• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
Sign in to follow this  
Followers 0
Andrei30

Virus? Trojan Heur.html (v) high risk

23 posts in this topic

Hello, hope somebody can help me out. EVERYTIME i run ad aware scan IT detects Heur.HTML.MalIframe (v) virus. I try to delete or disinfect. But IT comes back everytime under a different name. PLEASE HELP.

Share this post


Link to post
Share on other sites
Hi,

Do you have Ad-Aware log handy/does the program show what item A-A detects as mentioned bad item?

Download DDS and save it to your desktop from [url=http://download.bleepingcomputer.com/sUBs/dds.com][b][color=seagreen]here[/color][/b][/url] or [url=http://download.bleepingcomputer.com/sUBs/dds.scr][b][color=seagreen]here[/color][/b][/url] or [url=http://www.forospyware.com/sUBs/dds][b][color=seagreen]here[/color][/b][/url].
Disable any script blocker, and then double click [b]dds file [/b]to run the tool. [list]
[*]When done, DDS will open two (2) logs: [list=1]
[*] DDS.txt
[*] Attach.txt
[/list]
[*]Save both reports to your desktop. Post them back to your topic.
[/list]

Share this post


Link to post
Share on other sites
[url="http://www.lavasoftsupport.com/index.php?/topic/32703-false-positive/"]http://www.lavasoftsupport.com/index.php?/topic/32703-false-positive/[/url]

a guy on another forum helped me with it and reported a false positive, Please read it, but i still have problems..it don't go away..

Share this post


Link to post
Share on other sites
Hi,

Andy said in that topic that it's not an FP.

Please post those DDS logs I requested. Shall see if anything shows up there.

