Infected with SVCHost.exe Trojan

[GrundelSlayer]

Running a Toshiba Sattelitte that is a couple of months old. First problem I've had. Any help is greatly appreciated!

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Greg at 15:22:45 on 2012-01-12

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3687.1978 [GMT -5:00]

.

AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe

C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\Explorer.EXE

C:\windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe

C:\windows\System32\rundll32.exe

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

-netsvcs

C:\windows\system32\conhost.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\windows\system32\DllHost.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\windows\system32\taskmgr.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\system32\taskeng.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://start.toshiba.com/?cid=C001B2Y

uDefault_Page_URL = hxxp://start.toshiba.com/?cid=C001B2Y

uInternet Settings,ProxyOverride = <local>;*.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Constant Guard Protection Suite (COM): {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun: [<NO NAME>]

mRun: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\Users\Greg\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Users\Greg\AppData\Local\Temp\RunDll32.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VPNGUI~1.LNK - C:\windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{2B97669A-8AC0-4641-9655-A15CEDE640C6} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{2B97669A-8AC0-4641-9655-A15CEDE640C6}\36271636B686F62313 : DhcpNameServer = 68.87.73.246 68.87.71.230 192.168.1.1

TCP: Interfaces\{2B97669A-8AC0-4641-9655-A15CEDE640C6}\47865626F63737 : DhcpNameServer = 192.168.1.1

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - C:\Program Files (x86)\SFT\GuardedID\gidi.exe /v

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

BHO-X64: Symantec NCO BHO - No File

BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL

BHO-X64: Symantec Intrusion Prevention - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Constant Guard Protection Suite (COM): {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll

BHO-X64: Constant Guard Protection Suite (COM) - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun-x64: [(Default)]

mRun-x64: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\eogm1csf.default\

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\windows\system32\DRIVERS\amd_sata.sys --> C:\windows\system32\DRIVERS\amd_sata.sys [?]

R0 amd_xata;amd_xata;C:\windows\system32\DRIVERS\amd_xata.sys --> C:\windows\system32\DRIVERS\amd_xata.sys [?]

R0 SymDS;Symantec Data Store;C:\windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS --> C:\windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS --> C:\windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [?]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111223.001\BHDrvx64.sys [2011-11-30 1157240]

R1 GIDv2;GIDv2;C:\windows\system32\drivers\GIDv2.sys --> C:\windows\system32\drivers\GIDv2.sys [?]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120111.003\IDSviA64.sys [2012-1-12 488568]

R1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS --> C:\windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [?]

R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\system32\Drivers\N360x64\0501000.01D\SYMNETS.SYS --> C:\windows\system32\Drivers\N360x64\0501000.01D\SYMNETS.SYS [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-9-5 64952]

R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]

R2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2011-12-17 63048]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-12 652872]

R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe [2011-12-9 130008]

R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [2011-8-22 123320]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2011-8-22 126392]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]

R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atikmdag.sys --> C:\windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys --> C:\windows\system32\DRIVERS\atikmpag.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-12-8 138360]

R3 ETD;ELAN PS/2 Port Input Device;C:\windows\system32\DRIVERS\ETD.sys --> C:\windows\system32\DRIVERS\ETD.sys [?]

R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]

R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\system32\DRIVERS\rtl8192Ce.sys --> C:\windows\system32\DRIVERS\rtl8192Ce.sys [?]

R3 Sftfs;Sftfs;C:\windows\system32\DRIVERS\Sftfslh.sys --> C:\windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\windows\system32\DRIVERS\Sftplaylh.sys --> C:\windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\windows\system32\DRIVERS\Sftredirlh.sys --> C:\windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\windows\system32\DRIVERS\Sftvollh.sys --> C:\windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-9 138152]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]

S3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2011-8-22 57216]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-01-12 10:39:54 -------- d-----w- C:\Users\Greg\AppData\Roaming\Malwarebytes

2012-01-12 10:39:32 -------- d-----w- C:\ProgramData\Malwarebytes

2012-01-12 10:39:30 23152 ----a-w- C:\windows\System32\drivers\mbam.sys

2012-01-12 10:39:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-01-11 22:11:29 -------- d-sh--w- C:\windows\SysWow64\%APPDATA%

2012-01-10 23:17:45 1572864 ----a-w- C:\windows\System32\quartz.dll

2012-01-10 23:17:44 514560 ----a-w- C:\windows\SysWow64\qdvd.dll

2012-01-10 23:17:44 366592 ----a-w- C:\windows\System32\qdvd.dll

2012-01-10 23:17:44 1328128 ----a-w- C:\windows\SysWow64\quartz.dll

2012-01-10 23:17:42 1731920 ----a-w- C:\windows\System32\ntdll.dll

2012-01-10 23:17:42 1292080 ----a-w- C:\windows\SysWow64\ntdll.dll

2012-01-10 23:17:40 77312 ----a-w- C:\windows\System32\packager.dll

2012-01-10 23:17:40 67072 ----a-w- C:\windows\SysWow64\packager.dll

2012-01-10 23:10:58 20480 ------w- C:\windows\svchost.exe

2012-01-10 17:15:04 -------- d-----w- C:\Users\Greg\AppData\Local\CrashDumps

2012-01-09 23:03:44 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll

2012-01-09 23:03:44 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll

2012-01-09 23:03:44 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll

2012-01-09 23:03:43 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll

2011-12-25 01:12:31 -------- d-----w- C:\Users\Greg\AppData\Local\Windows Live

2011-12-25 01:12:31 -------- d-----w- C:\Users\Greg\AppData\Local\{973C3592-CC63-40A3-91BF-D5EBEA84F7D0}

