Jump to content

search.certified-toolbar.com


Recommended Posts

I have an issue with this Web Search. This search attacks my IE9 and my Outlook 2007. I can change my security setting in IE9 to try and block the program. My Google Chrome is fine but not my IE9. Below I will attach all needed files to help with this process. Sorry I was not able to attach the files so instead I copied and paste the contents.

Sorry its a crap load of information

Thanks in advance

I have updated MBAM and ran a quick scan here are the results.

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.23.09

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

MScheepens :: IGYURU-MALKA [administrator]

Protection: Enabled

1/23/2013 6:47:48 PM

mbam-log-2013-01-23 (18-47-48).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 277426

Time elapsed: 3 minute(s), 44 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Earlier MBAM Report before the cleaning

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.16.07

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)

Internet Explorer 9.0.8112.16421

MScheepens :: IGYURU-MALKA [administrator]

1/16/2013 1:09:47 PM

mbam-log-2013-01-16 (13-09-47).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 446844

Time elapsed: 47 minute(s), 28 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 9

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Bad: (http://search.certif...3206&bs=true&q=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Bad: (http://search.certif...3206&bs=true&q=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Bad: (http://search.certif...3206&bs=true&q=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Bad: (http://search.certif...3206&bs=true&q=) Good: (http://www.google.com/) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Bad: (http://search.certif...3206&bs=true&q=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://search.certif...e=true&tid=3206) Good: (http://www.google.com) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Bad: (http://search.certif...3206&bs=true&q=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Bad: (http://search.certif...3206&bs=true&q=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Bad: (http://search.certif...3206&bs=true&q=) Good: (http://www.google.com/) -> Quarantined and repaired successfully.

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK

Internet Explorer: 9.0.8112.16457

Run by MScheepens at 14:08:07 on 2013-01-23

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6051.5037 [GMT -2:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\Explorer.EXE

C:\windows\system32\ctfmon.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\mscheepens\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp\lmi_rescue.exe

C:\Users\mscheepens\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe

C:\Users\mscheepens\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uSearch Bar = hxxp://www.bing.com/

uSearch Page = hxxp://www.bing.com/

uDefault_Page_URL = hxxp://start.toshiba.com

uDefault_Search_URL = hxxp://www.bing.com/

mStart Page = hxxp://start.toshiba.com

mWinlogon: Userinit = userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP

mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: HideSCAHealth = dword:1

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://nfp.webex.com/client/WBXclient-T27L10NSP32EP1-13926/webex/ieatgpc1.cab

DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=972

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{E582EB15-31EB-45DE-8EBF-4D909A31CA92} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{E582EB15-31EB-45DE-8EBF-4D909A31CA92}\341627962675F627B6D29445 : DHCPNameServer = 200.7.32.250 172.16.10.21

TCP: Interfaces\{E582EB15-31EB-45DE-8EBF-4D909A31CA92}\74C6F62616C67457563747 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{E582EB15-31EB-45DE-8EBF-4D909A31CA92}\86F6D656E235348454E4B454C4E2C6F63616C6 : DHCPNameServer = 192.168.15.1 192.168.123.254

TCP: Interfaces\{E582EB15-31EB-45DE-8EBF-4D909A31CA92}\F4C69667F6 : DHCPNameServer = 192.168.1.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= C:\windows\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe

x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 /MAXX3

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon

x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r

x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe

x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe

x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 nvpciflt;nvpciflt;C:\windows\System32\drivers\nvpciflt.sys [2012-10-1 25960]

R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2009-6-29 34880]

R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784]

R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2012-10-1 482384]

R2 LMIRescue_4056f85a-2e75-4fdc-b313-3b9d5e836aa5;LogMeIn Rescue (4056f85a-2e75-4fdc-b313-3b9d5e836aa5);C:\Users\mscheepens\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe [2013-1-23 2471296]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-20 14472]

R3 CeKbFilter;CeKbFilter;C:\windows\System32\drivers\CeKbFilter.sys [2012-10-1 20592]

R3 enecir;ENE CIR Receiver;C:\windows\System32\drivers\enecir.sys [2009-6-29 70656]

R3 enecirhid;ENE CIR HID Receiver;C:\windows\System32\drivers\enecirhid.sys [2009-5-20 14848]

