BleepingComputer.com: HijackThis Log - Redirecting and Blocking Internet Explorer

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

HijackThis Log - Redirecting and Blocking Internet Explorer Redirecting and Blocking Internet Explorer

#1 User is offline   LiqwdE 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 1
  • Joined: 10-October 11

Posted 10 October 2011 - 03:35 PM

UPDATE-

Windows 7 Locked up, Forced Restore. So, no more problem. Thanks anyway, Great website.






When I try to use IE, Firefox, Aurora, or Google Chrome I am 90% of the time redirected or blocked (fake error pages) from my destination, along with the occassional popups.

UPDATED Logs*

Ive included a DDS Log and HijackThis Log
Running Windows 7 Cannot run Gmer


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by User at 15:50:01 on 2011-10-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8044.4933 [GMT -5:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Panda Cloud Antivirus *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Cloud Antivirus *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\system32\Dwm.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\SoftPerfect RAM Disk\ramdiskws.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Users\User\AppData\Local\Google\Update\1.3.21.69\GoogleCrashHandler.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uURLSearchHooks: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
uURLSearchHooks: N/A: {0696f815-a3a9-490a-bb14-9ec3350b1276} -
mURLSearchHooks: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
mWinlogon: Userinit=userinit.exe,
uWinlogon: Shell=C:\Users\User\AppData\Local\731288e7\X
BHO: IE7Pro BHO: {00011268-e188-40df-a514-835fcd78b1bf} - C:\Program Files (x86)\IEPro\iepro.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: Free Download Manager: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
TB: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
TB: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - C:\Program Files (x86)\IEPro\IEProRecorder.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:\Program Files (x86)\WOT\WOT.dll
TB: TelevisionFanatic: {c98d5b61-b0ea-4d48-9839-1079d352d880} -
uRun: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe -autorun
uRun: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Revo Uninstaller] "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -hunter
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe"
mRun: [PSUNMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: {85e1f530-48f4-11d9-9629-08ff2ffc9f67}
IE: {000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-9D4D-6A071EDD2709} - C:\Program Files (x86)\IEPro\iepro.dll
IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - C:\Program Files (x86)\IEPro\iepro.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
LSP: mswsock.dll
Trusted Zone: bullhorn.com
Trusted Zone: bullhornstaffing.com
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{BDE07B7A-8E17-4D69-810D-A2CB21BE0024} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{BDE07B7A-8E17-4D69-810D-A2CB21BE0024}\34963736F65383937383 : DhcpNameServer = 192.168.2.200 192.168.1.1
TCP: Interfaces\{BDE07B7A-8E17-4D69-810D-A2CB21BE0024}\C696E6B6379737 : DhcpNameServer = 68.87.68.166 68.87.74.166
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
BHO-X64: IE7Pro BHO: {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files (x86)\IEPro\iepro.dll
BHO-X64: IE7Pro - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
BHO-X64: Panda Security Toolbar - No File
BHO-X64: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
BHO-X64: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO-X64: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
BHO-X64: PhotoJoy US - No File
TB-X64: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
TB-X64: PhotoJoy US Toolbar: {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
TB-X64: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\IEPro\IEProRecorder.dll
