Thread: Constant popups when I use the internet-with things like antiviruspro etc.
View Single Post
Old 12-04-2008, 06:41 AM   #3 (permalink)
awaise
Registered User
 
Join Date: Jun 2008
Posts: 24
OS: Microsoft Windows XP Professional Version 2002


Re: Constant popups when I use the internet-with things like antiviruspro etc.
hi heres the DDS log:


DDS (Version 1.0) - NTFSx86
Run by Home at 13:35:44.85 on 04/12/2008
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.447.122 [GMT 0:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Home\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: {e9977cec-9e1e-43fc-a880-7c57a9507f62} - c:\windows\system32\yeyapoyu.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [EPSON Stylus Photo RX500] c:\windows\system32\spool\drivers\w32x86\3\E_S4I0K2.EXE /P24 "EPSON Stylus Photo RX500" /O6 "USB001" /M "Stylus Photo RX500"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [nosurepibi] Rundll32.exe "c:\windows\system32\josoguyi.dll",s
mRun: [5cadcbaa] rundll32.exe "c:\windows\system32\raromozo.dll",b
mRun: [CPM5f9ef836] Rundll32.exe "c:\windows\system32\dazetaha.dll",a
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
AppInit_DLLs: c:\windows\system32\huyajuni.dll avgrsstx.dll c:\windows\system32\juborafe.dll c:\windows\system32\dazetaha.dll
SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\dazetaha.dll
STS: {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\dazetaha.dll
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
LSA: Notification Packages = scecli c:\windows\system32\juborafe.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-11-30 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-11-30 26824]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2008-11-30 394192]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-11-30 231704]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service []

