Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with I am alive!


  • This topic is locked This topic is locked
3 replies to this topic

#1 james909

james909

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 02 November 2009 - 12:44 PM

When I launch a my browser I sometimes randomly get the message I am alive! in the top left corner of the screen on a white background. This can happen on any web page and prevents me from seeing the correct web page. To get rid of it I try running various cleaners and closing opening the browser until it is no longer there.

Thanks
James


DDS (Ver_09-10-26.01) - NTFSx86
Run by Administrator at 17:23:19.91 on Mon 02/11/2009
Internet Explorer: 6.0.2800.1106
Microsoft Windows 2000 Professional 5.0.2195.4.1252.1.1033.18.448.172 [GMT 0:00]


============== Running Processes ===============

D:\WINNT\system32\spoolsv.exe
D:\WINNT\system32\MSTask.exe
D:\WINNT\Explorer.EXE
D:\WINNT\vsnpstd3.exe
D:\Program Files\Opera\opera.exe
C:\Downloaded Programs\dds.scr
D:\WINNT\System32\WBEM\WinMgmt.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - d:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
EB: Media Band: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\system32\browseui.dll
uRun: [MsnMsgr] "d:\program files\msn messenger\MsnMsgr.Exe" /background
mRun: [Synchronization Manager] mobsync.exe /logon
mRun: [tsnpstd3] d:\winnt\tsnpstd3.exe
mRun: [snpstd3] d:\winnt\vsnpstd3.exe
dRunOnce: [^SetupICWDesktop] d:\program files\internet explorer\connection wizard\icwconn1.exe /desktop
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - d:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\opera.lnk - d:\program files\opera\opera.exe
DPF: {00000161-0000-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/msaudio.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} - hxxp://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1254427041775
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

============= SERVICES / DRIVERS ===============

R3 cwbmidi_device;Crystal WDM MPU-401 UART Driver;d:\winnt\system32\drivers\cwbmidi.sys [2009-10-1 3136]
R3 cwbwdm_device;Crystal WDM Audio Codec Driver;d:\winnt\system32\drivers\cwbwdm.sys [2009-10-1 79264]
R3 NtApm;NT Apm/Legacy Interface Driver;d:\winnt\system32\drivers\NtApm.sys [2009-10-1 9104]