R3 enecirhidma;ENE CIR HIDmini Filter;C:\windows\System32\drivers\enecirhidma.sys [2008-4-24 6656]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]

R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-10-1 413800]

S0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-31 228768]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 LMIRescue_b67cca25-1b5e-4353-b5e0-408c7b28f17a;LogMeIn Rescue (b67cca25-1b5e-4353-b5e0-408c7b28f17a);C:\Users\MSCHEE~1\AppData\Local\LOGMEI~1\LMIR0001.tmp\LMI_Rescue_srv.exe [2013-1-21 2471296]

S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-16 398184]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-16 682344]

S2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-8-31 128456]

S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\SymcPCCULaunchSvc.exe [2012-10-1 123320]

S2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [2012-10-1 126392]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;C:\Program Files (x86)\movistar\Escritorio movistar Latam\ImpWiFiSvc.exe [2010-3-8 194048]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-12-8 267192]

S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-10-1 2656280]

S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\windows\System32\drivers\BrSerIb.sys [2012-10-18 95344]

S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\windows\System32\drivers\BrUsbSib.sys [2012-10-18 21872]

S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\windows\System32\drivers\btfilter.sys [2010-10-18 42096]

S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168]

S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\windows\System32\drivers\ewusbnet.sys [2012-10-6 246224]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;C:\windows\System32\drivers\ewdcsc.sys [2012-10-6 32768]

S3 hwusbdev;Huawei DataCard USB PNP Device;C:\windows\System32\drivers\ewusbdev.sys [2012-10-6 114304]

S3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]

S3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-1-31 174168]

S3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-1-16 24176]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-13 368896]

S3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-10-1 38096]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]

S3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2012-10-1 54136]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632]

S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-12-20 822704]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-10-6 1255736]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

S4 M4-Service;M4-Service;C:\Users\mscheepens\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe [2012-11-21 1008032]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-01-22 02:05:29 -------- d-----w- C:\TDSSKiller_Quarantine

2013-01-22 00:02:34 -------- dc----w- C:\Users\mscheepens\AppData\Local\MigWiz

2013-01-21 22:23:55 -------- d-----w- C:\windows\pss

2013-01-21 22:01:31 972264 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B867AB42-679F-418E-9FCC-639FB0FC983E}\gapaengine.dll

2013-01-21 22:01:12 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EAFC8E92-8286-4144-9D0A-47AB10B6A4BE}\mpengine.dll

2013-01-21 21:49:11 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2013-01-21 21:49:06 -------- d-----w- C:\Program Files\Microsoft Security Client

2013-01-21 21:36:25 -------- d-sh--w- C:\windows\BitLockerDiscoveryVolumeContents

2013-01-21 21:36:25 -------- d-----w- C:\windows\RemotePackages

2013-01-21 19:02:46 -------- d-----w- C:\Program Files (x86)\GUMCF41.tmp

2013-01-21 17:25:42 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{404436CA-48AF-4D3E-920F-5DD8E704CC93}\mpengine.dll

2013-01-21 17:19:39 -------- d-----w- C:\Users\mscheepens\AppData\Local\{59FEC782-E72C-42F5-92B8-92EA3FEA0B0F}

2013-01-16 22:03:17 24176 ----a-w- C:\windows\System32\drivers\mbam.sys

2013-01-16 21:34:23 -------- d-----w- C:\windows\D4EFA08DA1924007987D71BFF23B2F8F.TMP

2013-01-16 18:09:18 -------- d-----w- C:\Users\mscheepens\AppData\Roaming\Malwarebytes

2013-01-16 18:08:42 -------- d-----w- C:\ProgramData\Malwarebytes

2013-01-16 18:08:41 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-01-16 18:08:23 -------- d-----w- C:\Users\mscheepens\AppData\Local\Programs

2013-01-16 17:26:46 -------- d-----w- C:\Users\mscheepens\AppData\Local\LogMeIn Rescue Applet

2013-01-16 14:26:54 -------- d-----w- C:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP

2013-01-16 14:14:03 -------- d-----w- C:\ProgramData\BDLogging

2013-01-16 14:14:00 511328 ----a-w- C:\windows\capicom.dll

2013-01-16 14:11:29 -------- d-----w- C:\Users\mscheepens\AppData\Roaming\QuickScan