=============== Created Last 30 ================

2008-12-04 13:32 250 a------- c:\windows\gmer.ini
2008-12-04 13:07 1,403,979 ---sh--- c:\windows\system32\ayufusel.ini
2008-12-03 22:19 <DIR> --d----- c:\program files\common files\xing shared
2008-12-03 22:18 499,712 a------- c:\windows\system32\msvcp71.dll
2008-12-03 22:18 <DIR> --d----- c:\program files\common files\Real
2008-12-03 13:36 1,330,184 ---sh--- c:\windows\system32\umidomav.ini
2008-12-02 21:51 <DIR> --d----- c:\docume~1\home\applic~1\Dealio
2008-12-02 21:50 <DIR> --d----- c:\windows\system32\custom matrices
2008-12-02 21:49 <DIR> --d----- c:\windows\system32\QuickTime
2008-12-02 21:49 <DIR> --d----- c:\windows\system32\C2MP
2008-12-02 16:01 1,330,220 ---sh--- c:\windows\system32\ozomorar.ini
2008-12-01 16:16 268 a---h--- C:\sqmdata04.sqm
2008-12-01 16:16 268 a---h--- C:\sqmdata03.sqm
2008-12-01 16:16 244 a---h--- C:\sqmnoopt03.sqm
2008-12-01 16:16 172 a---h--- C:\sqmnoopt04.sqm
2008-12-01 16:16 120 ---sh--- c:\windows\system32\ozirusat.ini
2008-11-30 21:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\UDL
2008-11-30 21:14 131,072 a------- c:\windows\system32\Epcmlib.dll
2008-11-30 17:41 96,768 a------- c:\windows\SlantAdj.dll
2008-11-30 17:41 73,216 a------- c:\windows\ADE.DLL
2008-11-30 17:41 3,136 a------- c:\windows\Ade001.bin
2008-11-30 17:41 72 -------- c:\windows\system32\epDPE.ini
2008-11-30 17:41 <DIR> --d----- c:\program files\Smart Panel
2008-11-30 17:38 75,501 a------- c:\windows\system32\EBPMON24.DLL
2008-11-30 17:38 64,000 a------- c:\windows\system32\ECBTEG.DLL
2008-11-30 17:38 34,304 a------- c:\windows\system32\EBPCHP.DLL
2008-11-30 17:38 31,744 a------- c:\windows\system32\E_DCINST.DLL
2008-11-30 17:38 182 a------- c:\windows\system32\EBPPORT4.DAT
2008-11-30 17:37 26,660 a------- c:\windows\EPSTPLOG.BAK
2008-11-30 17:30 268 a---h--- C:\sqmdata02.sqm
2008-11-30 17:30 244 a---h--- C:\sqmnoopt02.sqm
2008-11-30 17:21 15,104 ac------ c:\windows\system32\dllcache\usbscan.sys
2008-11-30 17:21 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2008-11-30 17:21 46,080 a------- c:\windows\system32\escimgd.dll
2008-11-30 17:21 29,696 a------- c:\windows\system32\escwiad.dll
2008-11-30 17:21 22,528 a------- c:\windows\system32\esccmd.dll
2008-11-30 17:21 <DIR> --d----- c:\program files\EPSON
2008-11-30 17:20 27 a------- c:\windows\CDE RX500E.ini
2008-11-30 17:10 268 a---h--- C:\sqmdata01.sqm
2008-11-30 17:10 244 a---h--- C:\sqmnoopt01.sqm
2008-11-30 17:07 25,856 ac------ c:\windows\system32\dllcache\usbprint.sys
2008-11-30 17:07 25,856 a------- c:\windows\system32\drivers\usbprint.sys
2008-11-30 17:07 31,616 ac------ c:\windows\system32\dllcache\usbccgp.sys
2008-11-30 17:07 31,616 a------- c:\windows\system32\drivers\usbccgp.sys
2008-11-30 15:15 <DIR> --d-h--- C:\$AVG8.VAULT$
2008-11-30 15:09 268 a---h--- C:\sqmdata00.sqm
2008-11-30 15:09 244 a---h--- C:\sqmnoopt00.sqm
2008-11-30 15:07 4,212 ----h--- c:\windows\system32\zllictbl.dat
2008-11-30 15:07 1,087,216 a------- c:\windows\system32\zpeng24.dll
2008-11-30 15:07 <DIR> --d----- c:\windows\system32\ZoneLabs
2008-11-30 14:56 47,197 a------- c:\windows\system32\vsconfig.xml
2008-11-30 14:52 10,520 a------- c:\windows\system32\avgrsstx.dll
2008-11-30 14:52 97,928 a------- c:\windows\system32\drivers\avgldx86.sys
2008-11-30 14:52 <DIR> --d----- c:\windows\system32\drivers\Avg
2008-11-30 14:52 <DIR> --d----- c:\docume~1\home\applic~1\AVGTOOLBAR
2008-11-30 14:52 <DIR> --d----- c:\program files\AVG
2008-11-30 14:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2008-11-30 14:50 1,300,339 ---sh--- c:\windows\system32\obakepak.ini
2008-11-30 14:45 62,464 a------- c:\windows\system32\~.exe
2008-11-30 14:35 <DIR> --d----- c:\program files\Zone Labs
2008-11-30 14:35 <DIR> --d----- c:\windows\Internet Logs
2008-11-30 14:33 3,426,072 a------- c:\windows\system32\d3dx9_32.dll
2008-11-30 14:31 90,435,952 a------- C:\directx_nov2008_redist.exe
2008-11-30 14:23 32,592 a------- c:\windows\system32\msonpmon.dll
2008-11-30 14:18 <DIR> --d----- c:\windows\SHELLNEW
2008-11-30 14:13 <DIR> --d----- c:\documents and settings\home\Contacts
2008-11-30 14:13 <DIR> --d----- c:\program files\MSN Messenger
2008-11-30 14:10 <DIR> --d----- c:\windows\RegisteredPackages
2008-11-30 14:05 345 a------- c:\windows\system32\NVU002.nvu
2008-11-30 13:52 <DIR> --ds---- c:\documents and settings\home\UserData
2008-11-30 13:46 <DIR> --ds---- c:\windows\system32\Microsoft
2008-11-30 13:42 239 a------- c:\windows\system32\NVU001.nvu
2008-11-30 13:42 110,592 a------- c:\windows\system32\NVUninst.exe
2008-11-30 13:38 98,304 -------- c:\windows\system32\nvuide.exe
2008-11-30 13:38 634 -------- c:\windows\system32\nvide.nvu
2008-11-30 13:38 110,592 -------- c:\windows\system32\nvusmb.exe
2008-11-30 13:38 699 -------- c:\windows\system32\nvsmb.nvu
2008-11-30 13:38 110,592 -------- c:\windows\system32\nvumctl.exe
2008-11-30 13:38 1,217 -------- c:\windows\system32\nvmctl.nvu
2008-11-30 13:37 9,801 a----r-- c:\windows\system32\nvdisp.nvu
2008-11-30 13:37 98,304 a------- c:\windows\system32\nvudisp.exe
2008-11-30 13:37 <DIR> --d----- c:\windows\nview
2008-11-30 13:35 <DIR> --d----- c:\windows\ServicePackFiles
2008-11-30 13:33 2,897,920 -------- c:\windows\system32\xpsp2res.dll
2008-11-30 13:32 19,528 a------- c:\windows\002234_.tmp
2008-11-30 13:32 <DIR> --d----- c:\windows\system32\ReinstallBackups
2008-11-30 13:32 15,872 a------- c:\windows\system32\spupdsvc.exe
2008-11-30 13:31 26,496 ac------ c:\windows\system32\dllcache\usbstor.sys
2008-11-30 13:30 <DIR> --d----- c:\windows\EHome
2008-11-30 13:26 <DIR> --dsh--- c:\windows\Installer
2008-11-30 13:26 <DIR> --d----- c:\documents and settings\Home
2008-11-30 13:25 8,192 a------- c:\windows\REGLOCS.OLD
2008-11-30 13:23 31,744 ac------ c:\windows\system32\dllcache\smb6w.dll
2008-11-30 13:22 108,827 ac------ c:\windows\system32\dllcache\hanja.lex
2008-11-30 13:21 2,577 a------- c:\windows\system32\CONFIG.NT
2008-11-30 13:21 0 a------- c:\windows\control.ini
2008-11-30 13:21 25,065 a------- c:\windows\system32\wmpscheme.xml
2008-11-30 13:21 23,392 a------- c:\windows\system32\nscompat.tlb
2008-11-30 13:21 16,832 a------- c:\windows\system32\amcompat.tlb
2008-11-30 13:21 299,552 a------- c:\windows\WMSysPrx.prx
2008-11-30 13:21 <DIR> --dsh--- c:\documents and settings\all users\DRM
2008-11-30 13:19 <DIR> --d----- c:\program files\common files\MSSoap
2008-11-30 13:18 <DIR> --d-h--- c:\program files\WindowsUpdate
2008-11-30 13:18 <DIR> --d----- c:\program files\Online Services
2008-11-30 13:18 <DIR> --d----- c:\program files\Messenger
2008-11-30 13:18 <DIR> --d----- c:\program files\MSN Gaming Zone
2008-11-30 13:18 <DIR> --d----- c:\program files\Windows NT
2008-11-30 13:13 <DIR> --d----- c:\program files\common files\ODBC
2008-11-30 13:13 <DIR> --d----- c:\program files\common files\SpeechEngines
2008-11-30 13:12 <DIR> --d--r-- c:\documents and settings\all users\Documents

