Tech Support Forum banner
Status
Not open for further replies.
1 - 3 of 3 Posts

·
Registered
Joined
·
2 Posts
Hi,
I am getting annoying popup ads in IE even I am working with Firefox. Most of the time they are from http://ad.tlvmedia.co..... I have scanned my PC with Kaspersky AV with latest update. I have adblock feature on ... Firefox.

Please help me.


DDS (Ver_10-03-17.01) - FAT32x86
Run by 123 at 20:03:04.57 on Sat 08/28/2010
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1015.412 [GMT 5.5:30]

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WIN\system32\svchost -k DcomLaunch
SVCHOST.EXE
C:\WIN\System32\svchost.exe -k netsvcs
SVCHOST.EXE
C:\WIN\system32\spoolsv.exe
C:\WIN\Explorer.EXE
C:\WIN\system32\igfxtray.exe
C:\WIN\RTHDCPL.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WIN\system32\sqlserv.exe
C:\WIN\ALCMTR.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WIN\system32\ctfmon.exe
C:\WIN\system32\CNAB4RPK.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Mozilla FireFox\firefox.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Program Files\Mozilla FireFox\plugin-container.exe
C:\Documents and Settings\123\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\win\system32\ctfmon.exe
mRun: [IgfxTray] c:\win\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\win\system32\hkcmd.exe
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
mRun: [MotiveReportAgent] "c:\program files\common files\motive\mccibootstrapper.exe" /url="-appkey=motive -windowcontext=reportagent -url=file://c:\program files\common files\motive\reportagent.html" /browsertype=custommsie /browserpath="c:\program files\common files\motive\MotiveBrowser.exe" /hidden
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
IE: Add to Banner Ad Blocker - c:\program files\kaspersky lab\kaspersky internet security 2009\ie_banner_deny.htm
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file://c:\win\java\classes\xmldso.cab
DPF: {7D01D275-A46C-11D6-AA03-0050BA8D7BC3} - hxxp://class.bmastock.com/cgi-bin/Backoffice/Printingpage/PrnProcess.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {8D7D845A-6CD5-4F10-980B-CEB4870B6F9B} - hxxp://class.bmastock.com/cgi-bin/first/delprocess/DpChrgCtlPrj.CAB
DPF: {9CAD21BE-7616-45D6-AC21-51828658B2AB} - hxxp://class.bmastock.com/cgi-bin/ClassDll/ClassDllCtlPrj.CAB
DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {836DA2E1-3889-460C-B140-F38005E8BA0D} = 218.248.255.148,218.248.255.139
TCP: {C7738AB2-5C6E-4FF1-8C3E-7EB6085E2834} = 218.248.255.212 218.248.241.2
Notify: igfxcui - igfxsrvc.dll
Notify: klogon - c:\win\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\123\applic~1\mozilla\firefox\profiles\iivxcnk9.default\
FF - prefs.js: browser.startup.homepage -
FF - component: c:\documents and settings\123\application data\mozilla\firefox\profiles\iivxcnk9.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\program files\siber systems\ai roboform\firefox\components\rfproxy_31.dll
FF - plugin: c:\documents and settings\123\application data\mozilla\firefox\profiles\iivxcnk9.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npExentCtl.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npnul32.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPOFFICE.DLL

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\win\system32\drivers\kl1.sys [2008-7-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\win\system32\drivers\klbg.sys [2008-1-29 33808]
R1 KLIF;Kaspersky Lab Driver;c:\win\system32\drivers\klif.sys [2010-5-8 213520]
R2 avp;avp;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe [2008-7-29 208616]
R2 SqlDebuger;SqlDebuger;c:\win\system32\sqlserv.exe [2010-7-19 34816]
R2 TCPZ;TCP Half Open Limited Patcher ( TCP-Z);c:\win\system32\drivers\tcpz-x86d.sys [2010-7-19 23040]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\win\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\win\system32\drivers\klim5.sys [2008-4-30 24592]
S2 Ast Service;Ast Service;c:\win\system32\\astsrv.exe --> c:\win\system32\\AstSrv.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-17 136176]
S2 HglSrv;Home Group Listen Service;c:\win\system32\svchost.exe -k HglSrv [2004-8-3 14336]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\win\system32\svchost.exe -k nosGetPlusHelper [2004-8-3 14336]

