ididitforthemusic

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 22/10/2013 10:45:54 System Uptime: 03/12/2013 12:31:39 (2 hours ago) . Motherboard: TOSHIBA | | PWWAA Processor: Intel® Core i3 CPU M 370 @ 2.40GHz | CPU | 2399/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 298 GiB total, 119.992 GiB free. D: is FIXED (NTFS) - 298 GiB total, 273.255 GiB free. E: is CDROM () F: is CDROM () G: is FIXED (FAT32) - 931 GiB total, 105.385 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP93: 01/12/2013 02:31:22 - Installed Superior Drummer Installer. RP94: 01/12/2013 20:17:28 - Installed EZXMetalMachine. RP95: 02/12/2013 03:42:08 - Installed Superior Drummer 64-bit. RP96: 03/12/2013 12:28:35 - Restore Operation RP97: 03/12/2013 12:49:48 - Windows Update . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop CS6 Adobe Photoshop Lightroom 5.2 64-bit Adobe Reader 9.5.5 Advanced SystemCare 7 Alien Skin Blow Up 3 Antares Avox 1.06 Antares Microphone Modeler DX v1.32 BBC iPlayer Desktop BBC iPlayer Downloads CANON iMAGE GATEWAY MyCamera Download Plugin CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon MOV Decoder Canon MOV Encoder Canon MovieEdit Task for ZoomBrowser EX Canon Utilities Digital Photo Professional 3.10 Canon Utilities EOS Utility Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX Canon Utilities Movie Uploader for YouTube Canon Utilities PhotoStitch Canon Utilities Picture Style Editor Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CCleaner Cinesamples Drums of War 2 Clavia USB Driver v3.00 Color Efex Pro 4 COMODO Firewall D3DX10 Dfine 2.0 Driver Booster Dropbox EZXMetalMachine Google Chrome Google Toolbar for Internet Explorer Google Update Helper HDR Efex Pro 2 High-Definition Video Playback HiJackThis Intel® C++ Redistributables for Windows* on Intel® 64 Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Intel® Rapid Storage Technology IObit Uninstaller iZotope Nectar 2 Production Suite iZotope Trash 2 Java 7 Update 45 Java Auto Updater Java 6 Update 20 Junk Mail filter update K-Lite Codec Pack 10.0.0 Full M-Audio FastTrackPro Driver 6.0.7 (x64) Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Camera Codec Pack Microsoft Office 2010 Microsoft Primary Interoperability Assemblies 2005 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Mozilla Firefox 25.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Native Instruments Abbey Road 50s Drummer Native Instruments Abbey Road Modern Drums Native Instruments Abbey Road Vintage Drummer Native Instruments Controller Editor Native Instruments Guitar Rig 5 Native Instruments Guitar Rig Mobile IO Driver Native Instruments Guitar Rig Session IO Driver Native Instruments Kontakt 5 Native Instruments Rig Kontrol 3 Driver Native Instruments Service Center Neat Image v7.0 Pro plug-in for Photoshop (64-bit) Nero 10 Movie ThemePack Basic Nero BackItUp 10 Nero BackItUp 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero Kwik Media Nero Multimedia Suite 10 Essentials Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update NeroKwikMedia Help (CHM) NextUp-Acapela Rosie22 UK English Voice Nord Sample Editor v2.10 Nord Sound Manager v5.58 PDF Settings CS6 Photomatix Pro version 4.2.5 PlayReady PC Runtime amd64 Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Realtek WLAN Driver Recuva Sharpener Pro 3.0 Skype™ 5.10 Smart Defrag 2 Steinberg Cubase 5 Steinberg Drum Loop Expansion 01 Steinberg Groove Agent ONE Content Steinberg HALionOne Steinberg HALionOne Additional Content Set 01 Steinberg HALionOne Expression Set Steinberg HALionOne GM Drum Set Steinberg HALionOne GM Set Steinberg HALionOne Pro Set Steinberg HALionOne Studio Drum Set Steinberg HALionOne Studio Set Steinberg LoopMash Content Steinberg REVerence Content 01 SUPERAntiSpyware Superior Drummer Installer Surfing Protection Synaptics Pointing Device Driver System Requirements Lab for Intel TextAloud 3.0 Topaz Adjust 5 Topaz B&W Effects Topaz Clarity Topaz Clean 3 Topaz DeJpeg 4 Topaz DeNoise 5 Topaz Detail 3 Topaz Fusion Express 2 Topaz InFocus Topaz Lens Effects Topaz ReMask 3 Topaz ReStyle Topaz Simplify 4 Topaz Star Effects TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA Disc Creator TOSHIBA Flash Cards Support Utility TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Manuals TOSHIBA Media Controller TOSHIBA Media Controller Plug-in TOSHIBA Online Product Information TOSHIBA Places Icon Utility TOSHIBA Recovery Media Creator TOSHIBA Recovery Media Creator Reminder TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA TEMPRO TOSHIBA Value Added Package TOSHIBA Web Camera Application TOSHIBA Wireless LAN Indicator TRORMCLauncher Utility Common Driver Vir2 Instruments Elite Orchestral Percussion VirtualCloneDrive Virus TI Software Suite 64-bit VLC media player 2.1.0 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 5.00 (64-bit) . ==== Event Viewer Messages From Past Week ======== . 