Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 28/06/2014 08:40:11, SYSTEM, MARK-HP, Protection, Malware Protection, Starting,
Protection, 28/06/2014 08:40:11, SYSTEM, MARK-HP, Protection, Malware Protection, Started,
Protection, 28/06/2014 08:40:11, SYSTEM, MARK-HP, Protection, Malicious Website Protection, Starting,
Protection, 28/06/2014 08:40:38, SYSTEM, MARK-HP, Protection, Malicious Website Protection, Started,
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.45.2
Run by Mark at 13:18:58 on 2014-06-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3689.1379 [GMT 1:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Bitdefender Antispyware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Orange\Internet Everywhere\{67580aca-225d-4da4-85a4-edde2909b5aa}\BEWConfigSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
C:\Program Files (x86)\Knowhow Cloud\KnowhowCloud.exe
C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Microsoft Office\Office10\MSPUB.EXE
C:\Program Files (x86)\Adobe\Photoshop CS\Photoshop.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = Preserve
mStart Page = hxxp://mysearch.sweetpacks.com/?src=10&st=12&I=48&did=10977&ppd=na&barid=92546452682460972
BHO: Bitdefender Wallet: {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
BHO: Zonealarm Helper Object: {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: ZoneAlarm Security Toolbar: {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
uRun: [Livedrive] "C:\Program Files (x86)\Knowhow Cloud\KnowhowCloud.exe"
uRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
uRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
uRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
dRun: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
dRun: [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
dRun: [Bitdefender Wallet Application Agent] "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X7\Programs\WPLauncher.hta
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{1DC57AC7-C147-4CD1-9EC7-B3AA209AA416} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{1DC57AC7-C147-4CD1-9EC7-B3AA209AA416}\244584572633D21553E4A4 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{1DC57AC7-C147-4CD1-9EC7-B3AA209AA416}\244584F6D65684572623D293257373 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{1DC57AC7-C147-4CD1-9EC7-B3AA209AA416}\35B4955313441364 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{1DC57AC7-C147-4CD1-9EC7-B3AA209AA416}\374756779656 : DHCPNameServer = 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= 0
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} -
x64-BHO: Bitdefender Wallet : {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\kf8p5p7h.default-1403005205455\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-16 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-16 40064]
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2014-6-17 893440]
R0 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2014-6-12 150256]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-2-12 53488]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [2014-6-17 93600]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2014-6-17 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\System32\drivers\bdvedisk.sys [2014-6-17 76944]
R1 cbfs3;cbfs3;C:\Windows\System32\drivers\cbfs3.sys [2014-2-20 352008]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-12-6 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-6-29 204288]
R2 BEWConfigSrv;BEWConfigSrv;C:\Program Files (x86)\Orange\Internet Everywhere\{67580aca-225d-4da4-85a4-edde2909b5aa}\BEWConfigSrv.exe [2012-6-5 173008]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-18 115216]
R3 avchv;avchv Function Driver;C:\Windows\System32\drivers\avchv.sys [2014-6-4 261056]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2014-6-17 635392]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2011-12-6 133672]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2011-12-6 620584]
R3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2011-12-6 89640]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-12-6 39976]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2012-8-3 40432]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-6-5 87040]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-6-17 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-6-17 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-6-17 63704]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-6-10 251496]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-10 685160]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-12-6 53376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 bdfwfpf_pc;bdfwfpf_pc;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2014-6-17 121928]
S3 BDSandBox;BDSandBox;C:\Windows\System32\drivers\bdsandbox.sys [2014-6-17 82824]
S3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-1-7 14872]
S3 EsgScanner;EsgScanner;C:\Windows\System32\drivers\EsgScanner.sys [2014-6-22 22704]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-6-5 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-6-5 13952]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-10-30 57840]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2012-6-5 98304]
S3 huawei_cdcecm;huawei_cdcecm;C:\Windows\System32\drivers\ew_jucdcecm.sys [2012-6-5 72192]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2012-6-5 28672]
S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;C:\Windows\System32\drivers\jrdusbser.sys [2013-11-18 120832]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-6-11 19456]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192cu.sys [2011-2-11 848384]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-6-18 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-6-11 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [2014-6-17 77632]
.
=============== File Associations ===============
.
ShellExec: napster.exe: napsterplay="\" /PlayFile "%L"
.
=============== Created Last 30 ================
.
