Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Search Search
Search for:
Tech Support Guy > > >

Advert keeps turning up and making noise on facebook

(New)
(!)

nomad3000's Avatar
nomad3000 nomad3000 is offline
Computer Specs
Member with 2 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
27-Mar-2012, 06:36 PM #1
Advert keeps turning up and making noise on facebook
I keep getting an advert on facebook and a few other sites that have sound and say 'Congratulations you've won'. It has also happened a couple of times when no advert is there. Here is requested info:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:31:30, on 27/03/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\Downloads\SysInfo.exe
C:\Users\Damon\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: TheBflix - {00993761-7465-41C6-AEEE-44F8BC92EE98} - C:\ProgramData\TheBflix\bhoclass.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Damon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Spotify] "C:\Users\Damon\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12658 bytes





.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Damon at 23:31:44 on 2012-03-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.5996.3863 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Damon\Downloads\SysInfo.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer.msn.com
uDefault_Page_URL = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe
BHO: TheBflix Class: {00993761-7465-41c6-aeee-44f8bc92ee98} - C:\ProgramData\TheBflix\bhoclass.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
uRun: [Google Update] "C:\Users\Damon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Spotify] "C:\Users\Damon\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{6DF10ED5-E8E4-4494-8724-3E1F0FFD1F29} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{F093FA71-922C-43CF-9ECE-E5AF997F3FFB} : DhcpNameServer = 40.12.1.201 40.12.1.202
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: TheBflix Class: {00993761-7465-41C6-AEEE-44F8BC92EE98} - C:\ProgramData\TheBflix\bhoclass.dll
BHO-X64: TheBflix - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-7-14 352336]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-9-12 872552]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-1-18 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-14 13336]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-7-14 244624]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2012-2-23 103440]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-24 256832]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-9-12 2656280]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-23 136176]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-4-2 173424]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-23 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-03-27 15:36:09 -------- d-----w- C:\Users\Damon\AppData\Local\{C32A0CED-FB57-4605-BD08-6C4943A1CFF1}
2012-03-27 15:36:00 -------- d-----w- C:\Users\Damon\AppData\Local\{B28BBB7B-F4FE-46AE-8A57-BA1094D57176}
2012-03-27 11:45:42 -------- d-----w- C:\Users\Damon\AppData\Local\{AB70E47B-F36A-4D52-9275-380855069F97}
2012-03-27 11:45:31 -------- d-----w- C:\Users\Damon\AppData\Local\{A2E8673C-8924-4642-A8F4-7A4442916F3F}
2012-03-27 08:08:08 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8BE9398C-B916-4ACE-8DB9-F6EC2A7EB411}\mpengine.dll