30/11/2013 16:19:18, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 27/11/2013 02:34:22, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 03/12/2013 13:58:14, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file. 03/12/2013 12:54:30, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 03/12/2013 12:54:30, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 03/12/2013 12:54:30, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 03/12/2013 12:53:50, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 03/12/2013 12:53:50, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 03/12/2013 12:53:50, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 03/12/2013 12:51:09, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally 03/12/2013 12:51:09, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=0.0.0.0&sig=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: Network Inspection System Update Type: Full User: User-TOSH\User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 03/12/2013 12:51:09, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: User-TOSH\User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 03/12/2013 12:51:09, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: User-TOSH\User Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved 03/12/2013 12:51:09, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126 03/12/2013 12:46:53, Error: Service Control Manager [7031] - The Block Level Backup Engine Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 03/12/2013 12:42:20, Error: Service Control Manager [7022] - The Windows Defender service hung on starting. 03/12/2013 12:38:40, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ConfigFree WiMAX Service service to connect. 03/12/2013 12:35:36, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Notebook Performance Tuning Service (TEMPRO) service to connect. 03/12/2013 12:34:59, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIHardwareService service. 03/12/2013 12:34:59, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Nalpeiron Licensing Service service to connect. 03/12/2013 12:34:59, Error: Service Control Manager [7000] - The Nalpeiron Licensing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 03/12/2013 12:34:21, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IconMan_R service to connect. 03/12/2013 12:34:21, Error: Service Control Manager [7000] - The IconMan_R service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 03/12/2013 12:33:41, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Advanced SystemCare Service 7 service to connect. 03/12/2013 12:33:41, Error: Service Control Manager [7000] - The Advanced SystemCare Service 7 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 03/12/2013 12:27:17, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004 03/12/2013 12:17:40, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period. 03/12/2013 05:12:33, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. 03/12/2013 05:09:32, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect. 03/12/2013 05:09:32, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 03/12/2013 05:07:52, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Nero Update service to connect. 03/12/2013 05:05:48, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 03/12/2013 05:05:32, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. 03/12/2013 05:03:44, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect. 03/12/2013 05:03:03, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect. 03/12/2013 05:02:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TOSHIBA HDD SSD Alert Service with arguments "" in order to run the server: {A1CC28EB-258A-4B67-BBC2-4DD5D8AF4C8F} 03/12/2013 05:02:21, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the TOSHIBA HDD SSD Alert Service service to connect. 03/12/2013 05:02:21, Error: Service Control Manager [7000] - The TOSHIBA HDD SSD Alert Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 03/12/2013 04:49:44, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Management & Security Application User Notification Service service to connect. 