Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:54:32 p.m., on 5/05/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
c:\program files (x86)\dell datasafe local backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\dell datasafe local backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Jamie\Downloads\HijackThis (1).exe
C:\windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.celticminded.com/forums/forumdisplay.php?f=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) -
http://ccfiles.creative.com/Web/soft...02/CTSUEng.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) -
http://ccfiles.creative.com/Web/soft...3/CTPIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) -
http://ccfiles.creative.com/Web/soft...0926/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{855B13ED-54AF-4B55-8313-E6207D887F0E}: NameServer = 203.97.78.43,203.97.78.44
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - c:\program files (x86)\dell datasafe local backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12110 bytes
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.55.2
Run by Jamie at 17:56:45 on 2014-05-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.1955.522 [GMT 12:00]
.
AV: avast! Antivirus *Disabled/Outdated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Outdated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
c:\program files (x86)\dell datasafe local backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
c:\program files (x86)\dell datasafe local backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\dell datasafe local backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\svchost.exe -k HPService
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Jamie\Downloads\HijackThis (1).exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.celticminded.com/forums/forumdisplay.php?f=2
uSearch Bar =
www.google.com
uSearch Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={ inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
mStart Page =
www.google.com
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - <orphaned>
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: dell.com
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{5396B62F-6B4C-4DD5-BE37-B7B17CF785BA} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5396B62F-6B4C-4DD5-BE37-B7B17CF785BA}\24143554 : DHCPNameServer = 172.16.16.1
TCP: Interfaces\{5396B62F-6B4C-4DD5-BE37-B7B17CF785BA}\24163756024596D656023416073757C656 : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{5396B62F-6B4C-4DD5-BE37-B7B17CF785BA}\345726963674 : DHCPNameServer = 192.168.169.1
TCP: Interfaces\{5396B62F-6B4C-4DD5-BE37-B7B17CF785BA}\F42736F6E6D275962756C6563737 : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{855B13ED-54AF-4B55-8313-E6207D887F0E} : NameServer = 203.97.78.43,203.97.78.44
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-3-15 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-3-15 208416]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-6-8 55856]
R1 aswKbd;aswKbd;C:\windows\System32\drivers\aswKbd.sys [2013-5-23 22600]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-8-27 1039096]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-8-27 423240]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-12-1 89600]
R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-5-1 29208]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-8-27 79184]
R2 aswStm;aswStm;C:\windows\System32\drivers\aswstm.sys [2014-1-3 85328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-5-1 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-11-3 897088]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 ExpatSrv;Expat Shield Routing Service;C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [2011-5-27 363336]
R2 ExpatWd;Expat Shield Monitoring Service;C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat --> C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat [?]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-8 13336]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-5-2 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-5-2 857912]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-7 662232]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-6-8 1692480]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\drivers\btmaux.sys [2010-11-4 58128]