2014-06-27 07:57:50 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{87647085-B5A6-4201-9DFB-84496233E5F9}\mpengine.dll
2014-06-23 21:36:51 -------- d-----w- C:\Users\Mark\AppData\Local\Adobe
2014-06-22 21:52:42 0 ----a-w- C:\Windows\SysWow64\shoFA36.tmp
2014-06-22 15:28:10 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys
2014-06-22 15:27:49 110080 ----a-r- C:\Users\Mark\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconF7A21AF7.exe
2014-06-22 15:27:49 110080 ----a-r- C:\Users\Mark\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconD7F16134.exe
2014-06-22 15:27:49 110080 ----a-r- C:\Users\Mark\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\Icon1226A4C5.exe
2014-06-22 15:27:46 -------- d-----w- C:\sh4ldr
2014-06-22 15:27:46 -------- d-----w- C:\Program Files\Enigma Software Group
2014-06-22 15:26:11 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-22 15:26:05 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-06-22 09:50:38 -------- d-----w- C:\ProgramData\McAfee Security Scan
2014-06-20 21:35:37 -------- d-----w- C:\Program Files\iTunes
2014-06-18 20:56:37 712552 ------w-C:\Windows\System32\HPDiscoPMB011.dll
2014-06-18 20:01:20 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-06-18 20:01:20 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-06-18 13:42:49 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-06-18 13:42:49 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-06-17 22:25:57 76944 ----a-w- C:\Windows\System32\drivers\bdvedisk.sys
2014-06-17 22:25:53 93600 ----a-w- C:\Windows\System32\drivers\BdfNdisf6.sys
2014-06-17 22:25:53 82824 ----a-w- C:\Windows\System32\drivers\bdsandbox.sys
2014-06-17 22:25:33 893440 ----a-w- C:\Windows\System32\drivers\avc3.sys
2014-06-17 22:25:33 635392 ----a-w- C:\Windows\System32\drivers\avckf.sys
2014-06-17 22:24:38 3271472 ---ha-w- C:\bdr-bz02
2014-06-17 22:19:40 389240 ----a-w- C:\Windows\System32\drivers\trufos.sys
2014-06-17 18:48:17 -------- d-----w- C:\Program Files\Common Files\Lavasoft
2014-06-17 18:21:42 5718 ---ha-w- C:\aaw7boot.cmd
2014-06-17 15:14:25 95024 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2014-06-17 11:45:22 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-17 11:44:59 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-17 11:44:59 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-17 11:44:59 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-06-17 08:42:05 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-06-17 08:42:05 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-06-16 19:30:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-12 20:21:41 -------- d-----w- C:\Users\Mark\AppData\Roaming\Bitdefender
2014-06-12 20:16:00 -------- d-----w- C:\ProgramData\Bitdefender
2014-06-12 20:15:59 150256 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2014-06-12 20:15:58 -------- d-----w- C:\Program Files\Bitdefender
2014-06-12 20:15:13 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2014-06-12 20:15:07 -------- d-----w- C:\Program Files (x86)\Common Files\Bitdefender
2014-06-12 15:56:37 -------- d-----w- C:\Program Files (x86)\IncrediMail
2014-06-12 15:50:48 -------- d-----w- C:\Windows\System32\ljkb
2014-06-12 15:50:47 -------- d-----w- C:\Windows\SysWow64\jmdp
2014-06-12 15:50:41 -------- d-----w- C:\Windows\SysWow64\ARFC
2014-06-12 15:50:40 34304 ----a-w- C:\Windows\System32\ImHttpComm.dll
2014-06-12 15:50:40 -------- d-----w- C:\Windows\SysWow64\WNLT
2014-06-11 08:20:38 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2014-06-11 08:20:38 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2014-06-11 08:20:35 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2014-06-11 08:20:35 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2014-06-11 08:20:35 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2014-06-11 08:12:38 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-06-11 08:12:38 366592 ----a-w- C:\Windows\System32\qdvd.dll
2014-06-11 07:42:11 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-11 07:42:10 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-11 07:40:59 871936 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2014-06-11 07:40:59 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-06-11 07:40:58 977408 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2014-06-11 07:40:58 359936 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2014-06-11 07:40:58 293080 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2014-06-11 07:40:57 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-11 07:37:32 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2014-06-11 07:37:32 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-06-11 07:37:32 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
2014-06-11 07:37:31 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2014-06-11 07:37:31 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-06-11 07:37:31 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2014-06-11 07:37:31 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-06-11 07:37:31 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-06-11 07:37:15 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-06-11 07:37:15 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-06-11 07:36:52 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-06-11 07:36:52 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-06-08 10:25:32 -------- d-----w- C:\ProgramData\Protexis
2014-06-08 07:36:08 -------- d-----w- C:\Program Files (x86)\Common Files\Corel
2014-06-08 07:36:07 -------- d-----w- C:\ProgramData\Corel
2014-06-08 07:35:53 -------- d-----w- C:\ProgramData\Borland
2014-06-08 07:32:26 -------- d-----w- C:\ProgramData\WordPerfect Office X7
2014-06-04 12:14:38 -------- d-----w- C:\ProgramData\BDLogging
2014-06-04 12:14:23 74512 ----a-w- C:\Windows\SysWow64\bdsandboxuiskin32.dll
2014-06-04 12:14:23 511328 ----a-w- C:\Windows\capicom.dll
2014-06-04 12:14:11 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys
2014-06-04 12:12:39 3271472 ---ha-w- C:\bdr-bz01
2014-06-04 12:06:37 84848 ----a-w- C:\Windows\System32\BDSandBoxUISkin.dll
2014-06-04 12:06:37 74512 ----a-w- C:\Windows\System32\bdsandboxuiskin32.dll
2014-06-04 12:06:37 34384 ----a-w- C:\Windows\System32\BDSandBoxUH.dll
2014-06-01 22:39:04 163504 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
.
