wddmservice.exe is a suspicious object that cannot be deleted by avast! antivirus

[vlvlvl]

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 18/05/2010 6:54:20 PM

System Uptime: 15/10/2013 7:59:19 PM (3 hours ago)

.

Motherboard: MSI |  | IONA

Processor: Intel® Core i3 CPU         530  @ 2.93GHz | CPU 1 | 1173/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 288 GiB total, 118.87 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 1.422 GiB free.

E: is CDROM ()

F: is FIXED (NTFS) - 75 GiB total, 51.152 GiB free.

G: is FIXED (NTFS) - 466 GiB total, 457.19 GiB free.

H: is FIXED (NTFS) - 466 GiB total, 405.85 GiB free.

J: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Realtek PCIe GBE Family Controller

Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2A9C103C&REV_03\4&3B8885A0&0&00E0

Manufacturer: Realtek

Name: Realtek PCIe GBE Family Controller

PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2A9C103C&REV_03\4&3B8885A0&0&00E0

Service: RTL8167

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Photosmart C309a series

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Photosmart C309a series

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service: 

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Photosmart C309a series

Device ID: ROOT\MULTIFUNCTION\0001

Manufacturer: HP

Name: Photosmart C309a series

PNP Device ID: ROOT\MULTIFUNCTION\0001

Service: 

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: Photosmart C309a series

Device ID: ROOT\IMAGE\0000

Manufacturer: HP

Name: Photosmart C309a series

PNP Device ID: ROOT\IMAGE\0000

Service: StillCam

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: Photosmart C309a series

Device ID: ROOT\IMAGE\0001

Manufacturer: HP

Name: Photosmart C309a series

PNP Device ID: ROOT\IMAGE\0001

Service: StillCam

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

Acrobat.com

Adobe Acrobat 9 Pro - English, Français, Deutsch

Adobe Acrobat 9.5.5 - CPSID_83708

Adobe After Effects CS4

Adobe After Effects CS4 Presets

Adobe After Effects CS4 Third Party Content

Adobe AIR

Adobe Anchor Service CS4

Adobe Asset Services CS4

Adobe Bridge CS4

Adobe CMaps CS4

Adobe Color - Photoshop Specific CS4

Adobe Color EU Extra Settings CS4

Adobe Color JA Extra Settings CS4

Adobe Color NA Recommended Settings CS4

Adobe Color Video Profiles AE CS4

Adobe Color Video Profiles CS CS4

Adobe Contribute CS4

Adobe Creative Suite 4 Master Collection

Adobe CS4 American English Speech Analysis Models

Adobe CSI CS4

Adobe Default Language CS4

Adobe Device Central CS4

Adobe Download Assistant

Adobe Dreamweaver CS4

Adobe Drive CS4

Adobe Dynamiclink Support

Adobe Encore CS4

Adobe Encore CS4 Codecs

Adobe ExtendScript Toolkit CS4

Adobe Extension Manager CS4

Adobe Fireworks CS4

Adobe Flash CS4

Adobe Flash CS4 Extension - Flash Lite STI en

Adobe Flash CS4 STI-en

Adobe Flash Player 10 Plugin

Adobe Flash Player 11 ActiveX

Adobe Fonts All

Adobe Illustrator CS4

Adobe InDesign CS4

Adobe InDesign CS4 Application Feature Set Files (Roman)

Adobe InDesign CS4 Common Base Files

Adobe InDesign CS4 Icon Handler

Adobe Linguistics CS4

Adobe Media Encoder CS4

Adobe Media Encoder CS4 Additional Exporter

Adobe Media Encoder CS4 Dolby

Adobe Media Encoder CS4 Exporter

Adobe Media Encoder CS4 Importer

Adobe Media Player

Adobe MotionPicture Color Files CS4

Adobe OnLocation CS4

Adobe Output Module

Adobe PDF Library Files CS4

Adobe Photoshop 7.0

Adobe Photoshop CS4

Adobe Photoshop CS4 Support

Adobe Premiere Pro CS4

Adobe Premiere Pro CS4 Functional Content

Adobe Premiere Pro CS4 Third Party Content

Adobe Premiere Pro CS6

Adobe Reader XI (11.0.04)