2013-01-16 14:10:22 -------- d-----w- C:\Program Files\Bitdefender

2013-01-16 14:09:41 -------- d-----w- C:\Users\mscheepens\AppData\Local\{11DC0329-3421-4693-B0C6-BE320C788DEC}

2013-01-16 13:53:56 -------- d-----w- C:\Program Files\Common Files\Bitdefender

2013-01-16 02:15:38 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2013-01-15 19:46:56 -------- d-----w- C:\Users\mscheepens\AppData\Local\{1DF5B1BA-8C98-4AD8-8E14-5C8B77B024DA}

2013-01-15 19:42:06 -------- d-----w- C:\Users\mscheepens\AppData\Local\NPE

2013-01-15 18:18:00 -------- d-----w- C:\Program Files\CCleaner

2013-01-14 21:22:09 15432 ----a-w- C:\windows\Launcher.exe

2013-01-14 20:44:52 -------- d-----w- C:\Users\mscheepens\AppData\Local\ElevatedDiagnostics

2013-01-14 20:22:10 -------- d-----w- C:\Users\mscheepens\AppData\Local\{987A3DF3-1863-4562-B1A1-3AE666754E02}

2013-01-11 14:18:52 -------- d-----w- C:\Users\mscheepens\AppData\Local\{C07A0F61-4CB0-4DCA-894E-1B80DBF411DA}

2013-01-09 12:47:55 68608 ----a-w- C:\windows\System32\taskhost.exe

2013-01-09 12:47:54 3149824 ----a-w- C:\windows\System32\win32k.sys

2013-01-09 12:42:56 -------- d-----w- C:\Users\mscheepens\AppData\Local\{91917FC6-2F71-4419-8939-7ED55218C694}

2013-01-08 20:21:13 -------- d-----r- C:\Users\mscheepens\AppData\Roaming\Brother

2013-01-08 17:46:33 -------- d-----w- C:\Users\mscheepens\AppData\Roaming\PC-FAX TX

2013-01-07 21:24:42 -------- d-----w- C:\Users\mscheepens\AppData\Local\{EC80ECF5-6579-4AAF-8915-82C88515EDD0}

2013-01-07 21:17:08 73728 ------w- C:\windows\SysWow64\BRCrypt.dll

2013-01-07 21:17:03 180224 ------w- C:\windows\SysWow64\BrMuSNMP.dll

2013-01-07 21:17:03 118784 ------w- C:\windows\SysWow64\BrMfNt.dll

2013-01-07 21:17:02 179712 ------w- C:\windows\System32\BrfxDA5b.dll

2013-01-07 21:17:01 83968 ------w- C:\windows\System32\BrNetSti.dll

2013-01-07 21:17:01 59392 ------w- C:\windows\System32\BrWiaNCp.dll

2013-01-07 21:17:01 48640 ------w- C:\windows\System32\Brnsplg.dll

2013-01-07 21:17:01 255488 ------w- C:\windows\System32\NSSRH64.dll

2013-01-07 21:17:01 143360 ------w- C:\windows\System32\BrSNMP64.dll

2013-01-07 21:16:56 217088 ------w- C:\windows\SysWow64\NSSearch.dll

2013-01-07 21:15:33 -------- d-----w- C:\ProgramData\Brother

2013-01-07 15:26:29 -------- d-----w- C:\Users\mscheepens\AppData\Local\{C7D17A97-FE0F-4899-BACC-32336AB0A39C}

2013-01-05 16:56:41 -------- d-----w- C:\Users\mscheepens\AppData\Local\{5A25DCFE-EB3B-445B-A1D9-C7964456892E}

2013-01-02 21:21:15 -------- d-----w- C:\Users\mscheepens\AppData\Local\Macromedia

2013-01-02 19:01:45 -------- d-----w- C:\Users\mscheepens\AppData\Local\Mozilla

2012-12-31 13:59:31 -------- d-----w- C:\Users\mscheepens\AppData\Local\{9359423E-347D-4E97-8F5D-393B41F5D021}

2012-12-31 01:58:55 -------- d-----w- C:\Users\mscheepens\AppData\Local\{30E5FB46-84F8-4D6F-A88D-9482B45DCC6F}

2012-12-30 12:19:10 -------- d-----w- C:\Users\mscheepens\AppData\Local\{17F393C8-9C22-424E-88C4-1445F141DC6C}