03/12/2013 04:49:44, Error: Service Control Manager [7000] - The Intel® Management & Security Application User Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 03/12/2013 04:46:51, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ConfigFree Service service to connect. 03/12/2013 04:46:51, Error: Service Control Manager [7000] - The ConfigFree Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 03/12/2013 04:43:26, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 03/12/2013 04:42:35, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 03/12/2013 04:42:35, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 03/12/2013 04:42:29, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect. 03/12/2013 04:38:48, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IMF Service service to connect. 03/12/2013 04:38:48, Error: Service Control Manager [7000] - The IMF Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 03/12/2013 04:35:15, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 03/12/2013 03:57:52, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2 Run by User at 13:59:28 on 2013-12-03 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3891.2505 [GMT 0:00] . AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275} FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\COMODO\COMODO Internet Security\cistray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe C:\Program Files\COMODO\COMODO Internet Security\cis.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe c:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [AdobeBridge] <no file> mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TRDCRE~1.LNK - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TOSHIB~1.LNK - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{F0F6FC32-573E-400A-8BB6-B716C7B423CC} : DHCPNameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{F0F6FC32-573E-400A-8BB6-B716C7B423CC}\F54586560234C6F65746 : DHCPNameServer = 10.1.5.153 10.1.5.154 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kj4epxol.default\ FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll FF - ExtSQL: 2013-10-24 18:59; artur.dubovoy@gmail.com; C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kj4epxol.default\extensions\artur.dubovoy@gmail.com.xpi FF - ExtSQL: 2013-10-25 21:26; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kj4epxol.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-11-18 23:37; ascsurfingprotection@iobit.com; C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kj4epxol.default\extensions\ascsurfingprotection@iobit.com . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240] R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-10-25 17720] R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-9-24 23168] R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-9-24 709144] R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-9-24 48872] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448] R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-18 2151200] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-3-29 598312] R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-9-5 6364024] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-10-21 2320920] R3 CeKbFilter;CeKbFilter;C:\Windows\System32\drivers\CeKbFilter.sys [2013-10-21 20592] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2013-10-21 56344] R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-27 158976] R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2013-10-21 38096] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-10-25 872152] R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\Windows\System32\drivers\rtwlane.sys [2013-5-2 1514568] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2013-10-21 57216] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-11-18 878368] S2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200] S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-10-21 1811456] S2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2012-9-5 66560] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080] S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-9-24 164056] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-24 111616] S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;C:\Windows\System32\drivers\MAudioFastTrackPro.sys [2010-12-7 187912] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 134944] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-9 19456] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-10-21 232992] S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2013-10-21 1103464] S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-9 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-9 