TB-X64: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB-X64: TelevisionFanatic: {c98d5b61-b0ea-4d48-9839-1079d352d880} -
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe"
mRun-x64: [PSUNMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
IE-X64: {85e1f530-48f4-11d9-9629-08ff2ffc9f67}
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\qoa8eoly.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3074349&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=PCAFSI1208&p=
FF - component: C:\Program Files (x86)\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\User\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Users\User\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 PSINKNC;PSINKNC;C:\Windows\system32\DRIVERS\psinknc.sys --> C:\Windows\system32\DRIVERS\psinknc.sys [?]
R1 sepdal;sepdal;\??\C:\Windows\System32\Drivers\sepdal.sys --> C:\Windows\System32\Drivers\sepdal.sys [?]
R1 vvramd;vvramd;C:\Program Files\SoftPerfect RAM Disk\vv.sys [2011-9-22 243384]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-9-28 328536]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-3-3 347216]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-9-11 868224]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-25 13336]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-7-6 375176]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-1-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-10-9 366152]
R2 NanoServiceMain;Panda Cloud Antivirus Service;C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-4-28 140608]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-11 257344]
R2 PSINAflt;PSINAflt;C:\Windows\system32\DRIVERS\PSINAflt.sys --> C:\Windows\system32\DRIVERS\PSINAflt.sys [?]
R2 PSINFile;PSINFile;C:\Windows\system32\DRIVERS\PSINFile.sys --> C:\Windows\system32\DRIVERS\PSINFile.sys [?]
R2 PSINProc;PSINProc;C:\Windows\system32\DRIVERS\PSINProc.sys --> C:\Windows\system32\DRIVERS\PSINProc.sys [?]
R2 PSINProt;PSINProt;C:\Windows\system32\DRIVERS\PSINProt.sys --> C:\Windows\system32\DRIVERS\PSINProt.sys [?]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2011-9-9 518472]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-9-21 366408]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-11 2656280]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-2-25 243232]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\system32\DRIVERS\b57xdbd.sys --> C:\Windows\system32\DRIVERS\b57xdbd.sys [?]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\system32\DRIVERS\b57xdmp.sys --> C:\Windows\system32\DRIVERS\b57xdmp.sys [?]
R3 bScsiMSa;bScsiMSa;C:\Windows\system32\DRIVERS\bScsiMSa.sys --> C:\Windows\system32\DRIVERS\bScsiMSa.sys [?]
R3 bScsiSDa;bScsiSDa;C:\Windows\system32\DRIVERS\bScsiSDa.sys --> C:\Windows\system32\DRIVERS\bScsiSDa.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-8-18 2151640]
S3 AWEAlloc;AWE Memory Allocation Driver;C:\Windows\system32\DRIVERS\awealloc.sys --> C:\Windows\system32\DRIVERS\awealloc.sys [?]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-9-27 172912]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-9-26 1315592]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-9-25 130976]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 ImDisk;ImDisk Virtual Disk Driver;C:\Windows\system32\DRIVERS\imdisk.sys --> C:\Windows\system32\DRIVERS\imdisk.sys [?]
S3 ImDskSvc;ImDisk Virtual Disk Driver Helper;C:\Windows\system32\imdsksvc.exe --> C:\Windows\system32\imdsksvc.exe [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RAMDiskVE;RAMDiskVE;C:\Windows\system32\Drivers\RAMDiskVE.sys --> C:\Windows\system32\Drivers\RAMDiskVE.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
cmdfile=NOTEPAD.EXE %1
JSEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2011-10-10 20:20:11 388096 ----a-r- C:\Users\User\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-10-10 20:20:11 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-10-09 19:56:54 -------- d-----w- C:\Users\User\AppData\Roaming\Malwarebytes
