I am pretty sure this is malware and would appreciate if someone could help me getting rid of it. Basically, I wanted to just re-install Windows using my Windows XP Setup CD (which works perfectly fine on my PC) but when I tried the same on my laptop, Setup initially began at boot then midway the laptop shut down automatically and then when I tried it again, it says "bootmgr" file not found and after that, everytime I try booting from CD, it just boots from the harddisk only although I have set it to boot from DVD drive first. So that left me no option but to try removing the malware manually but if anyone has some advice on this too, I'd appreciate a lot.
Getting back to the main problem, MBAM detected nothing. Here's a HJT log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:14:04 AM, on 9/7/2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\AVG\AVG9\avgchsvx.exe
D:\Program Files\AVG\AVG9\avgrsx.exe
D:\WINDOWS\System32\wltrysvc.exe
D:\WINDOWS\System32\bcmwltry.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\AVG\AVG9\avgcsrvx.exe
D:\WINDOWS\system32\acs.exe
C:\Acer\eManager\anbmServ.exe
D:\Program Files\AVG\AVG9\avgfws9.exe
D:\Program Files\Acer Arcade\Kernel\TV\CLCapSvc.exe
D:\Program Files\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
D:\Program Files\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
D:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe
D:\Program Files\Acer Arcade\Kernel\TV\CLSched.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Synaptics\SynTP\SynTPLpr.exe
D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
D:\Program Files\Launch Manager\LaunchAp.exe
D:\Program Files\Launch Manager\PowerKey.exe
D:\Program Files\Launch Manager\HotkeyApp.exe
D:\Program Files\Launch Manager\OSDCtrl.exe
D:\Program Files\Launch Manager\Wbutton.exe
C:\acer\epm\epm-dm.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVG9_TRAY] D:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SynTPLpr] D:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LaunchAp] "D:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "D:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "D:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "D:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "D:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "D:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [epm-dm] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [Seagate Dashboard] D:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] D:\WINDOWS\system32\Macromed\Flash\FlashUtil10e.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{62367AA3-C2CE-41B6-BE0D-7B194082845A}: NameServer = 59.185.0.50,59.185.0.23
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: app_dll.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - D:\WINDOWS\system32\acs.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - D:\Program Files\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - D:\Program Files\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - D:\Program Files\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - D:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service: UDisk Monitor - Unknown owner - D:\Program Files\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - D:\WINDOWS\System32\wltrysvc.exe
--
End of file - 7046 bytes
Edited by geekyandhow, 06 September 2012 - 04:23 PM.