Share this post


Link to post
Share on other sites
dds:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Adrian at 20:27:51 on 2012-08-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4014.2731 [GMT 2:00]
.
AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Apoint\Apoint.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SVED&bmod=EU01
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{BB9F53EC-CA10-40D8-B7C0-543D3FA66BF5} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D159199D-EE9B-4BCF-8890-EB975F67B3A8}\35562767963656023456E6475627 : DhcpNameServer = 194.45.61.105
TCP: Interfaces\{D159199D-EE9B-4BCF-8890-EB975F67B3A8}\379616D647279616E676C65686F64756C60233 : DhcpNameServer = 192.168.2.254
TCP: Interfaces\{D159199D-EE9B-4BCF-8890-EB975F67B3A8}\6546162716D277966696 : DhcpNameServer = 203.113.127.199 203.113.24.199
TCP: Interfaces\{D159199D-EE9B-4BCF-8890-EB975F67B3A8}\77C616E6D21607 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D159199D-EE9B-4BCF-8890-EB975F67B3A8}\84F67656373686F6F6C602A5579746 : DhcpNameServer = 145.91.233.102 145.91.233.101
TCP: Interfaces\{D159199D-EE9B-4BCF-8890-EB975F67B3A8}\C696E6B6379737 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D159199D-EE9B-4BCF-8890-EB975F67B3A8}\F65727F586F6D65623 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{ECAC08B3-C1F7-4AC0-B7F0-FE655B404CE9} : DhcpNameServer = 115.178.58.26 115.178.58.10
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{6c97a91e-4524-4019-86af-2aa2d567bf5c}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{6c97a91e-4524-4019-86af-2aa2d567bf5c}
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 SbFw;SbFw;C:\Windows\system32\drivers\SbFw.sys --> C:\Windows\system32\drivers\SbFw.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-7-12 1239952]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-3-26 13336]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 regi;regi;\??\C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?]
R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]
R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]
R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-6-27 1326176]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-5-26 104960]
R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-5-19 549616]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-2-19 386416]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-9-17 845312]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
R3 NETw5s64;Intel(R) Wireless WiFi Link adapter stuurprogramma onder Windows 7 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\system32\DRIVERS\SBFWIM.sys --> C:\Windows\system32\DRIVERS\SBFWIM.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]
R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]
R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-5-26 574320]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-10-26 101112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-26 135664]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-11-25 362992]
S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-6-6 259192]
S2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-6-27 681056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-30 250056]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-26 135664]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
S3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-11-25 313840]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;C:\Windows\system32\DRIVERS\sbfwim.sys --> C:\Windows\system32\DRIVERS\sbfwim.sys [?]
S3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]
S3 sbwtis;sbwtis;C:\Windows\system32\DRIVERS\sbwtis.sys --> C:\Windows\system32\DRIVERS\sbwtis.sys [?]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-9-10 108400]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-9-10 67952]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-2-18 99104]
S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-4-14 44736]
S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-08-10 09:42:44 -------- d-----w- C:\Users\Adrian\AppData\Local\{A2A86E56-79D8-42BF-8224-2B37B477AF6D}
2012-08-10 09:42:30 -------- d-----w- C:\Users\Adrian\AppData\Local\{3604A6E5-7158-4CED-B1C1-90E3086A8E10}
2012-08-10 09:01:06 -------- d-----w- C:\Users\Adrian\AppData\Local\{0B6417C3-DE0E-4586-97C0-500962272C0E}
2012-08-10 09:00:42 -------- d-----w- C:\Users\Adrian\AppData\Local\{6EBA66E0-E2A3-40E9-B515-7189CC48EBC6}
2012-08-09 14:39:55 -------- d-----w- C:\Users\Adrian\AppData\Local\{E2D323F7-44EE-4D96-8E7B-F0FA0FB725A0}
2012-08-09 14:39:22 -------- d-----w- C:\Users\Adrian\AppData\Local\{FED6B781-6052-41BB-B80E-39F43C473D0F}
2012-08-09 14:19:54 -------- d-----w- C:\Users\Adrian\AppData\Local\{704EA434-ED62-4BEC-9F90-B671BF1651AE}
2012-08-09 14:19:38 -------- d-----w- C:\Users\Adrian\AppData\Local\{21FCCBC6-6575-41F2-A61A-BDEEFBA10110}
2012-08-09 11:23:49 -------- d-----w- C:\Users\Adrian\AppData\Local\{66621BC6-1E62-46EC-B9B1-96F873219A5D}
2012-08-09 11:23:37 -------- d-----w- C:\Users\Adrian\AppData\Local\{41A710AA-99AA-4A11-AA24-F97203FC0F3F}
2012-08-08 19:42:34 -------- d-----w- C:\Program Files\AVAST Software
2012-08-08 12:48:26 -------- d-s---w- C:\ComboFix
2012-08-08 12:45:56 -------- d-sh--w- C:\$RECYCLE.BIN
2012-08-07 23:21:39 -------- d-----w- C:\ProgramData\AVAST Software
2012-08-07 04:26:36 -------- d-----w- C:\Users\Adrian\AppData\Roaming\SUPERAntiSpyware.com
2012-08-06 21:22:13 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-08-06 12:37:08 251560 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-08-06 12:37:08 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-08-06 12:36:30 -------- d-----w- C:\Users\Adrian\AppData\Roaming\TestApp
2012-08-06 12:36:30 -------- d-----w- C:\ProgramData\PC Tools
2012-07-21 21:06:38 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-07-21 21:06:38 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-07-21 21:06:38 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-07-21 21:06:38 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-07-21 21:06:38 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-07-21 21:06:38 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-07-21 21:06:38 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-07-21 21:00:51 -------- d-----w- C:\Users\Adrian\AppData\Local\Secunia PSI
2012-07-21 21:00:45 -------- d-----w- C:\Program Files (x86)\Secunia
2012-07-20 13:54:24 -------- d-----w- C:\Users\Adrian\AppData\Local\adaware
2012-07-20 13:53:17 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3A4C796C-4138-46FB-A9BB-82729BB5A35B}\mpengine.dll
2012-07-19 17:31:04 -------- d-----w- C:\Users\Adrian\AppData\Local\Downloaded Installations
.
==================== Find3M ====================
.
2012-08-04 08:51:45 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-04 08:51:45 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-09 20:21:38 955840 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-07-09 20:21:38 839096 ----a-w- C:\Windows\System32\deployJava1.dll
2012-06-24 11:53:46 18760 ----a-w- C:\Windows\SysWow64\QQVistaHelper.dll
2012-06-12 03:08:36 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 20:29:13,74 ===============

attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 17-9-2010 21:10:55
System Uptime: 10-8-2012 20:25:41 (0 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz | N/A | 2400/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 455 GiB total, 383,91 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Description: HID Non-User Input Data Filter
Device ID: HID\VID_045E&PID_00E1&COL01\7&62AAA1D&0&0000
Manufacturer: Microsoft
Name: HID Non-User Input Data Filter
PNP Device ID: HID\VID_045E&PID_00E1&COL01\7&62AAA1D&0&0000
Service:
.
==== System Restore Points ===================
.
RP369: 8-8-2012 14:49:06 - ComboFix created restore point
RP370: 8-8-2012 16:13:09 - Herstelbewerking
RP371: 8-8-2012 21:42:17 - avast! Free Antivirus Setup
RP372: 9-8-2012 13:14:32 - VAIO Care Automatic Restore Point
RP373: 9-8-2012 17:32:59 - avast! Free Antivirus Setup
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
Ad-Aware Browsing Protection
Ad-Aware Security Toolbar
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.1
Apple Application Support
Apple Software Update
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 3
µTorrent
Corel WinDVD
D3DX10
Evernote
Google Chrome
Google Update Helper
Instellingen voor het controleren van inhoud VAIO
Intel(R) Control Center
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Driver
Java Auto Updater
Java(TM) 7 Update 5
JavaFX 2.1.1
Junk Mail filter update
Media Gallery
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Dutch) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Dutch) 2007
Microsoft Office Groove MUI (Dutch) 2007
Microsoft Office InfoPath MUI (Dutch) 2007
Microsoft Office OneNote MUI (Dutch) 2007
Microsoft Office Outlook MUI (Dutch) 2007
Microsoft Office PowerPoint MUI (Dutch) 2007
Microsoft Office Project 2007 Service Pack 3 (SP3)
Microsoft Office Project MUI (Dutch) 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proofing (Dutch) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Dutch) 2007
Microsoft Office Shared MUI (Dutch) 2007
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (Dutch) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (Dutch) 2007
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MusicStation
Norton Online Backup
Ondersteuning voor VAIO Transfer
PMB
PMB VAIO Edition Guide
PMB VAIO Edition Plug-in
QuickTime
Realtek High Definition Audio Driver
Remote Keyboard
Remote Play with PlayStation 3
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Secunia PSI (3.0.0.2004)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)
Setting Utility Series
SOHLib Merge Module
Sony Home Network Library
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
VAIO - PMB VAIO Edition Guide
VAIO - PMB VAIO Edition Plug-in
VAIO - Remote-play bij PlayStation®3
VAIO - Remote-toetsenbord
VAIO Care
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data
VAIO Energiebeheer
VAIO Entertainment Platform
VAIO Event Service
VAIO Gate
VAIO Gate Default
VAIO Hardware Diagnostics
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Movie Story Template Data
VAIO Oorspronkelijke functie-instellingen
VAIO Premium Partners
VAIO screensaver
VAIO Smart Network
VAIO Update
VAIO Wallpaper Contents
VAIO Window Organizer
VLC media player 2.0.2
VU5x86
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== End Of File ===========================

Share this post


Link to post
Share on other sites
Hi,

Have you tried to reinstall Chrome yet?

1. Uninstall Google Chrome via Programs and Features.
2. Press window button + e to bring up Computer window. Copy-paste this in the address text field: [b]C:\Users\Adrian\AppData\Local\Google[/b] (and press enter). Delete [b]Chrome[/b] folder if it exists there.
3. Reinstall [url="https://www.google.com/intl/en/chrome/#cds"]Google Chrome[/url].

Share this post


Link to post
Share on other sites
Hi,

Logs looked ok :)

Share this post


Link to post
Share on other sites
Hello blade, i still get that virus. Is it really a virus? I dont know which site it could be that gives this virus. Should i worry or not? Because they say its a trojan high risk.

Share this post


Link to post
Share on other sites
Hi,

Since it's an iframe thing only way to get it permanently fixed is to inform webmaster of the affected site. However, for that one would have to know what is that affected site. If you have path to the detected item handy could you get the file and upload it [url=http://www.bleepingcomputer.com/submit-malware.php?channel=76]here[/url]?

Share this post


Link to post
Share on other sites
Thnx for answer... I tried to look myself which site this could be... But couldnt find it.. I ran scan again and it dont come back anymore... I will let you know if virus show up again. By the way, i didnt tried www.monova.org...its a torrent site i always used..could you test for me to see if you get that virus when you on monova?

Share this post


Link to post
Share on other sites
If i always shut down laptop it says that there are still programs open. But i dont have anything open anymore. Dont understand nothing anymore whats wrong. Does this involv a virus or hacking? Please help.

Share this post


Link to post
Share on other sites
Hi,

Your logs looked ok so I wouldn't worry about that too much. Staying away from questionable sites lowers infection risk together with keeping the system updated.

Share this post


Link to post
Share on other sites
Ok blade thnx, but perhaps do you know why i always get force shutdown screen when
I shut down my computer? This screen says i have some backgroundprogram open but this is not true, and it dont show which program this could be.

Share this post


Link to post
Share on other sites
Hi,

That's likely some background process making the shutdown screen appear. Do you recall when that began appearing?

Share this post


Link to post
Share on other sites
No dont know when this happened. Maybe one week or two weeks . But its annoying.. And dont know what to do. Edited by Andrei30

Share this post


Link to post
Share on other sites
It's normal that screen appears if some process is taking longer to end (doesn't mean system was infected).Does the window automatically go away in a few seconds if you don't press force shutdown?

Share this post


Link to post
Share on other sites
Ok, then it's just some process hanging there a bit longer. I don't see this as a malware issue. If you wish you may ask at some forum that has areas for other than malware problems too. One such place would be [url=http://forums.techguy.org]Tech Support Guy[/url].

Share this post


Link to post
Share on other sites

Due to lack of feedback, this topic has been closed.

 

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

 

Everyone else please begin a New Topic.

 

Thank You !

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0