=============== Created Last 30 ================

2009-11-02 17:23:21 16384 ----atw- d:\winnt\system32\Perflib_Perfdata_5b4.dat
2009-11-02 17:15:19 0 ----a-w- d:\documents and settings\administrator\settings.dat
2009-11-02 17:09:11 0 d-----w- d:\program files\trend micro
2009-11-02 16:55:54 117760 ----a-w- d:\winnt\system32\SET5B.tmp
2009-11-02 16:55:43 3144 -c--a-w- d:\winnt\system32\dllcache\srgb.icm
2009-11-02 16:55:32 12592 -c--a-w- d:\winnt\system32\dllcache\usbscan.sys
2009-11-02 16:55:32 12592 ----a-w- d:\winnt\system32\drivers\usbscan.sys
2009-11-02 16:52:35 1996 ------w- d:\winnt\hpomdl14.dat
2009-11-02 16:52:35 124378 ----a-w- d:\winnt\hpoins14.dat
2009-11-02 16:35:58 1996 ------w- d:\winnt\hpomdl14.dat.temp
2009-11-02 16:35:58 124404 ------w- d:\winnt\hpoins14.dat.temp
2009-10-28 12:21:00 0 d-----w- d:\docume~1\admini~1\applic~1\OpenOffice.org
2009-10-28 12:16:46 0 d-----w- d:\program files\OpenOffice.org 3
2009-10-27 01:34:04 16144 -c--a-w- d:\winnt\system32\dllcache\modemcsa.sys
2009-10-27 01:34:04 16144 ----a-w- d:\winnt\system32\drivers\MODEMCSA.sys
2009-10-27 01:30:17 1524 ----a-w- d:\winnt\system32\d3d8caps.dat
2009-10-27 01:30:08 0 d-----w- d:\program files\SystemRequirementsLab
2009-10-26 13:27:46 117760 ------w- d:\winnt\system32\hpzll5ha.dll
2009-10-26 13:25:25 0 d-----w- d:\program files\common files\Hewlett-Packard
2009-10-26 13:24:25 21568 ----a-w- d:\winnt\system32\drivers\HPZius12.sys
2009-10-26 13:24:21 16496 ----a-w- d:\winnt\system32\drivers\HPZipr12.sys
2009-10-26 13:24:15 49920 ----a-w- d:\winnt\system32\drivers\HPZid412.sys
2009-10-26 13:24:12 267864 ----a-w- d:\winnt\system32\hpzids01.dll
2009-10-26 13:23:47 569344 ----a-w- d:\winnt\system32\hpotscl3.dll
2009-10-26 13:23:47 364544 ----a-w- d:\winnt\system32\hppldcoi.dll
2009-10-26 13:23:47 309760 ----a-w- d:\winnt\system32\difxapi.dll
2009-10-26 13:23:47 303104 ----a-w- d:\winnt\system32\hpovst10.dll
2009-10-26 13:23:47 229376 ----a-w- d:\winnt\system32\hpotpusd.dll
2009-10-26 13:23:28 0 d-----w- d:\program files\HP
2009-10-26 13:21:39 310310 ----a-w- d:\winnt\system32\autorun.inf
2009-10-26 12:40:26 21872 -c--a-w- d:\winnt\system32\dllcache\usbprint.sys
2009-10-26 12:40:26 21872 ----a-w- d:\winnt\system32\drivers\usbprint.sys
2009-10-23 15:46:04 0 d-----w- d:\program files\Audacity
2009-10-22 17:01:08 21552 -c--a-w- d:\winnt\system32\dllcache\usbstor.sys
2009-10-18 18:58:47 0 d-----w- d:\docume~1\admini~1\applic~1\GameRanger
2009-10-18 18:22:15 14368 ----a-r- d:\winnt\system32\drivers\SECDRV.SYS
2009-10-17 10:29:29 107792 -c--a-w- d:\winnt\system32\dllcache\xlog.exe
2009-10-17 10:29:26 17168 -c--a-w- d:\winnt\system32\dllcache\xem336n5.sys
2009-10-17 10:29:25 24848 -c--a-w- d:\winnt\system32\dllcache\wvlan48.sys
2009-10-17 10:29:19 8016 -c--a-w- d:\winnt\system32\dllcache\wmiacpi.sys
2009-10-17 10:29:18 35088 -c--a-w- d:\winnt\system32\dllcache\wlandrv2.sys
2009-10-17 10:29:11 602128 -c--a-w- d:\winnt\system32\dllcache\winacpci.sys
2009-10-17 10:29:08 41552 -c--a-w- d:\winnt\system32\dllcache\weitekp9.dll
2009-10-17 10:29:08 30960 -c--a-w- d:\winnt\system32\dllcache\weitekp9.sys
2009-10-17 10:29:06 27024 -c--a-w- d:\winnt\system32\dllcache\wdvga.sys
2009-10-17 10:29:05 88576 -c--a-w- d:\winnt\system32\dllcache\wcom32.exe
2009-10-17 10:29:02 8976 -c--a-w- d:\winnt\system32\dllcache\wangqic.sys
2009-10-17 10:27:57 25872 -c--a-w- d:\winnt\system32\dllcache\srusd.dll
2009-10-17 10:26:59 97808 -c--a-w- d:\winnt\system32\dllcache\sgiulnt5.sys
2009-10-17 10:25:55 16240 -c--a-w- d:\winnt\system32\dllcache\pscr.sys
2009-10-17 10:24:58 28272 -c--a-w- d:\winnt\system32\dllcache\ntcx.sys
2009-10-17 10:23:57 35440 -c--a-w- d:\winnt\system32\dllcache\msgame.sys
2009-10-17 10:22:59 30992 -c--a-w- d:\winnt\system32\dllcache\lgdecomp.dll
2009-10-17 10:21:49 85776 -c--a-w- d:\winnt\system32\dllcache\hptxnt5.sys
2009-10-17 10:20:59 54032 -c--a-w- d:\winnt\system32\dllcache\eqnloop.exe
2009-10-17 10:19:59 125200 -c--a-w- d:\winnt\system32\dllcache\csamsp.dll
2009-10-17 10:18:58 24176 -c--a-w- d:\winnt\system32\dllcache\agpcpq.sys
