Constant 'Malicious URL Blocked' pop-up from Avast.

Danij2011 · 04-Apr-2012, 09:52 AM #1

Hello

I posted previously about an issue, which got ignored after a couple of replies, but now I've encountered another issue.

As of yesterday I'm getting this.. 'Malicious URL blocked' "threat detected" pop-up for absolutely everything I go to.
It's really annoying, I'm unable to even go into something like Hotmail without getting a pop-up, the only site that seems to not be doing it is Google, which has got me in a right kerfuffle .__.
I'm not sure if this will make any difference, but it's a Windows 7 Laptop.
If anyone has any idea as to what this might be, I'd appreciate any help, thank you

lunarlander · 04-Apr-2012, 04:38 PM #2

Try uninstalling Avast then re-install it.

Danij2011 · 05-Apr-2012, 06:26 PM #3

Hey, thank you for your reply.
I don't know why I actually didn't think of that before, but I never.. done it though and it seems to of put an end to the annoying pop-up's - thank you!

Danij2011 · 05-Apr-2012, 07:07 PM #4

Okay - just to add on to the previous post.
The problem is still there, it's just started again

Ent · 05-Apr-2012, 07:24 PM #5

My guess is that Avast is just doing its job. If that's the case, there is actual malicious content on all the pages you're going to. Since that's not the case on the wider web, I'm going to infer that there's some sort of malware on your computer already (OK, Avast missed it's job on that one then) and it's responsible for messing up what the browser sees.

I suggest that you follow the instructions on this sticky thread to provide antimalware diagnostic logs for the specialists in these forums to check for issues.
http://forums.techguy.org/virus-othe...e-posting.html

In the mean time I'll ask someone to move this thread into the malware removal forum.

Danij2011 · 06-Apr-2012, 10:20 AM #6

Thank you for your reply. I liked your witty take on Avast and doing it's job, haha.
I also appreciate the advice you have given me, I'll do that right away!
Apologies for posting this in the wrong forum, didn't realise there was a malware removal one

Danij2011 · 11-Apr-2012, 08:45 AM #7

Hello again.
I'd like to take this time to apologise for the long wait in response.
I'm also having wireless network issues, but I'm aware that people here aren't able to help me and I have to post it in the appropriate forum (which might I add - I did, but no-ones replied since)

I've started back-up, got most of my important files safe, I should be finished by the end of today.
Anyway, back to what's important - here's the logs.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:14:36, on 11/04/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Users\Danij1991\AppData\Local\Smartbar\Application\Smartbar.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\ProgramData\Electronic Arts\Need For Speed World\Data\nfsw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Danij1991\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com/?sp=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.plusnetwork.com/?sp=addr&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\5.2\iobitToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\5.2\iobitToolbarIE.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Danij1991\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Messenger Plus! Community SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
O2 - BHO: Softonic English FF - {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files (x86)\Softonic_English_FF\prxtbSoft.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Softonic English FF Toolbar - {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files (x86)\Softonic_English_FF\prxtbSoft.dll
O3 - Toolbar: Messenger Plus! Community Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\5.2\iobitToolbarIE.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=kolgnaidildmdbfgdnoapjdianbpajne
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Danij1991\AppData\Local\Smartbar\Application\Smartbar.exe startup
O4 - HKCU\..\Run: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
O4 - Global Startup: VideoWebCamera.exe.lnk = C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ActiveSMART Service - Ariolic Software, Ltd. (http://www.ariolic.com) - C:\Program Files (x86)\ActiveSMART 2.9\ASmartService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15887 bytes

........................................................................... ...........................