2011-10-09 19:56:47 -------- d-----w- C:\ProgramData\Malwarebytes
2011-10-09 19:56:44 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-10-09 19:56:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-09 19:35:28 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE8AA4B3-F0F6-4F83-A48D-07EB315F6AD0}\offreg.dll
2011-10-09 18:31:49 -------- d-----we C:\Windows\system64
2011-10-09 18:30:43 -------- d-sh--w- C:\Users\User\AppData\Local\731288e7
2011-10-09 01:30:27 -------- d-----w- C:\Program Files (x86)\TelevisionFanatic
2011-10-09 01:29:58 -------- d-----w- C:\Program Files (x86)\TelevisionFanaticEI
2011-10-07 16:57:57 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE8AA4B3-F0F6-4F83-A48D-07EB315F6AD0}\mpengine.dll
2011-10-06 00:04:40 -------- d-----w- C:\Users\User\xpadder_gamepad_profiler
2011-10-05 23:56:41 7548 ----a-w- C:\Windows\SysWow64\drivers\Samhid.sys
2011-10-05 22:18:23 -------- d-----w- C:\Program Files\Game Elements
2011-10-05 21:09:03 839680 ----a-w- C:\Windows\SysWow64\FDRpage.dll
2011-10-05 21:09:03 77824 ----a-w- C:\Windows\SysWow64\FDRdriver.dll
2011-10-05 21:09:02 -------- d-----w- C:\Program Files (x86)\PHILIPS
2011-10-05 21:08:57 -------- d-----w- C:\Program Files\PHILIPS
2011-10-05 21:08:56 208896 ----a-w- C:\Windows\SysWow64\CreateDir.exe
2011-09-30 01:20:03 517960 ----a-w- C:\Windows\System32\XAudio2_5.dll
2011-09-30 01:20:02 238936 ----a-w- C:\Windows\SysWow64\xactengine3_5.dll
2011-09-30 01:20:02 176968 ----a-w- C:\Windows\System32\xactengine3_5.dll
2011-09-30 01:20:01 2582888 ----a-w- C:\Windows\System32\D3DCompiler_42.dll
2011-09-30 01:20:01 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll
2011-09-30 01:20:00 5554512 ----a-w- C:\Windows\System32\d3dcsx_42.dll
2011-09-30 01:20:00 5501792 ----a-w- C:\Windows\SysWow64\d3dcsx_42.dll
2011-09-30 01:04:01 -------- d-----w- C:\Program Files (x86)\Intel Corporation
2011-09-30 00:44:31 -------- d-----w- C:\Users\User\AppData\Roaming\SeriousBit
2011-09-29 23:49:57 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2011-09-29 23:49:41 -------- d-----w- C:\Windows\SysWow64\xlive
2011-09-29 23:49:38 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-09-29 04:43:23 -------- d-----w- C:\Users\User\AppData\Roaming\Windows Live Writer
2011-09-29 04:43:23 -------- d-----w- C:\Users\User\AppData\Local\Windows Live Writer
2011-09-29 03:19:02 -------- d-----w- C:\Users\User\AppData\Roaming\IObit
2011-09-29 00:59:23 -------- d-----w- C:\ProgramData\IObit
2011-09-29 00:59:23 -------- d-----w- C:\Program Files (x86)\IObit
2011-09-29 00:32:21 539968 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-09-27 22:50:38 -------- d-----w- C:\Users\User\AppData\Local\WTFast
2011-09-27 21:49:41 -------- d-----w- C:\Program Files (x86)\WTFast
2011-09-27 05:08:34 -------- d-----w- C:\Users\User\AppData\Local\Smart_PC_Utilities,_Ltd
2011-09-27 05:06:31 -------- d-----w- C:\Users\User\AppData\Roaming\Smart PC Utilities
2011-09-27 05:05:30 1688 ----a-w- C:\Users\User\LiqwdE Reg.reg
2011-09-27 05:02:36 -------- d-----w- C:\Program Files (x86)\Smart PC Utilities
2011-09-27 03:35:07 -------- d-----w- C:\Users\User\AppData\Roaming\VirtuaWin
2011-09-27 00:17:31 -------- d-----w- C:\Program Files (x86)\Systweak
2011-09-27 00:15:03 -------- d-----w- C:\Program Files (x86)\Universal Extractor
2011-09-27 00:08:05 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2011-09-26 23:15:24 -------- d-----w- C:\Users\User\.TransTorrent
2011-09-26 22:48:38 -------- d-----w- C:\Program Files (x86)\VirtuaWin
2011-09-26 21:08:04 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2011-09-26 21:07:55 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2011-09-26 21:07:46 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2011-09-26 16:28:43 1828 ----a-w- C:\Windows\System32\ASOROSet.bin
2011-09-26 15:50:42 16432 ----a-w- C:\Windows\System32\lsdelete.exe