2012-03-27 08:02:20 -------- d-----w- C:\Users\Damon\AppData\Local\{EA28DC6F-3E0C-4C1D-9451-D7B13BF00219}
2012-03-27 08:02:10 -------- d-----w- C:\Users\Damon\AppData\Local\{4A525CED-4D87-424B-9CE4-6B14A5B699E7}
2012-03-26 20:07:34 -------- d-----w- C:\Users\Damon\AppData\Local\{3CE19DA0-5243-4165-96FB-4B58FAAF9C1D}
2012-03-26 20:07:23 -------- d-----w- C:\Users\Damon\AppData\Local\{633698CB-BBB3-4099-80F4-96FA7D27F214}
2012-03-26 16:30:35 -------- d-----w- C:\Users\Damon\AppData\Local\{25DE93A3-0375-4153-9EFA-96084BB4C764}
2012-03-26 16:30:25 -------- d-----w- C:\Users\Damon\AppData\Local\{E0A56876-B15F-4643-9838-0679EA54F57B}
2012-03-26 12:22:48 -------- d-----w- C:\Users\Damon\AppData\Local\{CFFAD0E8-46F5-4618-98B0-221FD12D1862}
2012-03-26 12:22:37 -------- d-----w- C:\Users\Damon\AppData\Local\{40120F5F-1552-408B-9885-564DEA6DF05C}
2012-03-26 11:52:48 -------- d-----w- C:\Users\Damon\AppData\Local\{F596641A-F7E0-4B86-90CD-28DF1371D074}
2012-03-26 11:52:37 -------- d-----w- C:\Users\Damon\AppData\Local\{115EED9F-F284-4805-9151-7D8F684CBC30}
2012-03-25 18:06:05 -------- d-----w- C:\Users\Damon\AppData\Local\{86C00CB6-6892-406A-997D-B16083F7BBE8}
2012-03-25 18:05:54 -------- d-----w- C:\Users\Damon\AppData\Local\{0E258BF8-11C9-4107-BCAD-61A4131AEC84}
2012-03-24 11:38:59 -------- d-----w- C:\Users\Damon\AppData\Local\{5CB5F611-7A0E-4760-A3C9-A9CE7D01E45D}
2012-03-24 11:38:47 -------- d-----w- C:\Users\Damon\AppData\Local\{7FA54FD0-8EEE-4729-A984-9E7FB438D8DA}
2012-03-24 05:14:37 -------- d-----w- C:\Users\Damon\AppData\Local\{536730CC-FC54-4039-A4D2-6FAD34822CE4}
2012-03-24 05:14:27 -------- d-----w- C:\Users\Damon\AppData\Local\{F6A55162-4841-45D4-BBE5-3C076BEB248E}
2012-03-23 18:10:17 -------- d-----w- C:\Users\Damon\AppData\Local\{ED00D579-6823-4A28-8A5C-1EA98DE90F65}
2012-03-23 18:10:05 -------- d-----w- C:\Users\Damon\AppData\Local\{B1F580E1-C390-4870-9383-6BBEF5777300}
2012-03-23 17:26:07 -------- d-----w- C:\Users\Damon\AppData\Local\{D1A5487A-42CF-42CB-AEB2-D9A1F1D9C046}
2012-03-23 17:25:57 -------- d-----w- C:\Users\Damon\AppData\Local\{D5FA9F3A-C98C-4049-996E-F321D165B37E}
2012-03-22 16:52:03 -------- d-----w- C:\Users\Damon\AppData\Local\{8FB0487F-5BAC-4DEC-B8FC-7CD2202EB595}
2012-03-22 16:51:52 -------- d-----w- C:\Users\Damon\AppData\Local\{DD36FD30-DB5D-4A5D-8959-50620FA2F612}
2012-03-22 10:14:21 -------- d-----w- C:\Users\Damon\AppData\Local\{E196EE75-55FB-4FF1-A340-328A8E6B3E76}
2012-03-22 10:14:11 -------- d-----w- C:\Users\Damon\AppData\Local\{97B633FC-6420-4660-A328-BF23493AF4D4}
2012-03-21 23:57:52 -------- d-----w- C:\Users\Damon\AppData\Local\{CC8D167D-B8C8-4599-A86D-24B2ACDAAA56}
2012-03-21 23:57:42 -------- d-----w- C:\Users\Damon\AppData\Local\{A74A5FFF-02D8-4E0F-898F-C317E5F1FEFF}
2012-03-21 16:53:29 -------- d-----w- C:\Users\Damon\AppData\Local\{648D9643-73B4-42C4-A56A-5229235DAC6D}
2012-03-21 16:53:17 -------- d-----w- C:\Users\Damon\AppData\Local\{7793BE9A-B369-401D-B648-079583BA05AD}
2012-03-20 12:21:09 -------- d-----w- C:\Users\Damon\AppData\Local\{3925EACE-3C2E-42C2-B8DD-EF628A0082CF}
2012-03-20 12:20:57 -------- d-----w- C:\Users\Damon\AppData\Local\{32EEBAE0-D732-4E44-A255-94F8C01E3BC7}
2012-03-19 16:48:18 -------- d-----w- C:\Users\Damon\AppData\Local\{B34E81E0-14B1-42B2-AE5F-0E70D403A0E4}
2012-03-19 16:48:05 -------- d-----w- C:\Users\Damon\AppData\Local\{B8167C61-F0E7-4C7C-AD83-75230D5DBCA7}