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Danij1991 at 12:56:05 on 2012-04-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3835.1515 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
C:\Windows\SysWOW64\nlssrv32.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Users\Danij1991\AppData\Local\Smartbar\Application\Smartbar.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Danij1991\Downloads\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\ProgramData\Electronic Arts\Need For Speed World\Data\nfsw.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.plusnetwork.com/?sp=hp
uDefault_Page_URL = hxxp://packardbell.msn.com
uSearch Page = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
uSearch Bar = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
mDefault_Page_URL = hxxp://packardbell.msn.com
mStart Page = hxxp://packardbell.msn.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.plusnetwork.com/?sp=addr&q={searchTerms}
uURLSearchHooks: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - C:\Program Files (x86)\IObit Toolbar\IE\5.2\iobitToolbarIE.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
mURLSearchHooks: Softonic English FF Toolbar: {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files (x86)\Softonic_English_FF\prxtbSoft.dll
mWinlogon: Userinit=userinit.exe
BHO: Browser Companion Helper: {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll
BHO: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - C:\Program Files (x86)\IObit Toolbar\IE\5.2\iobitToolbarIE.dll
BHO: Complitly: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - C:\Users\Danij1991\AppData\Roaming\Complitly\Complitly.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO: Messenger Plus! Community SmartbarEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Browser Companion Helper Verifier: {963b125b-8b21-49a2-a3a8-e37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
BHO: Softonic English FF Toolbar: {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files (x86)\Softonic_English_FF\prxtbSoft.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
TB: Softonic English FF Toolbar: {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files (x86)\Softonic_English_FF\prxtbSoft.dll
TB: Messenger Plus! Community Smartbar: {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - C:\Program Files (x86)\IObit Toolbar\IE\5.2\iobitToolbarIE.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
uRun: [Browser Infrastructure Helper] C:\Users\Danij1991\AppData\Local\Smartbar\Application\Smartbar.exe startup
uRun: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=kolgnaidildmdbfgdnoapjdianbpajne
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
mRun: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [<NO NAME>]
mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VIDEOW~1.LNK - C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{09050EB8-13FA-4FA9-A89E-ED4E6DBAD17B} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{09050EB8-13FA-4FA9-A89E-ED4E6DBAD17B}\244584572633D2746325A5 : DhcpNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{09050EB8-13FA-4FA9-A89E-ED4E6DBAD17B}\244584F6D65684572623D243933335 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{09050EB8-13FA-4FA9-A89E-ED4E6DBAD17B}\26F6574696363616 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{09050EB8-13FA-4FA9-A89E-ED4E6DBAD17B}\4514C4B44514C4B4D2731454144423 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{09050EB8-13FA-4FA9-A89E-ED4E6DBAD17B}\841627B6E6563737E45677 : DhcpNameServer = 192.168.1.1
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Browser Companion Helper: {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll
BHO-X64: script helper for ie - No File
BHO-X64: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\5.2\iobitToolbarIE.dll
BHO-X64: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Danij1991\AppData\Roaming\Complitly\Complitly.dll
BHO-X64: Complitly - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO-X64: Conduit Engine - No File
BHO-X64: Messenger Plus! Community SmartbarEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Browser Companion Helper Verifier: {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
BHO-X64: Update Timer - No File
BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
BHO-X64: Vuze Remote - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
BHO-X64: Softonic English FF Toolbar: {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files (x86)\Softonic_English_FF\prxtbSoft.dll
BHO-X64: Softonic English FF - No File
TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
TB-X64: Softonic English FF Toolbar: {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files (x86)\Softonic_English_FF\prxtbSoft.dll
TB-X64: Messenger Plus! Community Smartbar: {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\5.2\iobitToolbarIE.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=kolgnaidildmdbfgdnoapjdianbpajne
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
mRun-x64: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [(Default)]
mRun-x64: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefrag Driver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-2-4 497496]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-3-16 782744]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-4-5 44768]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-9-20 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2011-2-11 868896]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]
R2 GREGService;GREGService;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-2-4 821592]
R2 MsgPlusService;Messenger Plus! Service;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2012-4-1 124832]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2011-10-8 66560]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-6-28 255744]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-3-2 2886528]
R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-9-20 243232]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-2-4 21384]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2012-2-4 33184]
R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2012-2-4 21872]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 ActiveSMART Service;ActiveSMART Service;C:\Program Files (x86)\ActiveSMART 2.9\AsmartService.exe [2011-1-6 602416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-25 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 253600]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-25 136176]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 SRS_iWowPC_Service;SRS Labs iWow PC;C:\Windows\system32\drivers\srs_iWowPC_amd64.sys --> C:\Windows\system32\drivers\srs_iWowPC_amd64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-04-09 10:23:35 99384 ----a-w- C:\Users\Danij1991\AppData\Roaming\inst.exe
2012-04-09 10:23:35 82816 ----a-w- C:\Users\Danij1991\AppData\Roaming\pcouffin.sys
2012-04-03 10:12:07 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-03 10:12:07 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-03-12 14:12:31 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2012-03-08 17:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2012-03-08 17:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
2012-03-06 23:15:19 41184 ----a-w- C:\Windows\avastSS.scr
2012-03-06 23:04:06 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-03-06 23:02:20 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-03-06 23:01:52 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-02-23 09:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-01-25 06:38:39 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-01-25 06:38:38 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-01-25 06:33:30 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-01-24 13:21:33 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-01-24 13:21:33 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
.
============= FINISH: 13:00:05.89 ===============

Hope this helps, let me know if there's anything I've missed out.
Thank you.

flavallee · 04:42 PM

Where is the "attach.txt" log?

---------------------------------------------------------

Start HiJackThis.

Click on the "Open The Misc Tools Section" button.

Click on the "Open Uninstall Manager" button.

Click on the "Save List" button.

Save the "uninstall_list.txt" file somewhere.

It'll then open in Notepad.

Return here to your thread, then copy-and-paste the entire file here.

---------------------------------------------------------

Download and save and then install the free version of

Malwarebytes Anti-Malware 1.61.0.1400

SUPERAntiSpyware 5.0.0.1146

Make sure to update their definition files during the install process.

Opt out and decline to install any extras, such as toolbars, that they may offer.

After they're installed and updated and the computer restarted, run a quick scan with each of them.

When each scan is finished, select and remove EVERYTHING that was found.