2011-09-26 15:45:06 -------- d-----w- C:\ProgramData\Systweak
2011-09-26 15:42:14 -------- d-----w- C:\Windows\Repair
2011-09-26 15:42:11 -------- d-----w- C:\Users\User\AppData\Roaming\Systweak
2011-09-26 15:30:54 -------- d-----w- C:\Users\User\AppData\Roaming\Splashtop Remote Client
2011-09-26 15:30:32 -------- d-----w- C:\Users\User\AppData\Local\Downloaded Installations
2011-09-26 15:24:09 -------- d-----w- C:\Users\User\AppData\Roaming\Intel
2011-09-26 15:23:23 16760 ----a-w- C:\Windows\System32\drivers\sepdal.sys
2011-09-26 15:22:10 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll.000.bak
2011-09-26 15:22:10 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2011-09-26 15:22:10 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2011-09-26 15:22:08 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2011-09-26 15:21:49 -------- d-----w- C:\Program Files (x86)\LogMeIn
2011-09-26 15:21:00 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared
2011-09-26 15:17:49 -------- d-----w- C:\Users\User\AppData\Local\LogMeIn
2011-09-26 15:17:49 -------- d-----w- C:\ProgramData\LogMeIn
2011-09-25 18:22:20 -------- d-----w- C:\Program Files (x86)\Futuremark
2011-09-24 19:04:33 -------- d-----w- C:\Program Files (x86)\XBox 360 Controller for Windows Software
2011-09-24 17:35:01 -------- d-----w- C:\Users\User\AppData\Local\Adobe
2011-09-24 04:23:34 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2011-09-24 04:21:07 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2011-09-24 04:20:55 -------- d-----w- C:\Program Files (x86)\Lavasoft
2011-09-24 02:04:34 24983 ----a-w- C:\Windows\SysWow64\243438941.dll
2011-09-24 02:04:31 -------- d-----w- C:\Program Files (x86)\Common Files\Data
2011-09-24 02:02:26 197632 ----a-w- C:\Program Files (x86)\Common Files\OnlineFilesManager.dll
2011-09-24 01:49:39 -------- d-----w- C:\Users\User\AppData\Local\ElevatedDiagnostics
2011-09-24 01:32:57 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2011-09-24 00:02:10 13008 ----a-w- C:\Windows\System32\drivers\pstrip64.sys
2011-09-24 00:02:09 -------- d-----w- C:\Program Files (x86)\PowerStrip
2011-09-23 23:56:11 -------- d-----w- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2011-09-23 23:30:54 -------- d--h--w- C:\Windows\msdownld.tmp
2011-09-23 23:30:45 -------- d-----w- C:\Windows\SysWow64\directx
2011-09-23 23:00:57 -------- d-----w- C:\Users\User\Software
2011-09-22 22:44:34 -------- d-----w- C:\Program Files (x86)\WOT
2011-09-22 22:43:00 -------- d-----w- C:\Users\User\AppData\Roaming\GrabPro
2011-09-22 22:42:57 -------- d-----w- C:\Program Files (x86)\IEPro
2011-09-22 21:53:59 -------- d-----w- C:\ProgramData\SoftPerfect
2011-09-22 21:53:59 -------- d-----w- C:\Program Files\SoftPerfect RAM Disk
2011-09-22 21:50:29 34776 ----a-w- C:\Windows\System32\drivers\imdisk.sys
2011-09-22 21:50:29 17360 ----a-w- C:\Windows\System32\drivers\awealloc.sys
2011-09-22 21:50:28 99328 ----a-w- C:\Windows\System32\imdisk.cpl
2011-09-22 21:50:28 86016 ----a-w- C:\Windows\SysWow64\imdisk.cpl
2011-09-22 21:50:28 40960 ----a-w- C:\Windows\System32\imdisk.exe
2011-09-22 21:50:28 36864 ----a-w- C:\Windows\SysWow64\imdisk.exe
2011-09-22 21:50:28 11264 ----a-w- C:\Windows\System32\imdsksvc.exe
2011-09-22 21:20:32 -------- d-----w- C:\Temporary Internet Files
2011-09-22 02:59:59 580096 ----a-w- C:\Windows\System32\ac3filter64.acm
2011-09-22 02:59:59 497664 ----a-w- C:\Windows\SysWow64\ac3filter.acm
2011-09-22 02:59:59 -------- d-----w- C:\Program Files (x86)\AC3Filter
2011-09-22 02:52:20 -------- d-----w- C:\Program Files\Microsoft Xbox 360 Accessories
2011-09-21 02:20:25 -------- d-----w- C:\Program Files (x86)\Aurora
2011-09-21 01:03:17 134104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-09-21 01:03:16 89048 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-09-21 01:03:16 785368 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-09-21 01:03:16 719832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozcpp19.dll