==================== Find3M ====================
.
2014-06-22 09:50:30 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-22 09:50:30 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-09 13:13:00 489064 ----a-w- C:\SecurityScanner.dll
2014-03-31 08:35:08 270496 ------w-C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 13:23:23.45 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 02/02/2012 19:40:38
System Uptime: 28/06/2014 09:57:09 (4 hours ago)
.
Motherboard: Hewlett-Packard | | 3387
Processor: AMD E-450 APU with Radeon(tm) HD Graphics | Socket FT1 | 1320/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 272 GiB total, 183.294 GiB free.
D: is FIXED (NTFS) - 22 GiB total, 2.31 GiB free.
E: is FIXED (FAT32) - 4 GiB total, 1.078 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP640: 22/06/2014 08:58:53 - Windows Update
RP641: 22/06/2014 16:26:23 - Installed SpyHunter
RP642: 27/06/2014 08:53:42 - Windows Update
.
==== Installed Programs ======================
.
7-Zip 4.65
A-PDF To Image
Adobe Flash Player 13 ActiveX
Adobe Flash Player 14 Plugin
Adobe Photoshop 6.0
Adobe Photoshop CS
Adobe Reader XI (11.0.07)
Adobe Shockwave Player 12.0
Adobe SVG Viewer
AMD APP SDK Runtime
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
Avira SearchFree Toolbar
Bejeweled 3
Bitdefender Total Security
Blackhawk Striker 2
Bonjour
Broadcom 802.11 Wireless LAN Adapter
Broadcom Bluetooth Software
Broadcom InConcert Maestro
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chuzzle Deluxe
Compatibility Pack for the 2007 Office system
Cradle of Rome 2
CyberLink YouCam
D3DX10
Dora's World Adventure
Double Agent
ErrorEND
ESU for Microsoft Windows 7 SP1
Evernote v. 4.2.3
Farm Frenzy
Farmscapes
FATE
Final Drive Fury
Google Chrome
Google Update Helper
GPL Ghostscript 8.71
HitmanPro 3.7
Hoyle Card Games
HP 3D DriveGuard
HP Auto
HP Client Services
HP CoolSense
HP Customer Experience Enhancements
HP Deskjet 3520 series Basic Device Software
HP Documentation
HP Games
HP Launch Box
HP Memories Disc
HP On Screen Display
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Power Manager
HP Quick Launch
HP QuickWeb
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP Software Framework
HP Support Solutions Framework
HSPA USB MODEM
iCloud
IDT Audio
IncrediMail
IncrediMail 2.5
Internet Everywhere
iTunes
Java 7 Update 45
Java Auto Updater
JavaFX 2.1.1
Jewel Match 3
Jewel Quest Mysteries: The Seventh Gate Collector's Edition
John Deere Drive Green
join.me
Junk Mail filter update
Knowhow Cloud
Letters from Nowhere 2
Luxor HD
Mah Jong Medley
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office Click-to-Run 2010
Microsoft Office Excel Viewer
Microsoft Office Starter 2010 - English
Microsoft Office Word Viewer 2003
Microsoft Office XP Media Content
Microsoft Office XP Professional
Microsoft OneDrive
Microsoft PowerPoint Viewer
Microsoft Publisher 2002
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
MioMore Desktop 2008
Movie Maker
Mozilla Firefox 30.0 (x86 en-GB)
Mozilla Maintenance Service
Mozilla Thunderbird 11.0 (x86 en-GB)
MSVC90_x64
MSVC90_x86
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Napster
Napster Burn Engine
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia Software Updater
novaPDF Lite Desktop 7.6 printer
novaPDF Professional Desktop 7.5 printer
office Convert Pdf to Jpg Jpeg Tiff Free 6.5
opensource
OpenVPN 2.2.2
PC Connectivity Solution
Penguins!
Photo Common
Photo Gallery
Photo Notifier and Animation Creator
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
QuickTime 7
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Revo Uninstaller 1.95
RollerCoaster Tycoon 3: Platinum
Scribus 1.4.3 (64bit)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Skype Click to Call
Skype™ 6.16
SpyHunter
swMSM
Synaptics TouchPad Driver
The Treasures of Mystery Island: The Ghost Ship
Torchlight
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
VIS
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual Studio 2008 x64 Redistributables
VLC media player 2.1.0
Vodafone Mobile Connect Lite
WildTangent Games App (HP Games)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
Windows Driver Package - Nokia Modem (02/25/2011 4.7)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Updater Component
WordPerfect Office IFilter 32-bit
WordPerfect Office IFilter 64-bit
ZoneAlarm Security Toolbar
Zuma's Revenge
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== Event Viewer Messages From Past Week ========
.
28/06/2014 12:44:53, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
.
==== End Of File ===========================