---------------------------------------------------------

Danij2011 · 28-Apr-2012, 08:19 AM #9

Hello, thank you for your response, I'd like to apologise, I'm having other troubles as well as this (wireless)
Here's the "uninstall_list.txt" file:

Acrobat.com
ActiveSMART
Adobe AIR
Adobe AIR
Adobe Reader 9.2 MUI
Advanced SystemCare 5
Advertising Center
AMD USB Filter Driver
Apple Application Support
Apple Software Update
ArtMoney PRO v7.27
ASIO4ALL
Atheros Driver Installation Program
Atheros WLAN Client
avast! Free Antivirus
Backup Manager Basic
Bandicam
Bandisoft MPEG-1 Decoder
Bejeweled 2 Deluxe
BrowserCompanion
Build-a-lot 2
Bus Driver
Camtasia Studio 7
Catalyst Control Center - Branding
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Complitly
D3DX10
Diner Dash 2 Restaurant Rescue
Driving Theory Test Express v3.0.0.0
Fable III
Farm Frenzy
FATE
Final Drive Nitro
Firebird SQL Server - MAGIX Edition
FL Studio 10
Flix
Game Booster 3
Google Chrome
Google Update Helper
Heat Online
Identity Card
IL Download Manager
Insaniquarium Deluxe
inSSIDer
InstallIQ Updater
IObit Malware Fighter
IObit Toolbar v5.4
Java(TM) 6 Update 29
Jewel Quest Solitaire 2
John Deere Drive Green
Junk Mail filter update
K-Lite Codec Pack 7.1.0 (Full)
Launch Manager
MAGIX Online Print Service
MAGIX Photo Manager 10
MAGIX Photo Manager 10
MAGIX PhotoStory on CD & DVD 10 Download Version
MAGIX PhotoStory on CD & DVD 10 Download Version
MAGIX Screenshare
MAGIX Speed burnR (MSI)
Messenger Plus! 5
Messenger Plus! Community Smartbar
Messenger Plus! for Skype
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Need For Speed™ World
Nero 9 Essentials
Nero ControlCenter
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
NeroExpress
neroxml
Norton Online Backup
NVIDIA PhysX
Origin
Packard Bell Games
Packard Bell InfoCentre
Packard Bell MyBackup
Packard Bell Power Management
Packard Bell Recovery Management
Packard Bell Registration
Packard Bell ScreenSaver
Packard Bell Social Networks
Packard Bell Social Networks
Packard Bell Updater
Penguins!
Plants vs. Zombies
Polar Bowler
Polar Golfer
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.1
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Skype™ 5.8
Smart Defrag 2
Softonic English FF Toolbar
TeamViewer 7
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update Installer for WildTangent Games App
Video Web Camera
Virtual Villagers 4 - The Tree of Life
VSO CopyTo 5
Vuze
Vuze Remote Toolbar
Welcome Center
WildTangent Games App (Packard Bell Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mail
Windows Live Messenger
Windows Live Messenger
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
Xirrus Wi-Fi Inspector
Zuma Deluxe
Zuma's Revenge

I installed those programs, ran a scan and both found threats. Malwarebytes only found 4, SuperAntispyware found 512..
But yeah, I hope this helps

flavallee · 28-Apr-2012, 08:38 AM **#10**

Quote:

Originally Posted by Danij2011

I installed those programs, ran a scan and both found threats. Malwarebytes only found 4, SuperAntispyware found 512.

Did you update the definition files BEFORE running a scan?

Did you select and remove EVERYTHING that was found?

----------------------------------------------------------

Danij2011 · 28-Apr-2012, 08:48 AM **#11**

Yeah I updated the definitions and yes EVERYTHING but SuperAntiSpyware is still currently removing the threats found, it's like half way, but I think it's got stuck on one or something as it's still at the same progress it was before, should I stop it and start a fresh?

flavallee · 28-Apr-2012, 08:51 AM **#12**

You need to go to Control Panel - Programs And Features, then uninstall:

Advanced SystemCare 5(by IObit)

BrowserCompanion

Complitly

Conduit Engine

InstallIQ Updater

IObit Malware Fighter

IObit Toolbar v5.4

Smart Defrag 2(by IObit)

Softonic English FF Toolbar

Vuze

Vuze Remote Toolbar

Yontoo Layers Runtime

-----------------------------------------------------

Danij2011 · 28-Apr-2012, 09:25 AM **#13**

I'm sorry about that, I had to restart a handful of times while removing those, but they're all done now

flavallee · 28-Apr-2012, 09:27 AM **#14**

Quote:

Originally Posted by Danij2011

Yeah I updated the definitions and yes EVERYTHING but SuperAntiSpyware is still currently removing the threats found, it's like half way, but I think it's got stuck on one or something as it's still at the same progress it was before, should I stop it and start a fresh?

You are running a quick scan and not a full/complete scan, correct?

DON'T use the computer while the scan is in progress.

-----------------------------------------------------------

flavallee · 28-Apr-2012, 09:28 AM **#15**

Quote:

Originally Posted by Danij2011

I'm sorry about that, I had to restart a handful of times while removing those, but they're all done now

Okay, good.

-------------------------------------------------------------

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Search
Search for:

Constant 'Malicious URL Blocked' pop-up from Avast.

Find the solution to your computer problem!

Find the solution to your
computer problem!