2011-09-21 01:03:16 478168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2011-09-21 01:03:16 1846232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-09-21 01:03:16 16856 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
2011-09-21 01:03:16 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2011-09-21 01:03:15 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-09-21 01:03:15 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-09-21 00:55:17 -------- d-----w- C:\Program Files (x86)\IE9 Tweaker Plus v2.0
2011-09-21 00:11:14 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-20 23:48:38 -------- d-----w- C:\Program Files (x86)\RAMDisk
2011-09-20 23:22:32 -------- d-----w- C:\Windows\pss
2011-09-20 09:05:19 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-09-19 01:13:31 -------- d-----w- C:\Program Files (x86)\Xvid
2011-09-18 19:19:39 -------- d-----w- C:\Program Files\Microsoft IntelliPoint
2011-09-18 13:30:14 -------- d-----w- C:\Users\User\AppData\Local\panda2_0dn
2011-09-18 13:18:25 -------- d-----w- C:\ProgramData\VirtualizedApplications
2011-09-18 13:16:22 -------- d-----w- C:\Users\User\AppData\Roaming\Panda Security
2011-09-18 13:16:01 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
2011-09-18 13:15:56 -------- d-----w- C:\ProgramData\Panda Security URL Filtering
2011-09-18 13:15:45 -------- d-----w- C:\ProgramData\Panda Security
2011-09-18 13:15:45 -------- d-----w- C:\Program Files (x86)\Panda Security
2011-09-18 13:15:37 -------- d-----w- C:\temp
2011-09-18 13:14:31 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-09-18 12:12:58 -------- d-----w- C:\Program Files (x86)\VideoLAN
2011-09-18 12:12:17 -------- d-----w- C:\Program Files (x86)\Handbrake
2011-09-18 12:12:03 -------- d-----w- C:\Program Files\EnhanceMySe7en
2011-09-18 11:49:07 -------- d-----w- C:\Users\User\AppData\Local\Google
2011-09-18 11:27:20 -------- d-----w- C:\Users\User\AppData\Local\HuluDesktop
2011-09-18 11:26:29 -------- d-----w- C:\Downloads
2011-09-18 11:21:05 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-09-18 11:20:53 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-09-18 11:20:43 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-09-18 11:20:40 539968 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-09-18 11:07:51 -------- d-----w- C:\Users\User\AppData\Roaming\SoftGrid Client
2011-09-18 11:07:51 -------- d-----w- C:\Users\User\AppData\Local\SoftGrid Client
2011-09-18 11:07:10 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2011-09-18 11:07:01 -------- d-----w- C:\Users\User\AppData\Roaming\TP
2011-09-18 10:48:54 -------- d-----w- C:\Users\User\AppData\Roaming\Free Download Manager
2011-09-18 10:48:50 -------- d-----w- C:\Program Files (x86)\Free Download Manager
2011-09-18 10:36:47 -------- d-----w- C:\Program Files (x86)\Windows SideShow
2011-09-18 09:33:18 -------- d-----w- C:\Users\User\AppData\Roaming\eSobi
2011-09-18 06:10:00 -------- d-----w- C:\Users\User\AppData\Local\Aupeo
2011-09-18 06:09:48 -------- d-----w- C:\Program Files (x86)\AUPEO!
2011-09-18 05:59:19 -------- d-----w- C:\Users\User\AppData\Roaming\PowerCinema
2011-09-18 03:07:56 -------- d-----w- C:\Program Files (x86)\Wild Tangent
2011-09-18 03:05:31 -------- d-----w- C:\Users\User\AppData\Local\PhotoJoy
2011-09-18 03:05:14 -------- d-----w- C:\ProgramData\PhotoJoy
2011-09-18 03:05:14 -------- d-----w- C:\Program Files (x86)\PhotoJoy
2011-09-18 03:05:08 1316224 ----a-w- C:\Windows\SysWow64\PhotoJoy Screensaver.scr
2011-09-18 03:04:09 479232 ----a-w- C:\Windows\SysWow64\Parrot.scr
2011-09-18 03:04:08 -------- d-----w- C:\Program Files (x86)\AV Digital Talking Parrot
2011-09-18 03:02:55 44280 ----a-w- C:\Windows\WATERYDS.SCR
2011-09-18 03:02:55 -------- d-----w- C:\Program Files\Animated Wallpaper
2011-09-18 03:02:06 -------- d-----w- C:\Program Files (x86)\Conduit
2011-09-18 03:02:05 -------- d-----w- C:\Users\User\AppData\Local\Conduit