R3 btmhsf;btmhsf;C:\windows\System32\drivers\btmhsf.sys [2011-11-15 327168]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2012-6-4 176000]
R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\drivers\iBtFltCoex.sys [2011-12-9 60416]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-6-8 317440]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2011-8-5 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2014-5-2 119512]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac. sys [2014-5-2 63192]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-11 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-11 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-12-1 42392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-11-4 1298496]
S3 FACAP;facap, FastAccess Video Capture;C:\windows\System32\drivers\facap.sys [2008-9-25 238848]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-4-16 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-18 340240]
S3 PSI;PSI;C:\windows\System32\drivers\psi_mf_amd64.sys [2013-12-7 18456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-2-13 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-6-8 250984]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-12-7 1229528]
S3 SWDUMon;SWDUMon;C:\windows\System32\drivers\SWDUMon.sys [2014-2-24 16152]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-2-12 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-2-13 30208]
S3 xrusbser;USB Serial Exar driver;C:\windows\System32\drivers\xrusbser.sys [2011-8-15 48640]
S4 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2013-8-1 4292960]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-05-05 01:07:02 -------- d-----w- C:\Users\Jamie\AppData\Local\{97B2C828-51E9-4B3F-AD29-447B939ABAC8}
2014-05-04 21:30:51 -------- d-----w- C:\Users\Jamie\AppData\Local\{4114BC25-903C-48E8-B860-E41079748B0C}
2014-05-04 20:21:28 0 ----a-w- C:\windows\SysWow64\sho1989.tmp
2014-05-04 12:04:29 0 ----a-w- C:\windows\SysWow64\sho88C3.tmp
2014-05-04 08:33:55 -------- d-----w- C:\Users\Jamie\AppData\Local\Opera Software
2014-05-04 08:33:54 -------- d-----w- C:\Users\Jamie\AppData\Roaming\Opera Software
2014-05-04 00:10:28 -------- d-----w- C:\Users\Jamie\AppData\Local\{444E25F8-A0F8-4C56-A90B-DFD8CC535D82}
2014-05-03 14:51:43 0 ----a-w- C:\windows\SysWow64\sho3CD1.tmp
2014-05-03 11:44:47 -------- d-----w- C:\Users\Jamie\AppData\Local\{EA345CC8-FD77-4B99-BD8D-5C8DC0640A35}
2014-05-03 01:24:37 -------- d-----w- C:\Users\Jamie\AppData\Local\AdFender
2014-05-03 01:24:37 -------- d-----w- C:\ProgramData\AdFender
2014-05-03 01:24:36 -------- d-----w- C:\Program Files (x86)\AdFender
2014-05-02 23:52:30 0 ----a-w- C:\windows\SysWow64\shoB4D3.tmp
2014-05-02 12:22:38 0 ----a-w- C:\windows\SysWow64\shoAFE2.tmp
2014-05-02 09:31:51 -------- d-----w- C:\Users\Jamie\AppData\Local\{C9F9AC15-84AC-4F99-B1E5-AA22AE11D531}
2014-05-02 07:44:01 0 ----a-w- C:\windows\SysWow64\sho9699.tmp
2014-05-02 07:11:24 -------- d-----w- C:\Users\Jamie\AppData\Local\TrustDefender
2014-05-02 06:06:00 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-02 06:01:23 108968 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2014-05-02 05:47:09 -------- d-----w- C:\Users\Jamie\AppData\Local\Secunia PSI
2014-05-02 05:46:44 -------- d-----w- C:\Program Files (x86)\Secunia
2014-05-01 22:07:50 119512 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-05-01 22:07:16 88280 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2014-05-01 22:07:16 63192 ----a-w- C:\windows\System32\drivers\mwac.sys
2014-05-01 22:07:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-01 21:30:37 -------- d-----w- C:\Users\Jamie\AppData\Local\{6B2BFC62-9FE0-45EF-923F-3CE01914CC53}
2014-05-01 11:07:43 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2014-05-01 11:07:40 43152 ----a-w- C:\windows\avastSS.scr
2014-05-01 09:29:31 -------- d-----w- C:\Users\Jamie\AppData\Local\{2C92BC0C-978A-4644-81FA-21086290B43F}