=============== Created Last 30 ================

2010-08-28 04:18:16 0 d-sh--w- C:\FOUND.012
2010-08-27 16:20:06 0 d-sh--w- C:\FOUND.011
2010-08-25 17:49:16 0 d-----w- C:\C-DAC
2010-08-25 17:44:50 0 d-----w- c:\program files\IMRC
2010-08-25 17:44:01 162304 ----a-w- c:\program files\UNWISE.EXE
2010-08-25 17:42:38 734141 ----a-w- c:\win\unins000.exe
2010-08-25 17:42:38 10773 ----a-w- c:\win\unins000.dat
2010-08-25 13:50:39 8192 ----a-w- c:\win\system32\kbdkor.dll
2010-08-25 13:50:39 8192 ----a-w- c:\win\system32\dllcache\kbdkor.dll
2010-08-25 13:50:38 8704 ----a-w- c:\win\system32\kbdjpn.dll
2010-08-25 13:50:38 8704 ----a-w- c:\win\system32\dllcache\kbdjpn.dll
2010-08-25 13:50:38 6144 ----a-w- c:\win\system32\kbd106.dll
2010-08-25 13:50:38 6144 ----a-w- c:\win\system32\dllcache\kbd106.dll
2010-08-25 13:50:38 5632 ----a-w- c:\win\system32\kbd103.dll
2010-08-25 13:50:38 5632 ----a-w- c:\win\system32\dllcache\kbd103.dll
2010-08-25 13:50:37 6144 ----a-w- c:\win\system32\kbd101c.dll
2010-08-25 13:50:37 6144 ----a-w- c:\win\system32\kbd101b.dll
2010-08-25 13:50:37 6144 ----a-w- c:\win\system32\dllcache\kbd101c.dll
2010-08-25 13:50:37 6144 ----a-w- c:\win\system32\dllcache\kbd101b.dll
2010-08-25 13:05:27 0 d-----w- c:\win\system32\appmgmt
2010-08-25 12:44:32 712704 ----a-w- c:\win\system32\azlibra1free5.dll
2010-08-25 12:44:32 32768 ----a-w- c:\win\system32\venkeys2.dll
2010-08-25 12:44:32 32768 ----a-w- c:\win\system32\venkeys.dll
2010-08-25 12:44:32 32768 ----a-w- c:\win\system32\saindra.dll
2010-08-25 12:44:32 249856 ----a-w- c:\win\system32\myazreaz.ocx
2010-08-25 12:44:32 19456 ----a-w- c:\win\system32\vsinsv32.dll
2010-08-25 12:44:32 176640 ----a-w- c:\win\system32\sbwgcs32.dll
2010-08-25 12:44:31 198640 ----a-w- c:\win\system32\mci32.ocx
2010-08-25 12:44:31 137000 ----a-w- c:\win\system32\msmapi32.ocx
2010-08-25 12:44:30 0 d-----w- c:\program files\Azhagi
2010-08-25 10:00:53 71 ----a-w- c:\win\ntwinkbd.INI
2010-08-25 09:40:40 0 d-----w- c:\program files\AkMarTypeAssist
2010-08-25 09:39:11 0 d-----w- c:\program files\Akruti Marathi MultiFont Engine
2010-08-25 07:36:49 0 d-----w- c:\program files\Canon
2010-08-25 07:34:41 25856 ----a-w- c:\win\system32\drivers\usbprint.sys
2010-08-25 07:34:41 25856 ----a-w- c:\win\system32\dllcache\usbprint.sys
2010-08-22 04:40:20 0 d-----w- c:\win\pss
2010-08-20 12:34:22 0 d-sh--w- C:\FOUND.010
2010-08-18 02:22:32 0 d-----w- C:\KasperskyTrial
2010-08-16 15:35:01 0 d-----w- c:\program files\Omegatron
2010-07-30 03:34:08 0 d-sh--w- C:\FOUND.009
2010-07-29 15:26:52 81920 ----a-w- c:\win\system32\hglasclib.dll
2010-07-29 15:17:23 359040 ----a-w- c:\win\system32\drivers\tcpip.sys.bck