2009-10-17 10:17:59 8752 -c--a-w- d:\winnt\system32\dllcache\dot4scan.sys
2009-10-17 10:16:56 91920 -c--a-w- d:\winnt\system32\dllcache\acq32.dll
2009-10-17 10:16:55 38320 -c--a-w- d:\winnt\system32\dllcache\8514a.dll
2009-10-17 10:16:55 10928 -c--a-w- d:\winnt\system32\dllcache\4mmdat.sys
2009-10-17 10:16:54 801072 -c--a-w- d:\winnt\system32\dllcache\3cpciadi.sys
2009-10-17 10:16:54 792176 -c--a-w- d:\winnt\system32\dllcache\3cisaadi.sys
2009-10-17 10:16:54 774928 -c--a-w- d:\winnt\system32\dllcache\3cisati.sys
2009-10-17 10:16:53 763024 -c--a-w- d:\winnt\system32\dllcache\3cwmcru.sys
2009-10-17 10:16:52 40752 -c--a-w- d:\winnt\system32\dllcache\1394bus.sys
2009-10-17 10:16:52 22992 -c--a-w- d:\winnt\system32\dllcache\15_16wdm.sys
2009-10-11 22:08:36 0 d-----w- d:\program files\common files\SWF Studio
2009-10-11 22:06:24 0 d-----w- d:\winnt\Applian FLV Player
2009-10-10 12:08:08 1636 ----a-w- d:\winnt\system32\d3d9caps.dat
2009-10-10 12:04:38 0 d-----w- d:\docume~1\admini~1\applic~1\Camfrog
2009-10-05 19:42:23 0 d-----w- d:\program files\Microsoft Games
2009-10-04 14:36:10 0 d-----w- d:\docume~1\alluse~1\applic~1\TVU Networks
2009-10-04 13:04:16 0 d-----w- d:\docume~1\admini~1\applic~1\IObit
2009-10-04 13:04:14 0 d-----w- d:\program files\IObit
2009-10-04 12:33:38 0 d-----w- d:\program files\MSN Messenger
2009-10-04 12:33:38 0 d-----w- d:\program files\Messenger
2009-10-04 12:32:08 12560 -c--a-w- d:\winnt\system32\dllcache\tsbyuv.dll
2009-10-04 12:32:08 12560 ----a-w- d:\winnt\system32\tsbyuv.dll
2009-10-04 12:32:06 258320 ----a-w- d:\winnt\system32\msh263.drv
2009-10-04 12:32:05 45840 -c--a-w- d:\winnt\system32\dllcache\iyuv_32.dll
2009-10-04 12:32:05 45840 ----a-w- d:\winnt\system32\iyuv_32.dll
2009-10-04 12:32:01 51472 -c--a-w- d:\winnt\system32\dllcache\vfwwdm32.dll
2009-10-04 12:32:01 51472 ----a-w- d:\winnt\system32\vfwwdm32.dll
2009-10-04 12:31:51 68912 -c--a-w- d:\winnt\system32\dllcache\usbaudio.sys
2009-10-04 12:31:51 68912 ----a-w- d:\winnt\system32\drivers\USBAUDIO.sys
2009-10-04 12:29:00 94208 ----a-w- d:\winnt\amcap.exe
2009-10-04 12:28:58 843776 ----a-w- d:\winnt\vsnpstd3.exe
2009-10-04 12:28:57 262144 ----a-w- d:\winnt\tsnpstd3.exe
2009-10-04 12:28:57 15498 ----a-w- d:\winnt\snpstd3.ini
2009-10-04 12:28:57 13023 ----a-w- d:\winnt\snpstd3.src
2009-10-04 12:28:52 61440 ----a-w- d:\winnt\system32\vsnpstd3.dll
2009-10-04 12:28:52 172032 ----a-w- d:\winnt\system32\rsnpstd3.dll
2009-10-04 12:28:52 10246144 ----a-w- d:\winnt\system32\drivers\snpstd3.sys
2009-10-04 12:28:51 53248 ----a-w- d:\winnt\system32\csnpstd3.dll
2009-10-04 12:28:51 53248 ----a-w- d:\winnt\csnpstd3.dll
2009-10-04 12:28:51 0 d-----w- d:\program files\common files\snpstd3
2009-10-04 11:50:22 0 d-----w- d:\program files\SopCast
2009-10-04 11:49:54 0 d-----w- d:\documents and settings\administrator\LocalLow
2009-10-04 11:49:41 0 d-----w- d:\program files\TVUPlayer
2009-10-04 11:44:23 0 d-----w- d:\docume~1\admini~1\applic~1\Avant Profiles
2009-10-04 11:35:49 0 d-----w- d:\program files\IrfanView
2009-10-04 11:28:19 0 d-----w- d:\program files\Avant Browser
2009-10-04 10:59:38 0 d-----w- d:\program files\VideoLAN
2009-10-03 20:48:41 530192 ----a-w- d:\winnt\system32\COMCTL32.NU7
2009-10-03 20:48:18 24848 ----a-w- d:\winnt\system32\msjter35.dll
2009-10-03 20:48:18 123664 ----a-w- d:\winnt\system32\Msjint35.dll
2009-10-03 20:48:17 252176 ----a-w- d:\winnt\system32\msrd2x35.dll
2009-10-03 20:48:16 1046288 ----a-w- d:\winnt\system32\msjet35.dll
2009-10-03 20:48:15 368912 ----a-w- d:\winnt\system32\vbar332.dll
2009-10-03 20:47:59 37376 ----a-w- d:\winnt\system32\ven2232.olb
2009-10-03 20:46:00 0 d-----w- d:\docume~1\admini~1\applic~1\Symantec
2009-10-03 20:45:50 0 d-----w- d:\docume~1\alluse~1\applic~1\Symantec
2009-10-03 20:45:01 94208 ----a-w- d:\winnt\system32\msstkprp.dll
2009-10-03 20:45:01 89600 ----a-w- d:\winnt\system32\MSCAL.OCX
2009-10-03 20:45:00 609584 ----a-w- d:\winnt\system32\COMCTL32.OCX
2009-10-03 20:44:58 306688 ----a-w- d:\winnt\IsUninst.exe