2012-03-19 10:53:19 -------- d-----w- C:\Users\Damon\AppData\Local\{3A3C9775-9311-45AA-BCCF-AA666CD7579D}
2012-03-19 10:53:08 -------- d-----w- C:\Users\Damon\AppData\Local\{87C15BB8-58C9-4C4E-AEFF-6DE38DA63D96}
2012-03-18 21:44:48 -------- d-----w- C:\Users\Damon\AppData\Local\{799904E6-922C-4508-A230-F7D5C1E11ACA}
2012-03-18 21:44:37 -------- d-----w- C:\Users\Damon\AppData\Local\{C6E9F4B9-B774-43D7-A79B-BF13A9186F34}
2012-03-18 11:24:56 -------- d-----w- C:\Users\Damon\AppData\Local\{C2946436-1820-444D-9B4C-3D35615E7050}
2012-03-18 11:24:46 -------- d-----w- C:\Users\Damon\AppData\Local\{E380509C-D63D-4A86-9201-21F5F0A9DA24}
2012-03-17 23:53:31 -------- d-----w- C:\Users\Damon\AppData\Local\{B3AC2908-6637-415A-ACB4-8F10FA9E0BDA}
2012-03-17 23:53:21 -------- d-----w- C:\Users\Damon\AppData\Local\{93BCB9B8-2EC7-4854-BC8D-054F0494FD05}
2012-03-17 12:44:02 -------- d-----w- C:\Users\Damon\AppData\Local\{E3D70F3E-96C2-4655-9901-FE1316C212A6}
2012-03-17 12:43:52 -------- d-----w- C:\Users\Damon\AppData\Local\{9A9A62DD-D2E9-4BD9-86D8-CDA76A08DCEC}
2012-03-16 22:54:32 -------- d-----w- C:\Users\Damon\AppData\Local\{84AAE1D9-E146-45E7-A823-9439858E131F}
2012-03-16 22:54:13 -------- d-----w- C:\Users\Damon\AppData\Local\{9F31AC82-ECA4-4C88-BC57-1486DFF0D47D}
2012-03-15 19:56:37 -------- d-----w- C:\Users\Damon\AppData\Local\{0A17873D-D31F-4486-B20F-8DDD2E87625B}
2012-03-15 19:56:27 -------- d-----w- C:\Users\Damon\AppData\Local\{B0B570D6-BC93-4AA3-8997-EBE00BAC17E0}
2012-03-15 16:46:05 -------- d-----w- C:\Users\Damon\AppData\Local\{D72E2929-1C71-4F87-8C16-EB126AC64F7A}
2012-03-15 16:45:46 -------- d-----w- C:\Users\Damon\AppData\Local\{C3ABCA6B-C661-4BFC-AB42-C06F60E3463D}
2012-03-14 23:59:34 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-14 23:59:34 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-14 23:59:33 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-14 23:54:42 -------- d-----w- C:\Users\Damon\AppData\Local\{E95002BC-7CD7-41A9-AC7C-FBAFE067AE2B}
2012-03-14 23:54:32 -------- d-----w- C:\Users\Damon\AppData\Local\{EA86CD5E-4459-43D8-B478-B980454C3278}
2012-03-13 19:52:13 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-13 19:51:38 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-13 19:51:38 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-13 19:43:46 -------- d-----w- C:\Users\Damon\AppData\Local\{1B004720-61F8-44A8-8370-B408910BFE28}
2012-03-13 19:43:28 -------- d-----w- C:\Users\Damon\AppData\Local\{51BD61A0-CFA1-4D9A-A3A5-C35FC8A482AF}
2012-03-13 18:11:26 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-13 18:11:26 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-13 18:11:26 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-13 18:11:26 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-13 18:11:26 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-13 18:11:26 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-13 18:11:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-13 17:58:37 -------- d-----w- C:\Users\Damon\AppData\Local\Microsoft Help
2012-03-13 08:19:41 -------- d-----w- C:\Users\Damon\AppData\Local\{C7FB6E41-B55E-4483-8C3C-FF2F35547A9D}
2012-03-13 08:19:30 -------- d-----w- C:\Users\Damon\AppData\Local\{5145323B-61FB-45C7-B2F8-8908B3B201D1}
2012-03-12 23:13:59 -------- d-----w- C:\Users\Damon\AppData\Local\{CE001F9A-88DF-4638-A7BD-E242C0F0EB6A}