2011-12-25 01:12:24 -------- d-----w- C:\Users\Greg\AppData\Local\{EA1E20E7-008E-41E6-B413-9ADE3DA6CE40}

2011-12-23 08:05:59 24920 ----a-w- C:\windows\System32\X3DAudio1_7.dll

2011-12-23 08:05:59 22360 ----a-w- C:\windows\SysWow64\X3DAudio1_7.dll

2011-12-23 07:55:48 -------- d-----w- C:\Users\Greg\AppData\Local\SCE

2011-12-23 07:55:20 -------- d-----w- C:\windows\SysWow64\directx

2011-12-22 22:21:06 -------- d-----w- C:\Users\Greg\AppData\Local\SanctionedMedia

2011-12-15 17:34:48 -------- d-----w- C:\Program Files\CCleaner

2011-12-14 01:04:36 43520 ----a-w- C:\windows\System32\csrsrv.dll

2011-12-14 01:04:34 3145216 ----a-w- C:\windows\System32\win32k.sys

2011-12-14 01:04:31 723456 ----a-w- C:\windows\System32\EncDec.dll

2011-12-14 01:04:31 534528 ----a-w- C:\windows\SysWow64\EncDec.dll

2011-12-14 01:04:20 2048 ----a-w- C:\windows\SysWow64\tzres.dll

2011-12-14 01:04:20 2048 ----a-w- C:\windows\System32\tzres.dll

.

==================== Find3M ====================

.

2011-12-23 07:55:56 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-12-09 14:50:06 174200 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS

2011-11-15 18:31:29 266240 ------w- C:\windows\Setup1.exe

2011-11-15 18:31:25 73216 ----a-w- C:\windows\ST6UNST.EXE

2011-11-04 01:53:39 2309120 ----a-w- C:\windows\System32\jscript9.dll

2011-11-04 01:44:47 1390080 ----a-w- C:\windows\System32\wininet.dll

2011-11-04 01:44:21 1493504 ----a-w- C:\windows\System32\inetcpl.cpl

2011-11-04 01:34:43 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2011-11-03 22:47:42 1798144 ----a-w- C:\windows\SysWow64\jscript9.dll

2011-11-03 22:40:21 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2011-11-03 22:39:47 1127424 ----a-w- C:\windows\SysWow64\wininet.dll

2011-11-03 22:31:57 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

.

============= FINISH: 15:25:17.58 ===============

---------------------------------------------------------------------------------------------------------------------------------------------------------------

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 11/12/2011 4:46:20 PM

System Uptime: 1/12/2012 3:02:06 PM (0 hours ago)

.

Motherboard: TOSHIBA | | Portable PC

Processor: AMD E-300 APU with Radeon HD Graphics | Socket FT1 | 1300/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 284 GiB total, 61.544 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Cisco Systems VPN Adapter for 64-bit Windows

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco Systems VPN Adapter for 64-bit Windows

PNP Device ID: ROOT\NET\0000

Service: CVirtA

.

==== System Restore Points ===================

.

RP23: 1/4/2012 11:53:21 PM - Scheduled Checkpoint

RP24: 1/11/2012 5:10:19 PM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.1) MUI

AMD VISION Engine Control Center

Apple Application Support

Apple Software Update

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

Bejeweled 3

BitTorrent

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CDisplay 1.8

Chuzzle Deluxe

Constant Guard Protection Suite

Coupon Printer for Windows

D3DX10

DC Universe Online Live

DVD Flick 1.3.0.7

FATE - The Traitor Soul

Fishdom 2

Grapevine 3.0

GuardedID

HP Photo Creations

HP Photosmart 5510 series Help

HP Update

Java Auto Updater

Java 6 Update 25

Junk Mail filter update

Label@Once 1.0

Malwarebytes Anti-Malware version 1.60.0.1800

Mesh Runtime

Microsoft .NET Framework 1.1

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Mozilla Firefox 9.0.1 (x86 en-US)

MSVCRT

MSVCRT_amd64

Norton Security Suite

Pando Media Booster

Penguins!

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime x86

Polar Bowler

Realtek USB 2.0 Card Reader

Realtek WLAN Driver

SanctionedMedia

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Skype Launcher

Skype™ 5.5

System Requirements Lab CYRI

The Lord of the Rings Online™ v03.04.04.8012

Tom Clancy's Splinter Cell

Toshiba App Place

TOSHIBA Application Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA Face Recognition

TOSHIBA Hardware Setup

Toshiba Laptop Checkup

TOSHIBA Media Controller

Toshiba Online Backup

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA ReelTime

TOSHIBA Service Station

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

TOSHIBARegistration

Update for 2007 Microsoft Office System (KB2284654)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update Installer for WildTangent Games App

Virtual Villagers 5 - New Believers

WildTangent Games

WildTangent Games App (Toshiba Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

World of Warcraft

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

1/12/2012 5:33:08 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000116 (0xfffffa8007aff010, 0xfffff88004242a1c, 0x0000000000000000, 0x0000000000000002). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011212-43836-01.

1/12/2012 2:28:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.

.

==== End Of File ===========================

[GrundelSlayer]

bump

[LDTate]

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!