30208] S3 VIRUSUSB;USB driver for Virus TI;C:\Windows\System32\drivers\VirusUSB.sys [2012-7-30 438656] S3 VTIAUDIO;Virus TI Audio;C:\Windows\System32\drivers\vtiaudio.sys [2012-12-6 51592] S3 VTIMIDEV01;Virus TI MIDI Driver;C:\Windows\System32\drivers\vtimidi.sys [2012-7-30 40328] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-10-27 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-12-03 13:53:02 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7E9146F8-8DA0-4EA8-B6F6-8F19DF81BA10}\mpengine.dll 2013-12-03 12:57:10 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-12-03 12:57:10 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{15D5BC48-C4E7-4E19-BA4F-4DF426F466D9}\gapaengine.dll 2013-12-03 12:57:03 965000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A40D22E-B033-40EC-B8C3-C3B9D50D591A}\gapaengine.dll 2013-12-03 12:52:23 -------- d-----w- C:\Windows\Migration 2013-12-03 12:50:41 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2013-12-03 12:50:38 -------- d-----w- C:\Program Files\Microsoft Security Client 2013-12-03 12:47:59 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{98B5A775-A490-4624-96BE-65A78EA7F336}\mpengine.dll 2013-12-03 11:19:15 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-12-03 11:19:15 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2013-12-03 03:42:21 -------- d-----w- C:\ComboFix 2013-12-01 20:10:18 -------- d-----w- C:\Users\User\AppData\Roaming\Toontrack 2013-12-01 19:47:53 -------- d-----w- C:\ProgramData\Toontrack 2013-11-30 05:32:57 -------- d-----w- C:\Users\User\AppData\Roaming\iZotope 2013-11-30 05:18:57 -------- d-----w- C:\ProgramData\iZotope 2013-11-30 05:07:18 -------- d-----w- C:\Program Files (x86)\iZotope 2013-11-30 04:53:41 -------- dc-h--w- C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418} 2013-11-30 04:51:45 -------- dc-h--w- C:\ProgramData\{30FA7941-4170-4C83-A9A8-FDF01C431704} 2013-11-30 04:37:30 -------- d-----w- C:\Program Files (x86)\Toontrack 2013-11-30 02:40:56 -------- d-----w- C:\Users\User\AppData\Roaming\Acapela Group 2013-11-30 02:40:54 -------- d-----w- C:\Program Files (x86)\NextUp-Acapela Multimedia 2013-11-30 02:30:37 -------- d-----w- C:\Users\User\AppData\Local\NextUp 2013-11-30 02:30:37 -------- d-----w- C:\ProgramData\NextUp 2013-11-30 02:28:40 -------- d-----w- C:\Program Files (x86)\TextAloud 2013-11-28 08:20:30 -------- dc-h--w- C:\ProgramData\{7FD62475-12D0-49A3-A109-99795ED41F41} 2013-11-26 18:22:06 -------- dc-h--w- C:\ProgramData\{4FF14FF4-C333-4311-BC51-88781D14A5AF} 2013-11-25 22:10:45 -------- dc-h--w- C:\ProgramData\{B34D2DCD-242C-493A-BD56-5A899A2FCBC8} 2013-11-22 18:45:42 -------- d-----r- C:\Users\User\Dropbox 2013-11-22 18:42:04 -------- d-----w- C:\Users\User\AppData\Roaming\Dropbox 2013-11-22 18:15:43 -------- d-----w- C:\Users\User\AppData\Local\{5C12AA20-DECB-4317-9E76-1B90B288C32F} 2013-11-22 18:15:42 -------- d-----w- C:\Users\User\AppData\Local\{54B1B6F2-9E96-4102-8C1C-F04B8E04427B} 2013-11-22 12:28:25 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-11-22 12:28:25 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-11-22 12:28:25 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-11-22 12:28:25 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-11-22 12:28:25 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-11-22 12:28:25 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-11-22 12:28:25 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-11-19 23:22:55 -------- d-----w- C:\Users\User\AppData\Roaming\VST3 Presets 2013-11-18 23:37:46 -------- d-----w- C:\ProgramData\ProductData 2013-11-18 23:37:43 -------- d-----w- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} 2013-11-13 04:55:14 1474048 ----a-w- C:\Windows\System32\crypt32.dll 2013-11-13 04:55:13 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-11-13 03:34:23 61440 ----a-w- C:\Windows\SysWow64\NI_DFD_1_5.dll 2013-11-13 03:34:23 393216 ----a-w- C:\Windows\SysWow64\NI_IRC_1_2.dll 2013-11-12 01:52:15 -------- d-----w- C:\Program Files\VSTPlugins 2013-11-11 23:37:00 -------- d-----w- C:\Program Files\M-Audio 2013-11-10 15:05:34 -------- dc-h--w- C:\ProgramData\{A6377726-7317-464A-87EB-693294E9F383} 2013-11-10 08:10:54 -------- dc-h--w- C:\ProgramData\{E8674DB2-4487-4238-A191-4DD8B190B0BC} 2013-11-10 08:09:14 -------- d-----w- C:\ProgramData\Native Instruments 2013-11-10 07:46:16 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes 2013-11-10 05:18:21 722718 ----a-w- C:\Windows\unins000.exe 2013-11-09 23:03:06 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2013-11-09 