2014-04-29 21:09:17 -------- d-----w- C:\Users\Jamie\AppData\Local\{7E64C284-2068-453D-808F-68A981179F12}
2014-04-29 01:13:38 -------- d-----w- C:\Users\Jamie\AppData\Local\{9FB169E9-418C-4894-ADC6-7ED3BAFDAB36}
2014-04-28 20:26:22 -------- d-----w- C:\Users\Jamie\AppData\Local\{CEB85BF1-28CF-4411-9A19-B3E54D4A2B70}
2014-04-28 00:42:13 -------- d-----w- C:\Users\Jamie\AppData\Local\{CAD99C32-B9BA-426F-8CD7-A39F267C14AC}
2014-04-27 10:52:16 -------- d-----w- C:\Users\Jamie\AppData\Local\{9173FE83-69C0-4B3D-97C4-74C3D53FD314}
2014-04-26 22:51:18 -------- d-----w- C:\Users\Jamie\AppData\Local\{0AC7D3B1-F721-4AD0-A262-F7877BFAD440}
2014-04-26 08:27:21 -------- d-----w- C:\Users\Jamie\AppData\Local\{CB3737A0-AD6F-4125-A82D-CC099886322B}
2014-04-25 20:26:18 -------- d-----w- C:\Users\Jamie\AppData\Local\{80369C07-3754-474C-9E8E-BF4ADC0E696B}
2014-04-25 07:50:41 -------- d-----w- C:\Users\Jamie\AppData\Local\{DD55939B-C260-410D-8F95-3BDD35B000AC}
2014-04-24 19:49:50 -------- d-----w- C:\Users\Jamie\AppData\Local\{13C5ACCF-F949-4781-81B6-5F6A3F36378E}
2014-04-24 00:46:45 -------- d-----w- C:\Users\Jamie\AppData\Local\{77F8B1C0-B58D-4436-8188-9583109FDB82}
2014-04-23 09:32:37 -------- d-----w- C:\Users\Jamie\AppData\Local\{FDBDBBC5-AC80-4573-A530-9DE2DA26C710}
2014-04-22 20:17:53 -------- d-----w- C:\Users\Jamie\AppData\Local\{C341CCD4-687B-48FE-9364-A2AEB7B7A387}
2014-04-22 01:14:34 -------- d-----w- C:\Users\Jamie\AppData\Local\{C2E7E72D-F694-44BF-9592-2BD26D4D75D5}
2014-04-21 21:03:18 -------- d-----w- C:\Users\Jamie\AppData\Local\{9E39A511-D286-46E3-834F-E4D1232F69A3}
2014-04-21 09:02:50 -------- d-----w- C:\Users\Jamie\AppData\Local\{6DE06C6A-82EA-404F-9CB3-7541F575BB47}
2014-04-20 20:52:57 -------- d-----w- C:\Users\Jamie\AppData\Local\{E68273FB-A4E7-4523-9475-F59A69FBFB66}
2014-04-20 00:19:19 -------- d-----w- C:\Users\Jamie\AppData\Local\{320F499F-F573-40A2-8E4F-238D47A7DC6B}
2014-04-19 12:18:48 -------- d-----w- C:\Users\Jamie\AppData\Local\{81688227-1DF4-4EF6-8F44-191942D043CE}
2014-04-18 23:52:17 -------- d-----w- C:\Users\Jamie\AppData\Local\{6BA07CF4-EA55-41D1-8496-28CD2A7EE66A}
2014-04-18 10:52:14 -------- d-----w- C:\Users\Jamie\AppData\Local\{DD69EF56-A80A-4CEA-A2FD-883F8256F5C1}
2014-04-17 22:51:43 -------- d-----w- C:\Users\Jamie\AppData\Local\{96C79D76-84B4-472E-80BA-51CF9796D14A}
2014-04-17 08:41:59 -------- d-----w- C:\Users\Jamie\AppData\Local\{2A6F5253-C3C8-4D47-8E85-20A1D4353734}
2014-04-16 20:41:29 -------- d-----w- C:\Users\Jamie\AppData\Local\{02EFE5D1-B2C1-490A-9104-B6F040AFDF23}
2014-04-16 20:40:47 -------- d-sh--w- C:\Users\Jamie\AppData\Local\EmieUserList
2014-04-16 20:40:47 -------- d-sh--w- C:\Users\Jamie\AppData\Local\EmieSiteList
2014-04-16 06:02:09 359936 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2014-04-16 06:02:07 257536 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2014-04-16 06:00:53 8011776 ----a-w- C:\Program Files\Internet Explorer\F12Resources.dll
2014-04-16 05:52:30 243712 ----a-w- C:\windows\System32\wow64.dll
2014-04-16 05:52:29 362496 ----a-w- C:\windows\System32\wow64win.dll
2014-04-16 05:52:29 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2014-04-16 05:52:28 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2014-04-16 05:52:28 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2014-04-16 05:52:28 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2014-04-16 05:52:24 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2014-04-16 05:52:24 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2014-04-16 05:52:23 2048 ----a-w- C:\windows\SysWow64\user.exe
2014-04-16 00:41:10 -------- d-----w- C:\Users\Jamie\AppData\Local\Harmony_Hollow_Software
2014-04-16 00:38:07 -------- d-----w- C:\Users\Jamie\AppData\Local\CTSounds
2014-04-16 00:20:21 -------- d-----w- C:\Users\Jamie\AppData\Local\{933E6FC6-21EF-4AE9-ABC3-91393573D2CF}
2014-04-15 09:11:26 -------- d-----w- C:\Users\Jamie\AppData\Local\{5922316E-BB92-44EB-83E2-7DBF40CA4B30}
2014-04-14 21:10:35 -------- d-----w- C:\Users\Jamie\AppData\Local\{0E1FAC32-B0F3-4897-95BC-E60C217436A3}
2014-04-14 08:41:38 -------- d-----w- C:\Users\Jamie\AppData\Local\{3AAECDF1-FA72-40D2-8FE4-CE368BA8B1E7}