2011-09-18 03:02:04 -------- d-----w- C:\Program Files (x86)\PhotoJoy_US
2011-09-18 03:01:33 -------- d-----w- C:\Users\User\AppData\Roaming\Dream Aquarium
2011-09-18 03:01:29 -------- d-----w- C:\Program Files (x86)\Dream Aquarium
2011-09-18 02:32:57 -------- d-----w- C:\ProgramData\Media Center Programs
2011-09-18 02:32:55 3497832 ----a-w- C:\Windows\SysWow64\d3dx9_34.dll
2011-09-18 02:32:52 2414360 ----a-w- C:\Windows\SysWow64\d3dx9_31.dll
2011-09-18 02:32:48 88480 ----a-w- C:\Windows\System32\drivers\atksgt.sys
2011-09-18 02:32:46 46400 ----a-w- C:\Windows\System32\drivers\lirsgt.sys
2011-09-18 02:26:34 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2011-09-18 02:26:32 -------- d-----w- C:\Program Files (x86)\Steam
2011-09-18 02:12:55 -------- d-----w- C:\ProgramData\Splashtop
2011-09-18 02:12:37 -------- d-----w- C:\Program Files (x86)\Splashtop
2011-09-18 02:12:09 -------- d-----w- C:\Users\User\AppData\Local\{62FE1C67-1742-45D6-82F7-AEEABC53D1A6}
2011-09-18 01:40:11 -------- d-----w- C:\Program Files (x86)\WildTangent Games
2011-09-16 09:15:22 -------- d-----w- C:\Program Files (x86)\Citrix
2011-09-16 09:14:29 -------- d-----w- C:\Users\User\AppData\Local\Citrix
2011-09-16 09:13:52 -------- d-----w- C:\Users\User\AppData\Local\Apps
2011-09-16 09:13:51 -------- d-----w- C:\Users\User\AppData\Local\Deployment
2011-09-16 08:35:14 -------- d-----w- C:\Netgear
2011-09-15 04:35:59 -------- d-----w- C:\ProgramData\Cisco Systems
2011-09-14 09:16:32 -------- d-----w- C:\Users\User\AppData\Local\Diagnostics
2011-09-13 03:41:52 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-09-13 03:41:51 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-09-13 03:41:51 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-09-13 03:41:51 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-09-13 03:41:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-09-11 10:25:44 -------- d-----w- C:\Windows\System32\SPReview
2011-09-11 10:25:11 -------- d-----w- C:\Windows\System32\EventProviders
2011-09-11 10:19:59 850944 ----a-w- C:\Windows\System32\mmsys.cpl
2011-09-11 10:18:54 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2011-09-11 10:18:54 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui
2011-09-11 10:18:52 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
2011-09-11 10:18:52 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
2011-09-11 10:18:47 189952 ----a-w- C:\Windows\SysWow64\sqmapi.dll
2011-09-11 10:18:46 209920 ----a-w- C:\Windows\SysWow64\PkgMgr.exe
2011-09-11 10:18:46 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll
2011-09-11 10:18:35 323072 ----a-w- C:\Windows\SysWow64\drvstore.dll
2011-09-11 10:18:35 257024 ----a-w- C:\Windows\SysWow64\dpx.dll
2011-09-11 10:18:32 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2011-09-11 10:18:32 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2011-09-11 10:18:32 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
2011-09-11 10:16:55 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-09-11 10:16:55 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-09-11 10:16:55 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2011-09-11 10:16:55 1225216 ----a-w- C:\Windows\System32\wbem\wbemcore.dll
2011-09-11 10:16:52 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
2011-09-11 10:16:52 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2011-09-11 10:16:49 199168 ----a-w- C:\Windows\System32\PkgMgr.exe
2011-09-11 10:16:38 422912 ----a-w- C:\Windows\System32\drvstore.dll
2011-09-11 10:16:38 399872 ----a-w- C:\Windows\System32\dpx.dll
2011-09-11 09:34:59 -------- d-----w- C:\Windows\SysWow64\Wat
2011-09-11 09:34:59 -------- d-----w- C:\Windows\System32\Wat
2011-09-11 09:05:54 2073600 ----a-w- C:\Windows\SysWow64\iertutil.dll_old0
2011-09-11 09:05:53 981504 ----a-w- C:\Windows\SysWow64\wininet.dll_old0
2011-09-11 09:05:53 1231360 ----a-w- C:\Windows\SysWow64\urlmon.dll_old0