2012-03-12 23:13:49 -------- d-----w- C:\Users\Damon\AppData\Local\{5FB97524-ACBB-4DEE-95F3-280FD5296183}
2012-03-12 12:14:00 -------- d-----w- C:\Users\Damon\AppData\Local\{A3B398CE-E957-46F7-85D1-BC9885474E1A}
2012-03-12 12:13:50 -------- d-----w- C:\Users\Damon\AppData\Local\{EDC1A7BE-99F9-48B5-9FED-52D39C96DC7B}
2012-03-11 22:44:25 -------- d-----w- C:\Users\Damon\AppData\Local\{90A95DCA-1A16-4B94-8D2F-E5952CAEAE74}
2012-03-11 16:53:23 -------- d-----w- C:\Users\Damon\AppData\Local\{5C9E92A4-9B6A-4FFC-A0D6-6FF2194D07A4}
2012-03-11 16:53:12 -------- d-----w- C:\Users\Damon\AppData\Local\{C5C4C6F8-A5A5-442B-A4E8-1FC1C4E15E63}
2012-03-10 10:23:29 -------- d-----w- C:\Users\Damon\AppData\Local\{FA572548-21A1-4CF7-98B2-378FEBBAAD03}
2012-03-10 10:23:13 -------- d-----w- C:\Users\Damon\AppData\Local\{07D19698-9FB0-4728-BC46-24FBCCAD2A82}
2012-03-09 23:58:28 -------- d-----w- C:\Users\Damon\AppData\Local\{BE5E707E-5601-462F-ADB4-7746336F57AE}
2012-03-09 23:58:18 -------- d-----w- C:\Users\Damon\AppData\Local\{E2E0461D-6907-4228-90FD-DAF78029FC27}
2012-03-09 17:06:34 -------- d-----w- C:\Users\Damon\AppData\Local\{2658FBB6-0374-4794-9026-A93D5E6B6775}
2012-03-09 17:06:20 -------- d-----w- C:\Users\Damon\AppData\Local\{2725D670-5CF6-49F9-A366-A29E6043DA0B}
2012-03-08 17:35:02 -------- d-----w- C:\Users\Damon\AppData\Local\{223FF328-4D51-42DC-85CC-421291C953D4}
2012-03-08 17:34:52 -------- d-----w- C:\Users\Damon\AppData\Local\{2B4FE15C-401C-4C7E-ACA4-91BC73D0BE20}
2012-03-08 09:02:14 -------- d-----w- C:\Users\Damon\AppData\Local\{D2CA7E2A-B050-4291-A81B-DA53B654088E}
2012-03-08 09:01:54 -------- d-----w- C:\Users\Damon\AppData\Local\{E99AF29B-633A-4AE2-B623-75E099AAAC84}
2012-03-08 00:20:52 -------- d-----w- C:\Users\Damon\AppData\Local\{0E0B4383-D2C4-42A2-AE01-A0123D40FBD3}
2012-03-08 00:20:42 -------- d-----w- C:\Users\Damon\AppData\Local\{C2D87D0A-8A2C-424E-BDC1-17885EECD6D4}
2012-03-07 17:33:24 -------- d-----w- C:\Users\Damon\AppData\Local\{190ABC93-A65F-48A5-8ECC-B57F84599127}
2012-03-07 17:33:14 -------- d-----w- C:\Users\Damon\AppData\Local\{E84BE20E-7C29-4650-BA68-E32B91DDFFFC}
2012-03-06 20:10:31 -------- d-----w- C:\Users\Damon\AppData\Local\{2EDCE230-BFED-4550-A389-39CECF58DEC7}
2012-03-06 20:10:19 -------- d-----w- C:\Users\Damon\AppData\Local\{C48CBD5F-AA42-48F4-B824-1F9B19D48106}
2012-03-06 20:09:53 -------- d-----w- C:\Users\Damon\AppData\Local\{E64EBDA6-114F-4F89-B832-ADF039B752AA}
2012-03-06 20:09:42 -------- d-----w- C:\Users\Damon\AppData\Local\{3F191012-C411-4AA6-B46F-EEE9CE13476D}
2012-03-06 11:56:35 -------- d-----w- C:\Users\Damon\AppData\Local\{0E22539B-26AE-442A-B53C-BE2F4C21DC99}
2012-03-06 11:56:24 -------- d-----w- C:\Users\Damon\AppData\Local\{860D90B0-6DD6-46DA-B4BF-BBD24CD7E943}
2012-03-05 19:18:09 -------- d-----w- C:\Users\Damon\AppData\Local\{9AF0D42C-3A3F-4478-88F3-9B669788EA9A}
2012-03-05 19:17:58 -------- d-----w- C:\Users\Damon\AppData\Local\{9B9CACF5-3283-4327-8D80-74BC37A4B5A9}
2012-03-04 18:35:08 -------- d-----w- C:\Users\Damon\AppData\Local\{A038124E-2283-4CB8-BE50-9DC0B50EE3A1}
2012-03-04 18:34:52 -------- d-----w- C:\Users\Damon\AppData\Local\{537B3061-6B87-4EFE-B6B1-DC87EC7FDFBD}
2012-03-04 00:04:29 -------- d-----w- C:\Users\Damon\AppData\Local\{87E95053-DE4D-4719-BAAC-1D0B93A382E8}
2012-03-04 00:04:16 -------- d-----w- C:\Users\Damon\AppData\Local\{74B4FDF1-E5A2-46D2-8D17-F7B006B6A224}