2012-12-29 18:09:43 -------- d-----w- C:\Users\mscheepens\AppData\Local\{32C9961D-B86A-4DD6-AB0E-C7DA1C8B6959}

2012-12-29 03:11:35 -------- d-----w- C:\Users\mscheepens\AppData\Roaming\Windows Live Writer

2012-12-29 03:11:35 -------- d-----w- C:\Users\mscheepens\AppData\Local\Windows Live Writer

2012-12-29 02:46:06 -------- d-----w- C:\Users\mscheepens\AppData\Local\{A5A70533-ECE4-48AE-9421-AA77ECD2C7D6}

2012-12-29 02:46:06 -------- d-----w- C:\Users\mscheepens\AppData\Local\{0A346EF5-5475-4C75-A191-963C947763BA}

2012-12-29 02:45:53 -------- d-----w- C:\Users\mscheepens\Tracing

.

==================== Find3M ====================

.

2013-01-09 17:07:07 74248 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-09 17:07:07 697864 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2012-12-16 17:11:22 46080 ----a-w- C:\windows\System32\atmlib.dll

2012-12-16 14:45:03 367616 ----a-w- C:\windows\System32\atmfd.dll

2012-12-16 14:13:28 295424 ----a-w- C:\windows\SysWow64\atmfd.dll

2012-12-16 14:13:20 34304 ----a-w- C:\windows\SysWow64\atmlib.dll

2012-12-07 13:20:16 441856 ----a-w- C:\windows\System32\Wpc.dll

2012-12-07 13:15:31 2746368 ----a-w- C:\windows\System32\gameux.dll

2012-12-07 12:26:17 308736 ----a-w- C:\windows\SysWow64\Wpc.dll

2012-12-07 12:20:43 2576384 ----a-w- C:\windows\SysWow64\gameux.dll

2012-12-07 11:20:04 30720 ----a-w- C:\windows\System32\usk.rs

2012-12-07 11:20:03 43520 ----a-w- C:\windows\System32\csrr.rs

2012-12-07 11:20:03 23552 ----a-w- C:\windows\System32\oflc.rs

2012-12-07 11:20:01 45568 ----a-w- C:\windows\System32\oflc-nz.rs

2012-12-07 11:20:01 44544 ----a-w- C:\windows\System32\pegibbfc.rs

2012-12-07 11:20:01 20480 ----a-w- C:\windows\System32\pegi-fi.rs

2012-12-07 11:20:00 20480 ----a-w- C:\windows\System32\pegi-pt.rs

2012-12-07 11:19:59 20480 ----a-w- C:\windows\System32\pegi.rs

2012-12-07 11:19:58 46592 ----a-w- C:\windows\System32\fpb.rs

2012-12-07 11:19:57 40960 ----a-w- C:\windows\System32\cob-au.rs

2012-12-07 11:19:57 21504 ----a-w- C:\windows\System32\grb.rs

2012-12-07 11:19:57 15360 ----a-w- C:\windows\System32\djctq.rs

2012-12-07 11:19:56 55296 ----a-w- C:\windows\System32\cero.rs

2012-12-07 11:19:55 51712 ----a-w- C:\windows\System32\esrb.rs

2012-11-30 05:45:35 362496 ----a-w- C:\windows\System32\wow64win.dll

2012-11-30 05:45:35 243200 ----a-w- C:\windows\System32\wow64.dll

2012-11-30 05:45:35 13312 ----a-w- C:\windows\System32\wow64cpu.dll

2012-11-30 05:45:14 215040 ----a-w- C:\windows\System32\winsrv.dll

2012-11-30 05:43:12 16384 ----a-w- C:\windows\System32\ntvdm64.dll

2012-11-30 05:41:07 424448 ----a-w- C:\windows\System32\KernelBase.dll

2012-11-30 04:54:00 5120 ----a-w- C:\windows\SysWow64\wow32.dll

2012-11-30 04:53:59 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll

2012-11-30 03:23:48 338432 ----a-w- C:\windows\System32\conhost.exe

2012-11-30 02:44:06 25600 ----a-w- C:\windows\SysWow64\setup16.exe

2012-11-30 02:44:04 7680 ----a-w- C:\windows\SysWow64\instnm.exe

2012-11-30 02:44:04 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll

2012-11-30 02:44:03 2048 ----a-w- C:\windows\SysWow64\user.exe

2012-11-30 02:38:59 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38:59 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38:59 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38:59 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-11-22 05:44:23 800768 ----a-w- C:\windows\System32\usp10.dll