Adobe Search for Help

Adobe Service Manager Extension

Adobe Setup

Adobe SGM CS4

Adobe SING CS4

Adobe Soundbooth CS4

Adobe Soundbooth CS4 Codecs

Adobe Type Support CS4

Adobe Update Manager CS4

Adobe Version Cue CS4 Server

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS4

AdobeColorCommonSetCMYK

Advanced Uninstaller PRO - Version 10

Apple Application Support

Apple Software Update

ArcSoft Panorama Maker 5

avast! Free Antivirus

Canon Auto Update Service

Canon DIGITAL CAMERA Solution Disk Software Guide

Canon MOV Decoder

Canon MOV Encoder

Canon MovieEdit Task for ZoomBrowser EX

Canon MP Navigator EX 3.0

Canon MP270 series MP Drivers

Canon PowerShot ELPH 310 HS_IXUS 230 HS Camera User Guide

Canon Utilities CameraWindow DC 8

Canon Utilities CameraWindow Launcher

Canon Utilities Movie Uploader for YouTube

Canon Utilities MyCamera

Canon Utilities PhotoStitch

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center HydraVision Full

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Compatibility Pack for the 2007 Office system

Connect

CyberLink DVD Suite Deluxe

D3DX10

DirectX for Managed Code Update (Summer 2004)

DVD Menu Pack for HP MediaSmart Video

Elevated Installer

Facebook Video Calling 1.2.0.287

FileZilla Client 3.7.1

Free RAR Extract Frog

Garmin Communicator Plugin

Garmin Communicator Plugin with myGarmin Agent

Garmin Express

Garmin Express Tray

Garmin Update Service

Garmin USB Drivers

GIMP 2.6.8

Google Chrome

Google Talk Plugin

Google Update Helper

Hardware Diagnostic Tools

Hewlett-Packard ACLM.NET v1.2.1.1

HP Advisor

HP Customer Experience Enhancements

HP MAINSTREAM KEYBOARD

HP MediaSmart DVD

HP MediaSmart Music/Photo/Video

HP MediaSmart SmartMenu

HP Photosmart C309a All-In-One Driver 14.0 Rel. 5

HP Remote Solution

HP Setup

HP Support Assistant

HP Update

HPDiagnosticAlert

HydraVision

Java 7 Update 40

Java Auto Updater

Korean Fonts Support For Adobe Reader 9

kuler

LabelPrint

LightScribe System Software

Macromedia Dreamweaver MX

Macromedia Extension Manager

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office Home and Student 60 day trial

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Movie Theme Pack for HP MediaSmart Video

Mozilla Firefox 24.0 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Network

Nikon Message Center 2

Notepad++

OLYMPUS ib

OpenOffice.org 3.2

PDF Settings CS4

PHOTOfunSTUDIO 8.0 AE

Photoshop Camera Raw

Picasa 3

Picture Control Utility

Pixel Bender Toolkit

PlayReady PC Runtime x86

Power2Go

PowerDirector

PS_AIO_05_C309_Software_Min

Python 3.3.2

QuickTime

Realtek High Definition Audio Driver

Recover My Files

Recovery Manager

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Skype™ 6.2

Suite Shared Configuration CS4

TeamViewer 7

Toolbox

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

ViewNX 2

VLC media player 2.0.7

WD SmartWare

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)

Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

.

==== End Of File ===========================

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 10.0.9200.16720  BrowserJavaVersion: 10.40.2

Run by Father Lee at 22:51:55 on 2013-10-15

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.65.1033.18.1975.283 [GMT 8:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\system32\atieclxx.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe

C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe

C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe

C:\Program Files\hp\HP Software Update\hpwuschd2.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

c:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Garmin\MyGarminAgent\myGarminAgent.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Olympus\ib\olycamdetect.exe

C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe

C:\Windows\system32\taskeng.exe

C:\Users\Father Lee\AppData\Local\Google\Update\GoogleUpdate.exe

c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

C:\Program Files\Garmin\Express Tray\ExpressTray.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe

C:\Users\Father Lee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AXP3BIVE\mbam-setup-1.75.0.1300.exe

C:\Users\FATHER~1\AppData\Local\Temp\is-LBODL.tmp\mbam-setup-1.75.0.1300.tmp

C:\Users\Father Lee\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AXP3BIVE\mbam-setup-1.75.0.1300.exe

C:\Users\FATHER~1\AppData\Local\Temp\is-KSTUE.tmp\mbam-setup-1.75.0.1300.tmp

C:\Windows\system32\ctfmon.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\svchost.exe -k HPService

.