2011-09-11 09:05:33 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-09-11 09:05:33 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-09-11 09:03:59 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-09-11 08:48:22 -------- d-----w- C:\Windows\NAPP_Dism_Log
2011-09-11 07:57:58 -------- d---a-w- C:\book
2011-09-11 07:57:58 -------- d-----w- C:\ProgramData\EgisTec
2011-09-11 07:55:31 3 ----a-w- C:\Windows\System32\PLD_Framework.cmd
2011-09-11 07:54:07 -------- d-----w- C:\Program Files\Common Files\Intel
2011-09-11 07:54:06 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2011-09-11 06:32:54 -------- d-----w- C:\Users\User\AppData\Roaming\Barnes & Noble
2011-09-11 06:32:53 -------- d-----w- C:\Program Files (x86)\Barnes & Noble
2011-09-11 06:29:07 -------- d-----w- C:\Users\User\AppData\Local\Acer
2011-09-11 06:27:28 -------- d-----w- C:\Users\User\AppData\Local\PowerCinema
2011-09-11 06:25:56 -------- d-----w- C:\Users\User\AppData\Local\Cyberlink
2011-09-11 06:25:56 -------- d-----w- C:\ProgramData\CLSK
2011-09-11 06:23:41 -------- d-----w- C:\ProgramData\NTI Launcher
2011-09-11 06:21:55 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2011-09-11 06:20:51 -------- d-----w- C:\Windows\en
2011-09-11 06:20:27 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-09-11 06:19:53 -------- d-----w- C:\Windows\PCHEALTH
2011-09-11 06:19:27 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2011-09-11 06:19:27 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2011-09-11 06:19:27 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2011-09-11 06:19:27 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2011-09-11 06:19:11 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2011-09-11 06:19:11 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2011-09-11 06:17:39 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8195ee8b1cc704a04\DSETUP.dll
2011-09-11 06:17:39 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8195ee8b1cc704a04\DXSETUP.exe
2011-09-11 06:17:39 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\8195ee8b1cc704a04\dsetup32.dll
2011-09-11 06:17:39 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\81f2c4351cc704a05\MeshBetaRemover.exe
2011-09-11 06:17:38 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\812ad09e1cc704a03\DSETUP.dll
2011-09-11 06:17:38 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\812ad09e1cc704a03\DXSETUP.exe
2011-09-11 06:17:38 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\812ad09e1cc704a03\dsetup32.dll
2011-09-11 06:17:37 -------- d-----w- C:\Users\User\AppData\Local\Windows Live
2011-09-11 06:17:37 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-09-11 06:15:56 33000960 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\click2run64.msi
2011-09-11 06:15:56 26051072 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\click2run.msi
2011-09-11 06:15:34 -------- d-----w- C:\Program Files (x86)\Microsoft
2011-09-11 06:15:18 -------- d-----w- C:\ProgramData\boost_interprocess
2011-09-11 06:11:55 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2011-09-11 06:11:51 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2011-09-11 06:10:39 -------- d-----w- C:\Program Files\Elantech
2011-09-11 06:09:18 -------- d-----w- C:\Program Files (x86)\Launch Manager
2011-09-11 06:06:00 -------- d-----w- C:\Program Files (x86)\Renesas Electronics
2011-09-11 06:02:54 -------- d-----w- C:\Users\User\AppData\Roaming\Intel Corporation
2011-09-11 06:02:39 -------- d-----w- C:\Users\User\AppData\Local\EgisTec IPS
2011-09-11 06:00:53 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2011-09-11 10:38:18 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-09-11 10:38:18 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-08-01 20:59:06 45416 ----a-w- C:\Windows\System32\drivers\point64.sys
2011-08-01 11:23:26 160520 ----a-w- C:\Windows\System32\drivers\PSINAflt.sys
2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 15:50:51.41 ===============

