KLIF;KLIF;c:\windows\system32\drivers\klif.sys --> c:\windows\system32\drivers\klif.sys [?]
S3 Gonzales;Gonzales;c:\windows\system32\drivers\Gonzales.sys [2007-3-31 7040]
S3 PrevxEmulator;PREVX Emulator driver;c:\windows\system32\drivers\PxEmu.sys [2007-1-14 107784]
S3 SQLAgent$XNETVIEW;SQLAgent$XNETVIEW;c:\program files\microsoft sql server\mssql$xnetview\binn\sqlagent.exe -i xnetview --> c:\program files\microsoft sql server\mssql$xnetview\binn\sqlagent.EXE -i XNETVIEW [?]
S3 uxddrv;Dynamically loaded UxdDrv;\??\f:\diagnose\wstproeng\uxddrv.sys --> f:\diagnose\wstproeng\uxddrv.sys [?]
S4 DP1112;DP1112;\??\c:\windows\system32\drivers\dp.sys --> c:\windows\system32\drivers\DP.sys [?]
S4 MSSQL$XNETVIEW;MSSQL$XNETVIEW;c:\program files\microsoft sql server\mssql$xnetview\binn\sqlservr.exe -sxnetview --> c:\program files\microsoft sql server\mssql$xnetview\binn\sqlservr.exe -sXNETVIEW [?]
S4 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]

=============== Created Last 30 ================

2009-01-14 16:57 <DIR> -cd----- C:\VundoFix Backups
2009-01-13 11:41 54,156 a---h--- c:\windows\QTFont.qfn
2009-01-13 11:41 1,409 a------- c:\windows\QTFont.for
2009-01-13 10:22 <DIR> --d----- c:\program files\SpywareBlaster
2009-01-13 09:18 <DIR> --d----- c:\program files\CCleaner
2009-01-13 06:34 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll
2009-01-13 06:34 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2009-01-13 06:30 23,576 a------- c:\windows\system32\wuapi.dll.mui
2009-01-12 22:22 144,330 ac------ C:\chatnow34.exe
2009-01-11 22:56 110,592 a------- c:\windows\winsys.exe
2009-01-11 22:56 187,496 ac------ C:\filsafer.exe
2009-01-11 13:35 146,675 ac------ C:\box.exe
2009-01-11 13:17 90,112 ac------ C:\f45t45file.exe
2009-01-10 21:11 344,064 ac--h--- C:\Mozilla.html
2009-01-10 21:09 77,824 ac--h--- C:\MsUpdater.html
2009-01-10 20:56 5,881 ac--h--- C:\windll_v354.exe
2009-01-10 20:54 77,824 ac--h--- C:\MsInstaller.exe
2009-01-09 20:56 <DIR> --d----- c:\program files\YouTube Downloader
2009-01-09 19:36 <DIR> --d----- c:\program files\WinPcap
2009-01-08 21:23 6,831 ac--h--- C:\mvstcdxx.lst
2009-01-07 22:20 <DIR> --d----- c:\program files\Xilisoft
2009-01-06 22:40 1,221,008 a------- c:\windows\system32\zpeng25.dll
2009-01-06 22:40 <DIR> --d----- c:\windows\system32\ZoneLabs
2009-01-06 22:40 <DIR> --d----- c:\program files\Zone Labs
2009-01-06 22:39 349,159 a------- c:\windows\system32\vsconfig.xml
2009-01-06 22:39 <DIR> --d----- c:\windows\Internet Logs
2009-01-06 17:23 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-06 17:23 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-06 17:23 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-01-04 14:56 118,784 -----r-- c:\windows\bwUnin-7.2.0.157-8876480SL.exe
2008-12-29 11:03 <DIR> --d----- c:\windows\Driving Test Complete
2008-12-25 06:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Nero
2008-12-24 23:10 <DIR> --d----- c:\program files\common files\SureThing Shared
2008-12-24 23:10 <DIR> --d----- c:\program files\SureThing CD Labeler 5
2008-12-24 23:08 <DIR> --d----- c:\program files\LightScribeTemplateLabeler
2008-12-24 22:38 <DIR> --d----- c:\program files\LightScribe
2008-12-24 21:20 <DIR> --d----- c:\program files\LightScribe Diagnostic Utility
2008-12-24 13:33 <DIR> --d----- c:\docume~1\alluse~1\applic~1\LightScribe
2008-12-24 12:04 <DIR> --d----- c:\program files\Nero
2008-12-19 10:30 <DIR> --d----- c:\program files\ALDI
2008-12-19 10:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MAGIX
2008-12-19 10:27 120,200 a------- c:\windows\system32\DLLDEV32i.dll
2008-12-19 10:27 <DIR> --d----- c:\program files\ALDI Photo Service
2008-12-19 10:26 700,416 a------- c:\windows\system32\mgxoschk.dll
2008-12-19 10:26 6,211 a------- c:\windows\mgxoschk.ini
2008-12-19 10:26 <DIR> --d----- c:\windows\system32\MAGIX

==================== Find3M ====================

2009-01-14 16:58 0 a------- c:\windows\system32\drivers\lvuvc.hs
2009-01-13 13:07 3,350 a--sh--- c:\windows\system32\KGyGaAvL.sys
2009-01-13 05:08 4,075 a------- c:\docume~1\stephen\applic~1\SAS7_000.DAT
2009-01-09 20:10 171,932 a------- c:\windows\pchealth\helpctr\config\cache\Personal_32_1033.dat
2009-01-03 17:06 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLec.DAT
2008-12-11 07:52 51,200 a------- c:\windows\system32\camcodec.dll
2008-12-11 07:52 1,461 a------- c:\windows\system32\drivers\camcodec.inf
2008-11-10 05:43 410,984 a------- c:\windows\system32\deploytk.dll
2007-10-22 11:29 30,601 a------- c:\documents and settings\stephen\x.exe
2005-01-20 15:53 45,056 -----r-- c:\program files\SetAttrib.exe
2008-03-20 22:44 2 a--shrot c:\windows\winstart.bat
2007-04-30 19:04 88 ---shr-- c:\windows\system32\05EECF761D.sys
2008-09-20 13:49 88 ---shr-- c:\windows\system32\AA58B19F39.sys
2007-08-17 17:56 23 a--sh--- c:\windows\system32\bcdbe8_r.dll
2008-05-29 01:33 80 a--sh--- c:\windows\system32\indata.dat
2006-11-09 11:06 1,206,075 a--sh--- c:\windows\system32\1041\lurcvms.bak1
2006-11-13 12:37 1,309,708 a--sh--- c:\windows\system32\1041\lurcvms.bak2
2008-07-02 12:13 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008070220080703\index.dat

============= FINISH: 20:04:52.71 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 stefos

stefos
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:36 AM

Posted 17 January 2009 - 04:45 PM

Hopefully, with a cocktail of antivirus software including - superantispyware and malwarebytes antimalware and others above,it's gone!

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:02:36 AM

Posted 19 January 2009 - 08:11 AM

Thanks for informing us.

If you find other problems you can contact any Moderator to re open this thread.
But you are better off to begin a new topic.

Good luck.

This thread is closed.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users