==================== Find3M ====================

2008-12-04 13:07 92,725 a--sh--- c:\windows\system32\dazetaha.dll
2008-12-04 13:07 87,605 a--sh--- c:\windows\system32\lesufuya.dll
2008-12-04 13:07 64,053 a--sh--- c:\windows\system32\riwakabe.dll
2008-12-03 22:18 348,160 a------- c:\windows\system32\msvcr71.dll
2008-12-03 13:36 94,261 a--sh--- c:\windows\system32\nezovefo.dll
2008-12-03 13:36 85,557 -------- c:\windows\system32\vamodimu.dll
2008-12-02 16:01 86,580 a--sh--- c:\windows\system32\raromozo.dll
2008-12-02 16:01 93,748 a--sh--- c:\windows\system32\nebiteda.dll
2008-12-02 16:01 65,076 a--sh--- c:\windows\system32\henemate.dll
2008-11-30 13:41 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-11-30 13:19 21,640 a------- c:\windows\system32\emptyregdb.dat
2008-10-27 10:04 514,384 a------- c:\windows\system32\XAudio2_3.dll
2008-10-27 10:04 235,856 a------- c:\windows\system32\xactengine3_3.dll
2008-10-27 10:04 23,376 a------- c:\windows\system32\X3DAudio1_5.dll
2008-10-27 10:04 70,992 a------- c:\windows\system32\XAPOFX1_2.dll
2008-10-10 04:52 4,379,984 a------- c:\windows\system32\D3DX9_40.dll
2008-10-10 04:52 2,036,576 a------- c:\windows\system32\D3DCompiler_40.dll
2008-10-10 04:52 452,440 a------- c:\windows\system32\d3dx10_40.dll
2008-09-04 13:07 64,053 a--sh--- c:\windows\system32\josoguyi.dll
2008-09-04 13:07 64,053 a--sh--- c:\windows\system32\juborafe.dll
2008-09-01 16:16 95,744 a--sh--- c:\windows\system32\mijejabe.dll
2008-09-04 13:07 64,053 a--sh--- c:\windows\system32\yeyapoyu.dll

============= FINISH: 13:36:46.31 ===============
Attached Files
File Type: txt gmer.txt (701 Bytes, 1 views)
File Type: txt Attach.txt (5.7 KB, 1 views)
awaise is offline