==================== Find3M ====================

2010-08-27 14:58:48 40992 --sha-w- c:\win\system32\drivers\fidbox2.dat
2010-08-27 14:58:48 3316 --sha-w- c:\win\system32\drivers\fidbox2.idx
2010-08-27 14:58:48 14652 --sha-w- c:\win\system32\drivers\fidbox.idx
2010-08-27 14:58:48 1200672 --sha-w- c:\win\system32\drivers\fidbox.dat
2010-08-25 17:49:14 51132 ------w- c:\win\fonts\MRTTDhruvN.TTF
2010-08-25 17:44:12 4768 ----a-w- c:\program files\INSTALL.LOG
2010-08-25 17:40:28 72568 ------w- c:\win\fonts\MRTTMadhuB.TTF
2010-08-25 17:40:28 72520 ------w- c:\win\fonts\MRTTMadhuBI.TTF
2010-08-25 17:40:28 64364 ------w- c:\win\fonts\MRTTSwapnilB.TTF
2010-08-25 17:40:28 51692 ------w- c:\win\fonts\MRTTKundanI.TTF
2010-08-25 17:40:28 51596 ------w- c:\win\fonts\MRTTSagarBI.TTF
2010-08-25 17:40:28 49948 ------w- c:\win\fonts\MRTTMaliniB.TTF
2010-08-25 14:47:26 72148 ----a-w- c:\win\fonts\JAIPUR__.TTF
2010-08-25 09:39:32 787968 ----a-w- c:\win\is-G0EB2.exe
2010-07-29 16:57:34 97549 ----a-w- c:\win\system32\drivers\klick.dat
2010-07-29 16:57:34 113933 ----a-w- c:\win\system32\drivers\klin.dat
2010-07-29 15:26:52 23040 ----a-w- c:\win\system32\drivers\tcpz-x86d.sys
2010-07-19 16:18:20 11360 ----a-w- c:\win\system32\Sqldebug.exe
2010-07-19 16:13:10 34816 ----a-w- c:\win\system32\sqlserv.exe
2010-07-19 15:10:14 86016 --sha-w- c:\win\427594312.tmp
2010-07-19 15:10:14 20480 --sha-w- c:\win\427594546.tmp
2010-07-16 23:30:04 423656 ----a-w- c:\win\system32\deployJava1.dll
2010-06-26 14:01:14 43396 ----a-w- c:\win\fonts\klip.ttf
2010-06-04 15:40:34 875520 ----a-w- c:\win\system32\VFP6RENU.DLL
2010-06-04 15:40:34 3370768 ----a-w- c:\win\system32\VFP6R.DLL
2010-06-04 15:40:34 24991 ----a-w- c:\win\system32\VFP6RUN.EXE
2010-06-04 15:40:32 1584913 ----a-w- c:\win\system32\GRAPH8.EXE

============= FINISH: 20:04:05.37 ===============
 

Attachments

·
TSF Security Manager, Emeritus
Joined
·
42,836 Posts
Hello sach007,

Download TFC (Temp File Cleaner) to your desktop.
  • Save any unsaved work as TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • If prompted, click "Yes" to reboot.

=============================

Next, download Malwarebytes' Anti-Malware to your desktop.


  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Save it to your desktop.
Note: Malwarebytes' Anti-Malware may require a reboot to complete removals. After a reboot, if required, post that saved log in your next reply along with an update on system behavior.
 
1 - 3 of 3 Posts
Status
Not open for further replies.
Top