2014-04-13 20:40:44 -------- d-----w- C:\Users\Jamie\AppData\Local\{7D105220-D3F2-4538-A798-EBB15F121DAF}
2014-04-13 08:39:36 -------- d-----w- C:\Users\Jamie\AppData\Local\{891D3C97-BE56-4F1C-83A2-7B2225498C83}
2014-04-12 20:38:31 -------- d-----w- C:\Users\Jamie\AppData\Local\{688DD981-7BC3-47AC-AF78-21EBC0899F31}
2014-04-12 08:37:39 -------- d-----w- C:\Users\Jamie\AppData\Local\{419AACD6-E743-468E-9363-7A4A9659093C}
2014-04-11 20:36:46 -------- d-----w- C:\Users\Jamie\AppData\Local\{BB37CA84-B0B1-4CEC-91B9-0BC8C20567E2}
2014-04-11 08:02:13 -------- d-----w- C:\Users\Jamie\AppData\Local\{F1441A02-306A-43CF-A727-CA7A49AD8DA0}
2014-04-10 20:01:19 -------- d-----w- C:\Users\Jamie\AppData\Local\{18B36C13-3617-4B48-9134-F6C5C44F3E07}
2014-04-10 00:56:40 -------- d-----w- C:\Users\Jamie\AppData\Local\{B7C6C9A2-D5BE-4AD5-9A41-4AD1E0F58F32}
2014-04-09 09:38:07 -------- d-----w- C:\Users\Jamie\AppData\Local\{DDCFB7CA-87C2-408A-A23E-9D7428677770}
2014-04-08 20:58:51 -------- d-----w- C:\Users\Jamie\AppData\Local\{9BC37940-0D34-478F-B0C8-586DFEAB84BB}
2014-04-07 20:33:28 -------- d-----w- C:\Users\Jamie\AppData\Local\{4D59185E-FEAE-488E-85A5-EF97F13515A1}
2014-04-07 07:53:13 -------- d-----w- C:\Users\Jamie\AppData\Local\{DD0ECDF3-A3E4-42AF-8675-22F618C37197}
2014-04-06 19:52:34 -------- d-----w- C:\Users\Jamie\AppData\Local\{552ED290-78FB-4392-94B4-E11D735A9BCA}
2014-04-06 01:33:41 -------- d-----w- C:\Users\Jamie\AppData\Local\{E953F456-C8B2-4401-9D9B-C5640A053F7B}
2014-04-05 10:39:23 -------- d-----w- C:\Users\Jamie\AppData\Local\{C6BE1978-7612-4620-80C2-3EEB8DE8057E}
2014-04-05 09:41:54 -------- d-----w- C:\Users\Jamie\AppData\Local\{413F5C4B-BE59-4A38-99E0-242548C4A987}
.
==================== Find3M ====================
.
2014-05-02 06:03:38 70832 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-02 06:03:38 692400 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-05-01 11:07:41 85328 ----a-w- C:\windows\System32\drivers\aswstm.sys
2014-05-01 11:07:41 79184 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2014-05-01 11:07:41 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2014-05-01 11:07:41 208416 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2014-05-01 11:07:41 1039096 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2014-05-01 11:07:40 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2014-04-02 21:50:58 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2014-03-06 09:32:16 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-03-06 09:31:33 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-03-06 08:57:34 548352 ----a-w- C:\windows\System32\vbscript.dll
2014-03-06 08:57:20 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-03-06 08:32:07 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-03-06 08:29:40 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-03-06 08:29:14 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-03-06 08:28:15 752640 ----a-w- C:\windows\System32\jscript9diag.dll
2014-03-06 08:15:54 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41 5784064 ----a-w- C:\windows\System32\jscript9.dll
2014-03-06 08:02:34 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-03-06 08:02:33 455168 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-03-06 08:01:01 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43 38400 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36 4254720 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-03-06 07:38:13 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40 592896 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43 32256 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15 2043904 ----a-w- C:\windows\System32\inetcpl.cpl
2014-03-06 06:40:39 1967104 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40 2260480 ----a-w- C:\windows\System32\wininet.dll
2014-03-06 05:41:49 1789440 ----a-w- C:\windows\SysWow64\wininet.dll
2014-03-04 09:17:05 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2014-02-24 01:55:56 16152 ----a-w- C:\windows\System32\drivers\SWDUMon.sys
2014-02-07 01:23:30 3156480 ----a-w- C:\windows\System32\win32k.sys
.