============== Pseudo HJT Report ===============

.

BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\HPNetworkCheckPlugin.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll

EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - c:\program files\internet explorer\iedvtool.dll

uRun: [msnmsgr] "c:\progra~1\wic4a1~1\messen~1\msnmsgr.exe" /background

uRun: [Olympus ib] "c:\program files\olympus\ib\olycamdetect.exe" /Startup

uRun: [Google Update] "c:\users\father lee\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [AdobeBridge] <no file>

mRun: [hpsysdrv] c:\program files\hewlett-packard\hp odometer\hpsysdrv.exe

mRun: [bATINDICATOR] c:\program files\hewlett-packard\hp mainstream keyboard\BATINDICATOR.exe

mRun: [LaunchHPOSIAPP] c:\program files\hewlett-packard\hp mainstream keyboard\LaunchApp.exe

mRun: [HP Remote Solution] c:\program files\hewlett-packard\hp remote solution\HP_Remote_Solution.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [PC-Doctor for Windows localizer] c:\program files\pc-doctor for windows\localizer.exe

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [MyGarminAgent] c:\program files\garmin\mygarminagent\MyGarminAgent.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\users\father~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Append to existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert link target to existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\NCLauncherFromIE.exe

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{4BEE6DF1-E104-4001-9058-DA09446CEFE0} : NameServer = 165.21.83.88,165.21.100.88

TCP: Interfaces\{4BEE6DF1-E104-4001-9058-DA09446CEFE0} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{4BEE6DF1-E104-4001-9058-DA09446CEFE0}\85075627961602C4F536838313 : NameServer = 165.21.83.88,165.21.100.88

TCP: Interfaces\{4BEE6DF1-E104-4001-9058-DA09446CEFE0}\85075627961602C4F536838313 : DHCPNameServer = 192.168.43.1

TCP: Interfaces\{5ABABD05-2529-407E-827E-50831E1BDF31} : DHCPNameServer = 192.168.1.254

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\30.0.1599.69\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\father lee\appdata\roaming\mozilla\firefox\profiles\yvotgu82.default\

FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

FF - component: c:\users\father lee\appdata\roaming\mozilla\firefox\profiles\yvotgu82.default\extensions\{394dcba4-1f92-4f8e-8ec9-8d2cb90cb69b}\components\ScreenshotXPCOM.dll

FF - plugin: c:\program files\adobe\acrobat 9.0\acrobat\air\nppdf32.dll

FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\father lee\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll

FF - plugin: c:\users\father lee\appdata\local\google\update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: c:\users\father lee\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\father lee\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\users\father lee\appdata\roaming\mozilla\plugins\npo1d.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - ExtSQL: 2013-09-07 09:11; firebug@software.joehewitt.com; c:\users\father lee\appdata\roaming\mozilla\firefox\profiles\yvotgu82.default\extensions\firebug@software.joehewitt.com.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-4-1 49376]

R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-4-1 177864]

R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-11-28 20624]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-8-12 770344]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-8-12 369584]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-10 176128]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-8-12 29816]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-8-12 66336]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-9-23 46808]

R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-8-22 220504]

R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\hewlett-packard\hp support framework\HPSA_Service.exe [2012-9-27 86528]

R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-11-2 2848168]

R2 WDFME;WD File Management Engine;c:\program files\western digital\wd smartware\front parlor\wdfme\WDFME.exe [2011-3-9 1060864]

R3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28.sys [2009-10-12 649216]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-7 161384]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-12-10 189440]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-23 52224]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-19 1343400]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

S4 WDDMService;WDDMService;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2011-3-9 238592]

.

=============== File Associations ===============

.

FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [userChoice]

FileExt: .js: jsfile="c:\program files\macromedia\dreamweaver mx\Dreamweaver.exe" "%1"

ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2013-10-09 14:32:02 530432 ----a-w- c:\windows\system32\comctl32.dll

2013-10-09 14:30:52 295424 ----a-w- c:\windows\system32\atmfd.dll

2013-10-09 14:30:52 10240 ----a-w- c:\windows\system32\dciman32.dll

2013-10-09 14:30:50 26112 ----a-w- c:\windows\system32\lpk.dll

2013-10-09 14:30:49 70656 ----a-w- c:\windows\system32\fontsub.dll

2013-10-09 14:30:48 34304 ----a-w- c:\windows\system32\atmlib.dll

2013-10-09 14:29:54 2348544 ----a-w- c:\windows\system32\win32k.sys

2013-10-09 14:29:42 434688 ----a-w- c:\windows\system32\scavengeui.dll

2013-10-09 14:28:26 205824 ----a-w- c:\windows\system32\WebClnt.dll

2013-10-09 14:28:23 81920 ----a-w- c:\windows\system32\davclnt.dll

2013-10-09 14:28:22 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys

2013-10-09 14:27:58 146816 ----a-w- c:\windows\system32\drivers\usbvideo.sys

2013-10-09 14:27:57 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys

2013-10-09 14:27:57 80896 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys

2013-10-09 14:26:25 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2013-09-25 16:41:40 271256 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll

2013-09-23 04:06:18 -------- d-----w- c:\programdata\Oracle

2013-09-23 04:00:19 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

.

==================== Find3M  ====================

.

2013-10-15 14:52:50 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2013-10-09 15:06:49 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-10-09 15:06:49 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-09-23 04:00:03 868264 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-09-23 04:00:03 790440 ----a-w- c:\windows\system32\deployJava1.dll

2013-09-22 23:28:06 1767936 ----a-w- c:\windows\system32\wininet.dll

2013-09-22 23:27:49 2876928 ----a-w- c:\windows\system32\jscript9.dll

2013-09-22 23:27:48 61440 ----a-w- c:\windows\system32\iesetup.dll

2013-09-22 23:27:48 109056 ----a-w- c:\windows\system32\iesysprep.dll

2013-09-21 03:30:24 2706432 ----a-w- c:\windows\system32\mshtml.tlb

2013-09-21 02:39:47 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-09-14 00:48:58 338944 ----a-w- c:\windows\system32\drivers\afd.sys

2013-09-08 02:07:12 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-09-08 02:03:58 231424 ----a-w- c:\windows\system32\mswsock.dll

2013-09-04 01:15:32 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys

2013-09-04 01:14:52 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2013-09-04 01:14:52 284672 ----a-w- c:\windows\system32\drivers\usbport.sys

2013-09-04 01:14:45 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys

2013-09-04 01:14:45 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys

2013-09-04 01:14:43 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2013-09-04 01:14:40 6016 ----a-w- c:\windows\system32\drivers\usbd.sys

2013-08-30 07:48:13 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-08-30 07:48:12 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-08-30 07:48:12 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2013-08-30 07:48:12 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-08-30 07:48:11 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-08-30 07:47:40 41664 ----a-w- c:\windows\avastSS.scr

2013-08-29 01:51:45 3969472 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-08-29 01:51:45 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-08-29 01:50:30 1289096 ----a-w- c:\windows\system32\ntdll.dll

2013-08-29 01:50:16 619520 ----a-w- c:\windows\system32\tdh.dll

2013-08-29 01:48:17 640512 ----a-w- c:\windows\system32\advapi32.dll

2013-08-05 01:56:47 133056 ----a-w- c:\windows\system32\drivers\ataport.sys

2013-08-02 01:50:36 169984 ----a-w- c:\windows\system32\winsrv.dll

2013-08-02 01:49:19 293376 ----a-w- c:\windows\system32\KernelBase.dll

2013-08-02 00:52:57 271360 ----a-w- c:\windows\system32\conhost.exe

2013-08-02 00:43:05 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-08-02 00:43:05 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-08-02 00:43:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-08-02 00:43:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-08-01 11:03:36 729024 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-07-25 08:57:27 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL

2013-07-20 10:33:12 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-07-19 01:41:01 2048 ----a-w- c:\windows\system32\tzres.dll

.

============= FINISH: 22:53:57.40 ===============

 

 

[Maniac]

Hello vlvlvl and ! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Cold you please give me more details about this detection?

[AdvancedSetup]

Are you still with us?

[vlvlvl]

yup! pls give me awhile to collect the details.

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!