23:03:06 366592 ----a-w- C:\Windows\System32\qdvd.dll 2013-11-07 02:05:25 -------- d-----w- C:\Users\User\AppData\Roaming\FabFilter 2013-11-07 01:52:30 -------- d-----w- C:\Users\User\AppData\Local\Native Instruments 2013-11-06 23:10:24 -------- d-----w- C:\ProgramData\Syncrosoft 2013-11-06 23:09:51 -------- d-----w- C:\Program Files (x86)\Common Files\Intel 2013-11-06 22:58:19 -------- d-----w- C:\Program Files (x86)\Antares 2013-11-06 22:56:31 -------- d-----w- C:\Program Files (x86)\Antares Audio Technologies 2013-11-06 22:31:30 -------- dc-h--w- C:\ProgramData\{E2CB91C4-F65B-43A3-AF20-333B2663A78A} 2013-11-06 22:30:44 -------- dc-h--w- C:\ProgramData\{84BD2490-E07B-459A-85CD-649AABFCE52D} 2013-11-06 22:29:32 -------- dc-h--w- C:\ProgramData\{A088C926-8EF0-4CFF-A473-EB879919E63A} 2013-11-06 22:29:30 -------- d-----w- C:\Program Files\Native Instruments 2013-11-06 22:29:20 -------- dc----w- C:\ProgramData\{FB9DCDD5-FDBE-4EED-A03A-BA8F086DC950} 2013-11-06 22:24:48 -------- d-----w- C:\Program Files\Common Files\Native Instruments 2013-11-06 22:24:21 -------- d-----w- C:\Program Files (x86)\Common Files\Native Instruments 2013-11-06 22:24:00 -------- d-----w- C:\Program Files (x86)\Common Files\Digidesign 2013-11-06 22:18:10 -------- d-----w- C:\Program Files (x86)\Native Instruments 2013-11-06 22:16:52 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll 2013-11-06 22:00:49 -------- d-----w- C:\ProgramData\Waves Audio 2013-11-06 21:39:00 -------- d-----w- C:\Users\User\AppData\Roaming\Waves Audio 2013-11-06 21:32:54 1431552 ----a-w- C:\Windows\SysWow64\ReWire.dll 2013-11-06 21:32:54 1060864 ----a-w- C:\Windows\SysWow64\MFC71.dll 2013-11-06 21:30:36 -------- d-----w- C:\Program Files (x86)\Waves 2013-11-06 02:50:47 -------- d-----w- C:\ProgramData\VST3 Presets 2013-11-06 02:41:46 -------- d-----w- C:\Program Files (x86)\Common Files\Steinberg 2013-11-06 02:12:34 1177600 ----a-w- C:\Windows\SysWow64\SYNSOEMU.DLL 2013-11-06 02:12:28 -------- d-----w- C:\Program Files (x86)\Common Files\VST3 2013-11-06 01:56:37 -------- d-----w- C:\ProgramData\Steinberg 2013-11-06 01:53:01 -------- d-----w- C:\Program Files (x86)\Steinberg 2013-11-05 12:18:47 -------- d-----w- C:\ProgramData\TOSHIBA Tempro 2013-11-05 12:18:47 -------- d-----w- C:\ProgramData\IsolatedStorage 2013-11-05 11:28:04 -------- d-----w- C:\Users\User\AppData\Roaming\WinBatch 2013-11-05 10:45:25 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab 2013-11-05 10:44:18 -------- d-----w- C:\ProgramData\Oracle 2013-11-05 10:43:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll . ==================== Find3M ==================== . 2013-11-16 01:13:37 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-11-16 01:13:37 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-11-14 11:38:18 709144 ----a-w- C:\Windows\System32\drivers\cmdguard.sys 2013-11-14 11:38:02 43216 ----a-w- C:\Windows\System32\cmdcsr.dll 2013-11-11 05:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe 2013-11-02 06:29:33 4608 ----a-r- C:\Windows\System32\SilverEfexPro2FC64.dll 2013-11-02 06:29:33 3584 ----a-r- C:\Windows\SysWow64\SilverEfexPro2FC32.dll 2013-11-02 06:25:13 4608 ----a-r- C:\Windows\System32\ColorEfexPro4FC64.dll 2013-11-02 06:25:13 3584 ----a-r- C:\Windows\SysWow64\ColorEfexPro4FC32.dll 2013-10-25 22:28:40 872152 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys 2013-10-25 22:28:40 74456 ----a-w- C:\Windows\System32\RtNicProp64.dll 2013-10-25 22:28:40 108760 ----a-w- C:\Windows\System32\RTNUninst64.dll 2013-10-21 12:29:42 20592 ----a-w- C:\Windows\System32\drivers\CeKbFilter.sys 2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll 2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL 2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll 2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL 2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll 2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll 2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll 2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll 2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll 2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll 2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll 2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-09-27 09:53:06 248240 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2013-09-27 09:53:06 134944 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll 2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll 2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll 2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll 2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll 2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe 2013-09-24 11:54:12 48872 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys 2013-09-24 11:54:12 23168 ----a-w- C:\Windows\System32\drivers\cmderd.sys 2013-09-24 11:53:52 444392 ----a-w- C:\Windows\System32\guard64.dll 2013-09-24 11:53:52 354240 ----a-w- C:\Windows\SysWow64\guard32.dll 2013-09-24 11:53:42 347864 ----a-w- C:\Windows\System32\cmdvrt64.dll 2013-09-24 11:53:40 45784 ----a-w- C:\Windows\System32\cmdkbd64.dll 2013-09-24 11:53:36 40664 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll 2013-09-24 11:53:36 280792 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll 2013-09-11 21:21:54 863344 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll 2013-09-11 21:21:54 501872 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll 2013-09-11 21:21:54 28776 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll 2013-09-11 21:21:54 18000 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll 2013-09-11 19:39:06 855664 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll 2013-09-11 19:39:06 614000 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll 2013-09-11 19:39:06 30312 ----a-w- C:\Windows\System32\aspnet_counters.dll 2013-09-11 19:39:06 18000 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll 2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll 2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll . ============= FINISH: 14:00:03.42 ===============

I should add that scans with both ADWCleaner and TDSSKiller came back blank.

Hi there all, I'm finally at my wit's end with this: A guy on my course gave me his laptop to have a look at as apparently it went from "fine" to the unusable condition it's in now literally overnight (I'm no expert but I've helped fix a few friends/relatives computers in the past with the help of sites like this) - firstly, there WAS an instance of uTorrent on there when I recieved it, which I have deleted as recommended (and I also assume is the cause of the problem in the first place - although I'm unable to find any keygens or other obvious "warez" by searching on the drive, so aside from individually going through his private files I'll assume it's piracy-free...or was at least "cleaned up" before he gave it to me). Right, basically the boot time now takes anything up to ten minutes and windows has hung and failed to boot on a few occasions, seemingly at random. RAM use is seemingly normal, but the CPU spikes at roughly 50% in intermittent but regular patterns (to clarify, the timing of when this happens is intermittent, but the pattern of the CPU spikes is regular and looks like a "sawtooth" wave) and the computer becomes essentially locked-up while this happens for up to ten minutes at a time. Firefox hangs and then asks to be restarted almost every time you click it - also, this morning on booting it said that the windows copy wasn't legit, but after running a system restore that issue at least has been resolved (he hasn't backed anything up, there seemed to be 3 restore points I could choose and I picked the most recent - they were all from about 3 days ago within 12 hours of each other - not sure if there were automatically generated as he didn't know what I meant when I asked if he'd already tried a system restore - when I get this working again I'll image his drive for him so either myself or someone else doesn't have to fix it for him again!). I've seperately scanned with Malware Bytes, SuperAntiSpyware, IOBit Advanced System Care just to make sure, all of which came back as clean. Hijackthis wouldn't create a log file yesterday, but for reasons unknown, now will (maybe something to do with the system restore I did earlier today) - it still says that it can't access the HOST file though - there was an alarming amount of red-flagged entries when I passed the HJT log through an automated scanner, but I didn't wish to make any changes without first checking with folks more knowledgable than myself! (also, after reading a few posts on here, it seems HJT isn't as relavent nowadays anyway) The requested "attach.txt" and "dds.txt" should be attached. Apologies for the long rant, I incorrectly assumed this would be a quick and easy fix and I'm just frustrated at my own lack of know-how. P.S. - if there is anything on the logs that shouldn't be there that I've missed (piracy or otherwise) please just tell me and I'll delete it immediately - I've no interest in helping someone break the law. Thanks in advance X attach.txt dds.txt