============= FINISH: 18:00:01.41 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 15/06/2011 10:20:35 p.m.
System Uptime: 5/05/2014 4:33:05 p.m. (2 hours ago)
.
Motherboard: Dell Inc. | | 034W60
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz | CPU 1 | 798/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 235.873 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart B110 series
Device ID: ROOT\MULTIFUNCTION\0005
Manufacturer: HP
Name: Photosmart B110 series
PNP Device ID: ROOT\MULTIFUNCTION\0005
Service:
.
==== System Restore Points ===================
.
RP328: 30/04/2014 10:55:43 p.m. - Removed Java 7 Update 25
RP329: 30/04/2014 11:02:15 p.m. - Adblock Plus for IE
RP330: 30/04/2014 11:30:18 p.m. - Adblock Plus for IE
RP331: 1/05/2014 10:51:33 p.m. - Removed PC care
RP332: 1/05/2014 11:06:11 p.m. - avast! antivirus system restore point
RP333: 2/05/2014 6:07:29 p.m. - Windows Update
RP334: 2/05/2014 7:21:52 p.m. - Removed Windows Media Player Firefox Plugin
.
==== Installed Programs ======================
.
3GP Player 2011
64 Bit HP CIO Components Installer
AdFender
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader X (10.1.9) MUI
Advanced Audio FX Engine
Akamai NetSession Interface
avast! Free Antivirus
B110
BufferChm
calibre 64bit
CCleaner
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Driver Download Manager
Dell Edoc Viewer
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell System Detect
Dell Touchpad
Dell VideoStage
Dell Webcam Central
Destinations
DeviceDiscovery
Facebook Video Calling 2.0.0.447
Free Alarm Clock 2.7.1
Google Chrome
Google Update Helper
GPBaseService2
HiJackThis
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPAppStudio
HPPhotoGadget
HPProductAssistant
IDT Audio
inSSIDer 3
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
Java 7 Update 55
Java 7 Update 55 (64-bit)
JavaFX 2.1.1
Junk Mail filter update
Malwarebytes Anti-Malware version 2.0.1.1004
MarketResearch
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft_VC100_CRT_SP1_x64
Microsoft_VC100_CRT_SP1_x86
MSVC80_x64_v2
MSVC80_x86_v2
MSVC90_x64
MSVC90_x86
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Dell
MyDriveConnect 3.3.0.1342
Network64
Opera Stable 20.0.1387.91
PhotoScape
PS_AIO_07_B110_SW_Min
Quickset64
QuickTransfer
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Renesas Electronics USB 3.0 Host Controller Driver
Scan
Secunia PSI (3.0.0.9016)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2863926) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype Click to Call
Skype 6.11
SmartWebPrinting
SolutionCenter
Speccy
Spotify
Status
Texas Instruments TUSB3410 drivers.
Toolbox
TrayApp
TUSB3410
Unity Web Player
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Visual Studio C++ 10.0 Runtime
WebReg
Windows Driver Package - Exar Corporation (xrusbser) Ports (08/17/2011 1.7.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.10 beta 4 (64-bit)
WinZip 15.5
.
==== Event Viewer Messages From Past Week ========
.
5/05/2014 4:34:37 p.m., Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
5/05/2014 1:05:19 p.m., Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
4/05/2014 6:23:04 p.m., Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
30/04/2014 11:52:36 p.m., Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\IWMSSvc.dll Error Code: 21
30/04/2014 11:52:16 p.m., Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswVmm discache spldr Wanarpv6
30/04/2014 11:52:16 p.m., Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
29/04/2014 8:23:39 a.m., Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Bluetooth Device Monitor service to connect.