2012-11-22 04:45:03 626688 ----a-w- C:\windows\SysWow64\usp10.dll

2012-11-20 05:48:49 307200 ----a-w- C:\windows\System32\ncrypt.dll

2012-11-20 04:51:09 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll

2012-11-09 05:45:32 750592 ----a-w- C:\windows\System32\win32spl.dll

2012-11-09 05:45:09 2048 ----a-w- C:\windows\System32\tzres.dll

2012-11-09 04:43:04 492032 ----a-w- C:\windows\SysWow64\win32spl.dll

2012-11-09 04:42:49 2048 ----a-w- C:\windows\SysWow64\tzres.dll

2012-11-02 05:59:11 478208 ----a-w- C:\windows\System32\dpnet.dll

2012-11-02 05:11:31 376832 ----a-w- C:\windows\SysWow64\dpnet.dll

2012-11-01 05:43:42 2002432 ----a-w- C:\windows\System32\msxml6.dll

2012-11-01 05:43:42 1882624 ----a-w- C:\windows\System32\msxml3.dll

2012-11-01 04:47:54 1389568 ----a-w- C:\windows\SysWow64\msxml6.dll

2012-11-01 04:47:54 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll

.

============= FINISH: 14:08:51.72 ===============

DDS countiued

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 10/1/2012 5:57:52 PM

System Uptime: 1/22/2013 8:36:54 AM (30 hours ago)

.

Motherboard: TOSHIBA | | PEQAA

Processor: Intel® Core™ i7-2630QM CPU @ 2.00GHz | CPU 1 | 1995/400mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 450 GiB total, 332.869 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 931 GiB total, 267.92 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}

Description: Consumer IR Devices

Device ID: ROOT\SYSTEM\0001

Manufacturer: Microsoft

Name: Consumer IR Devices

PNP Device ID: ROOT\SYSTEM\0001

Service: circlass

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

64 Bit HP CIO Components Installer

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.5) MUI

Amazon Links

AppEazy Connect v4.2 (Build 4084)

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Bluetooth Filter Driver Package

Atheros Driver Installation Program

Bejeweled 3

Bluetooth Stack for Windows by Toshiba

Bonjour

BufferChm

C5500

CCleaner

Chuzzle Deluxe

Cisco WebEx Meetings

D3DX10

Destinations

DeviceDiscovery

ENE CIR Receiver Driver

Escritorio movistar Latam

FATE - The Traitor Soul

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService2

HP Customer Participation Program 13.0

HP Imaging Device Functions 13.0

HP Photosmart C5500 All-In-One Driver Software 13.0 Rel. 4

HP Photosmart Essential 3.5

HP Smart Web Printing 4.51

HP Solution Center 13.0

HP Update

HPPhotoGadget

HPPhotoSmartDiscLabel_PaperLabel

HPPhotoSmartDiscLabel_PrintOnDisc

HPPhotoSmartDiscLabelContent1

hpphotosmartdisclabelplugin

HPPhotosmartEssential

HPProductAssistant

HPSSupply

HUAWEI DataCard Driver 3.10.02.00

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

iTunes

Java Auto Updater

Java™ 6 Update 20

Jewel Quest: The Sleepless Star - Collector's Edition

JMicron Flash Media Controller Driver

join.me

Junk Mail filter update

KONICA MINOLTA magicolor 4690MF

Label@Once 1.0

Malwarebytes Anti-Malware version 1.70.0.1100

MarketResearch

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NVIDIA 3D Vision Controller Driver

NVIDIA 3D Vision Controller Driver 267.44

NVIDIA Control Panel 267.44

NVIDIA Graphics Driver 267.44

NVIDIA Install Application

NVIDIA Optimus 1.0.21

NVIDIA PhysX

NVIDIA PhysX System Software 9.10.0514

NVIDIA Update Components

Penguins!