==================== Find3M ====================

2009-10-01 21:43:45 58000 ----a-w- d:\winnt\system32\drivers\cdr4_2K.sys
2009-10-01 21:43:45 57344 ----a-w- d:\winnt\uneng.exe
2009-10-01 21:43:45 49152 ----a-w- d:\winnt\system32\cdrtc.dll
2009-10-01 21:43:45 45056 ----a-w- d:\winnt\system32\cdral.dll
2009-10-01 21:43:45 401462 ----a-w- d:\winnt\system32\Msvcp60.dll
2009-10-01 21:43:45 23420 ----a-w- d:\winnt\system32\drivers\cdralw2k.sys
2009-10-01 19:27:02 271 ---h--w- d:\program files\desktop.ini
2009-10-01 19:27:02 21952 ---h--w- d:\program files\folder.htt
2009-10-01 19:25:52 15012 ----a-w- d:\winnt\system32\emptyregdb.dat
2009-08-05 05:04:36 90164 ----a-w- d:\winnt\system32\atl.dll
2003-06-18 12:00:00 32528 ----a-w- d:\winnt\inf\wbfirdma.sys

============= FINISH: 17:24:27.10 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:08:06 PM

Posted 08 November 2009 - 10:16 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 james909

james909
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:06 AM

Posted 08 November 2009 - 12:41 PM

Got fed up so reformatted and installed TinXP and Avast anti virus, so far no problems.

#4 thewall

thewall

  • Malware Response Team
  • 6,425 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:06 PM

Posted 09 November 2009 - 11:36 AM

Thanks for letting us know. Good luck to you in the future. :(



Since this issue appears to be resolved ... this Topic has been closed.

If your the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
If I have helped you then please consider donating so I can continue the fight against malware Posted Image
All donations go directly to the helper

Posted Image

Due to the large amount of backlogs we have I cannot respond to PMs for help unless I am already working with you




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users