29/04/2014 8:23:39 a.m., Error: Service Control Manager [7000] - The Bluetooth Device Monitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
29/04/2014 6:36:02 p.m., Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
29/04/2014 6:36:02 p.m., Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
29/04/2014 6:36:02 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
29/04/2014 6:36:00 p.m., Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
29/04/2014 6:36:00 p.m., Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
2/05/2014 7:48:39 p.m., Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
2/05/2014 10:55:10 a.m., Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
.
==== End Of File ===========================
GMER 2.1.19357 -
http://www.gmer.net
Rootkit scan 2014-05-05 18:11:45
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.MC00 298.09GB
Running: m50b67wr.exe; Driver: C:\Users\Jamie\AppData\Local\Temp\ugloypod.sys
---- Threads - GMER 2.1 ----
Thread C:\windows\System32\svchost.exe [348:1712] 000007fef6996b8c
Thread C:\windows\System32\svchost.exe [348:2768] 000007fef6991d88
Thread C:\windows\system32\svchost.exe [508:1668] 000007fefa051a50
Thread C:\windows\system32\svchost.exe [508:4576] 000007fefb33506c
Thread C:\windows\system32\svchost.exe [508:4580] 000007fef5a21c20
Thread C:\windows\system32\svchost.exe [508:4584] 000007fef5a21c20
Thread C:\windows\system32\svchost.exe [508:5456] 000007fef87b5124
Thread C:\windows\system32\svchost.exe [508:1840] 000007fef6551ab0
Thread C:\windows\system32\svchost.exe [1180:1292] 000007fefaf88274
Thread C:\windows\system32\svchost.exe [1180:2312] 000007fefaf88274
Thread C:\windows\system32\svchost.exe [1320:6272] 000007fef8fd5170
Thread C:\windows\system32\WLANExt.exe [1460:1560] 00000001800ee130
Thread C:\windows\system32\WLANExt.exe [1460:1564] 0000000180090110
Thread C:\windows\system32\WLANExt.exe [1460:1568] 00000001800ee130
Thread C:\windows\system32\WLANExt.exe [1460:1420] 000007fefa232f9c
Thread C:\windows\system32\WLANExt.exe [1460:2156] 0000000000a18bc8
Thread C:\windows\system32\WLANExt.exe [1460:2160] 0000000000a18be4
Thread C:\windows\system32\WLANExt.exe [1460:2164] 0000000000a18bac
Thread C:\windows\system32\WLANExt.exe [1460:2184] 000007fefa232f9c
Thread C:\windows\System32\spoolsv.exe [1688:2700] 000007fef8a610c8
Thread C:\windows\System32\spoolsv.exe [1688:2704] 000007fef8a26144
Thread C:\windows\System32\spoolsv.exe [1688:2708] 000007fef9a95fd0
Thread C:\windows\System32\spoolsv.exe [1688:2712] 000007fef8a03438
Thread C:\windows\System32\spoolsv.exe [1688:2716] 000007fef9a963ec
Thread C:\windows\System32\spoolsv.exe [1688:2720] 000007fef8a03438
Thread C:\windows\System32\spoolsv.exe [1688:2724] 000007fef9a963ec
Thread C:\windows\System32\spoolsv.exe [1688:2732] 000007fef8e25e5c
Thread C:\windows\System32\spoolsv.exe [1688:2804] 000007fef8ab8760
Thread C:\windows\system32\svchost.exe [1732:2496] 000007fef9de35c0
Thread C:\windows\system32\svchost.exe [1732:2500] 000007fef9de5600
Thread C:\windows\system32\svchost.exe [1732:5232] 000007fef48f2888
Thread C:\windows\system32\svchost.exe [1732:5240] 000007fef48e2940
Thread C:\windows\system32\taskhost.exe [2304:2960] 000007fefb881010
Thread C:\windows\system32\taskhost.exe [2304:3380] 000007fef8fd5170
Thread C:\windows\system32\svchost.exe [3528:3660] 000007fef9a95fd0
Thread C:\windows\system32\svchost.exe [3528:3664] 000007fef8a03438
Thread C:\windows\system32\svchost.exe [3528:3668] 000007fef9a963ec
Thread C:\windows\system32\taskhost.exe [3412:1160] 000007fef8d4ef24
---- EOF - GMER 2.1 ----
Thank you very much.