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime amd64

PlayReady PC Runtime x86

Polar Bowler

PS_AIO_04_C5500_Software_Min

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Renesas Electronics USB 3.0 Host Controller Driver

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Shop for HP Supplies

Skype Launcher

Skype™ 6.0

SmartWebPrinting

SolutionCenter

Status

Synaptics Pointing Device Driver

Tom Clancy's Splinter Cell

Toolbox

Toshiba App Place

TOSHIBA Application Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA Disc Creator

TOSHIBA eco Utility

TOSHIBA Face Recognition

TOSHIBA Flash Cards Support Utility

TOSHIBA Hardware Setup

TOSHIBA HDD Protection

TOSHIBA HDD/SSD Alert

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA PC Health Monitor

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA ReelTime

TOSHIBA Resolution+ Plug-in for Windows Media Player

TOSHIBA Service Station

TOSHIBA Sleep Utility

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA VIDEO PLAYER

TOSHIBA Web Camera Application

TOSHIBA Wireless LAN Indicator

ToshibaRegistration

TrayApp

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update Installer for WildTangent Games App

Utility Common Driver

WebReg

WildTangent Games

WildTangent Games App (Toshiba Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

1/23/2013 8:47:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.466.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

1/23/2013 8:47:38 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

1/23/2013 8:38:16 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

1/23/2013 12:41:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

1/23/2013 1:08:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

1/22/2013 8:38:24 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

1/22/2013 8:38:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

1/22/2013 8:37:52 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

1/22/2013 8:37:46 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\system32\athihvs.dll Error Code: 21

1/22/2013 8:37:30 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

1/22/2013 8:37:27 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr vpcvmm Wanarpv6

1/22/2013 8:37:27 AM, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain ISLECAP due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

1/22/2013 12:24:55 AM, Error: Microsoft-Windows-TerminalServices-RemoteConnectionManager [1067] - The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted. .

1/22/2013 12:24:30 AM, Error: Service Control Manager [7041] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the user has not been granted the requested logon type at this computer. Service: nvUpdatusService Domain and account: .\UpdatusUser This service account does not have the required user right "Log on as a service." User Action Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster. If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.

1/22/2013 12:24:30 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.

1/22/2013 12:23:12 AM, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

1/22/2013 1:59:06 AM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

1/22/2013 1:59:01 AM, Error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).

1/22/2013 1:29:59 AM, Error: Service Control Manager [7034] - The Toshiba Laptop Checkup Application Launcher service terminated unexpectedly. It has done this 1 time(s).

1/21/2013 8:02:09 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.466.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80240017 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

1/21/2013 5:36:40 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).

1/21/2013 5:36:40 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).

1/21/2013 5:02:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

1/21/2013 4:18:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

1/21/2013 4:07:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}

1/21/2013 4:04:24 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr vpcvmm Wanarpv6

1/21/2013 4:03:37 PM, Error: Service Control Manager [7023] - The Intel® Management and Security Application User Notification Service service terminated with the following error: %%-2147467243

1/21/2013 4:02:20 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

1/21/2013 11:23:11 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user ISLECAP\MScheepens SID (S-1-5-21-1085031214-1606980848-725345543-4844) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

1/16/2013 7:32:53 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 2 time(s).

1/16/2013 7:23:48 PM, Error: Service Control Manager [7030] - The Local System Utility service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

1/16/2013 5:24:08 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 2 time(s).

1/16/2013 5:06:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

1/16/2013 5:06:48 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/16/2013 5:06:24 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

1/16/2013 5:06:24 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

1/16/2013 3:23:17 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avc3 discache gzflt spldr trufos vpcvmm Wanarpv6

.

==== End Of File ===========================

DDS Attach (Not sure if duplicate)

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 10/1/2012 5:57:52 PM

System Uptime: 1/22/2013 8:36:54 AM (30 hours ago)

.