--------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:35:13 PM, on 10/10/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\SoftPerfect RAM Disk\ramdiskws.exe
C:\Program Files (x86)\Free Download Manager\fdm.exe
C:\Users\User\AppData\Local\Google\Update\1.3.21.69\GoogleCrashHandler.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PhotoJoy US Toolbar - {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
R3 - URLSearchHook: (no name) - {0696f815-a3a9-490a-bb14-9ec3350b1276} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files (x86)\IEPro\iepro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: PhotoJoy US - {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O3 - Toolbar: PhotoJoy US Toolbar - {f2c43291-151e-499c-98a7-923c120b88fa} - C:\Program Files (x86)\PhotoJoy_US\prxtbPhot.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\IEPro\IEProRecorder.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
O3 - Toolbar: TelevisionFanatic - {c98d5b61-b0ea-4d48-9839-1079d352d880} - (no file)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe"
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Revo Uninstaller] "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -hunter
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files (x86)\IEPro\iepro.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85e1f530-48f4-11d9-9629-08ff2ffc9f67} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.bullhorn.com
O15 - Trusted Zone: *.bullhornstaffing.com
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: ImDisk Virtual Disk Driver Helper (ImDskSvc) - Unknown owner - C:\Windows\system32\imdsksvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15044 bytes

Attached File(s)


This post has been edited by LiqwdE: 10 October 2011 - 09:47 PM

#2 User is offline   HelpBot 

  • Bleepin' Binary Bot
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Bots
  • Posts: 5,607
  • Joined: 05-October 07
  • Gender:Male

Posted 15 October 2011 - 03:40 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/422837 <<< CLICK THIS LINK

If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.

  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.


Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 User is offline   HelpBot 

  • Bleepin' Binary Bot
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Bots
  • Posts: 5,607
  • Joined: 05-October 07
  • Gender:Male

Posted 20 October 2011 - 03:45 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users