2012-03-02 23:59:48 -------- d-----w- C:\Users\Damon\AppData\Local\{DD777B84-1AFB-4A86-831D-E54854E1ECD6}
2012-03-02 23:59:35 -------- d-----w- C:\Users\Damon\AppData\Local\{2308CC87-BDBE-483F-A40B-AE726E5BEB9E}
2012-03-02 16:40:02 -------- d-----w- C:\Users\Damon\AppData\Local\{21F66B3E-2652-4E89-B8E5-4D62BF74EEF8}
2012-03-02 16:39:52 -------- d-----w- C:\Users\Damon\AppData\Local\{5B3F804A-F28C-48F6-97AD-C34B88A8ABE3}
2012-03-01 16:52:36 -------- d-----w- C:\Users\Damon\AppData\Local\{9CE86366-2459-43C5-A136-F0DD18344261}
2012-03-01 16:52:26 -------- d-----w- C:\Users\Damon\AppData\Local\{D526295D-D6DC-4265-8890-04DB47DF3D33}
2012-03-01 01:17:45 -------- d-----w- C:\Users\Damon\AppData\Local\{2398A68E-DD02-4EB4-999C-717D2801867A}
2012-02-29 19:19:58 -------- d-----w- C:\Users\Damon\AppData\Local\{3CD2D8AC-9702-49FC-8643-A1EA8A9AB853}
2012-02-29 19:19:48 -------- d-----w- C:\Users\Damon\AppData\Local\{C55CA4A2-7847-45BA-9DDA-51957C2D7A86}
2012-02-29 16:48:04 -------- d-----w- C:\Users\Damon\AppData\Local\{A2BEF9EF-A7F5-4527-9605-04EC26E2F264}
2012-02-29 16:47:54 -------- d-----w- C:\Users\Damon\AppData\Local\{1C964D53-D1B1-4ACA-B936-705D440456F4}
2012-02-28 18:33:39 -------- d-----w- C:\Users\Damon\AppData\Local\{C65832DB-B8F1-423C-9DD9-3E87B339C34C}
2012-02-28 18:33:29 -------- d-----w- C:\Users\Damon\AppData\Local\{8404021A-B27E-41FC-B1C3-8DB99F9FBB7A}
2012-02-28 15:56:55 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-02-28 13:41:14 -------- d-----w- C:\Users\Damon\AppData\Local\{1989892E-691D-4F97-A9B7-0C891115CE65}
2012-02-28 13:41:02 -------- d-----w- C:\Users\Damon\AppData\Local\{BD916C97-2878-4D54-BA33-62F21D7D2A5B}
2012-02-28 00:00:52 -------- d-----w- C:\Users\Damon\AppData\Roaming\AVG2012
2012-02-27 23:59:28 -------- d--h--w- C:\ProgramData\Common Files
2012-02-27 23:59:21 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2012-02-27 23:58:59 -------- d-----w- C:\Windows\System32\drivers\AVG
2012-02-27 23:58:59 -------- d-----w- C:\ProgramData\AVG2012
2012-02-27 23:58:16 -------- d-----w- C:\Program Files (x86)\AVG
2012-02-27 23:51:47 -------- d-----w- C:\ProgramData\MFAData
2012-02-27 23:44:47 -------- d-----w- C:\Users\Damon\AppData\Local\{24081720-6A79-46EF-87DC-43CBCBDAF0DA}
2012-02-27 23:44:24 -------- d-----w- C:\Users\Damon\AppData\Local\{39075E0A-D1F4-478E-B838-D3350EB1FBC8}
2012-02-27 20:56:48 -------- d-----w- C:\Users\Damon\AppData\Local\{503497EA-1E5B-4ECE-9A29-59B652B0D5C3}
2012-02-27 20:56:30 -------- d-----w- C:\Users\Damon\AppData\Local\{78D3E521-BB46-431C-9EC0-42C8C287DD0E}
2012-02-27 18:24:20 -------- d-----w- C:\Users\Damon\AppData\Local\{E3A8B69C-4999-42C8-B505-D07CFAAF19EB}
2012-02-27 18:24:09 -------- d-----w- C:\Users\Damon\AppData\Local\{B276D4BE-192B-431C-BF48-6A3694F24210}
.
==================== Find3M ====================
.
2012-02-23 09:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-09 13:05:39 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl
2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
.
============= FINISH: 23:32:02.97 ===============



No ark.txt due to having 64-bit OP.

Thanks
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
nomad3000's Avatar
nomad3000 nomad3000 is offline
Computer Specs
Member with 2 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
29-Mar-2012, 05:27 AM #2
Bump
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