Motherboard: TOSHIBA | | PEQAA

Processor: Intel® Core™ i7-2630QM CPU @ 2.00GHz | CPU 1 | 1995/400mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 450 GiB total, 332.869 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 931 GiB total, 267.92 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}

Description: Consumer IR Devices

Device ID: ROOT\SYSTEM\0001

Manufacturer: Microsoft

Name: Consumer IR Devices

PNP Device ID: ROOT\SYSTEM\0001

Service: circlass

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: Security Processor Loader Driver

Device ID: ROOT\LEGACY_SPLDR\0000

Manufacturer:

Name: Security Processor Loader Driver

PNP Device ID: ROOT\LEGACY_SPLDR\0000

Service: spldr

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

64 Bit HP CIO Components Installer

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.5) MUI

Amazon Links

AppEazy Connect v4.2 (Build 4084)

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Bluetooth Filter Driver Package

Atheros Driver Installation Program

Bejeweled 3

Bluetooth Stack for Windows by Toshiba

Bonjour

BufferChm

C5500

CCleaner

Chuzzle Deluxe

Cisco WebEx Meetings

D3DX10

Destinations

DeviceDiscovery

ENE CIR Receiver Driver

Escritorio movistar Latam

FATE - The Traitor Soul

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService2

HP Customer Participation Program 13.0

HP Imaging Device Functions 13.0

HP Photosmart C5500 All-In-One Driver Software 13.0 Rel. 4

HP Photosmart Essential 3.5

HP Smart Web Printing 4.51

HP Solution Center 13.0

HP Update

HPPhotoGadget

HPPhotoSmartDiscLabel_PaperLabel

HPPhotoSmartDiscLabel_PrintOnDisc

HPPhotoSmartDiscLabelContent1

hpphotosmartdisclabelplugin

HPPhotosmartEssential

HPProductAssistant

HPSSupply

HUAWEI DataCard Driver 3.10.02.00

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

iTunes

Java Auto Updater

Java™ 6 Update 20

Jewel Quest: The Sleepless Star - Collector's Edition

JMicron Flash Media Controller Driver

join.me

Junk Mail filter update

KONICA MINOLTA magicolor 4690MF

Label@Once 1.0

Malwarebytes Anti-Malware version 1.70.0.1100

MarketResearch

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NVIDIA 3D Vision Controller Driver

NVIDIA 3D Vision Controller Driver 267.44

NVIDIA Control Panel 267.44

NVIDIA Graphics Driver 267.44

NVIDIA Install Application

NVIDIA Optimus 1.0.21

NVIDIA PhysX

NVIDIA PhysX System Software 9.10.0514

NVIDIA Update Components

Penguins!

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime amd64

PlayReady PC Runtime x86

Polar Bowler

PS_AIO_04_C5500_Software_Min

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Renesas Electronics USB 3.0 Host Controller Driver

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Shop for HP Supplies

Skype Launcher

Skype™ 6.0

SmartWebPrinting

SolutionCenter

Status

Synaptics Pointing Device Driver

Tom Clancy's Splinter Cell

Toolbox

Toshiba App Place

TOSHIBA Application Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA Disc Creator

TOSHIBA eco Utility

TOSHIBA Face Recognition

TOSHIBA Flash Cards Support Utility

TOSHIBA Hardware Setup

TOSHIBA HDD Protection

TOSHIBA HDD/SSD Alert

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA PC Health Monitor

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA ReelTime

TOSHIBA Resolution+ Plug-in for Windows Media Player

TOSHIBA Service Station

TOSHIBA Sleep Utility

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA VIDEO PLAYER

TOSHIBA Web Camera Application

TOSHIBA Wireless LAN Indicator

ToshibaRegistration

TrayApp

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update Installer for WildTangent Games App

Utility Common Driver

WebReg

WildTangent Games

WildTangent Games App (Toshiba Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

1/23/2013 8:47:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.466.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

1/23/2013 8:47:38 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

1/23/2013 8:38:16 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

1/23/2013 12:41:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

1/23/2013 1:08:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

1/22/2013 8:38:24 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

1/22/2013 8:38:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

1/22/2013 8:37:52 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

1/22/2013 8:37:46 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\windows\system32\athihvs.dll Error Code: 21

1/22/2013 8:37:30 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

1/22/2013 8:37:27 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr vpcvmm Wanarpv6

1/22/2013 8:37:27 AM, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain ISLECAP due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

1/22/2013 12:24:55 AM, Error: Microsoft-Windows-TerminalServices-RemoteConnectionManager [1067] - The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted. .

1/22/2013 12:24:30 AM, Error: Service Control Manager [7041] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the user has not been granted the requested logon type at this computer. Service: nvUpdatusService Domain and account: .\UpdatusUser This service account does not have the required user right "Log on as a service." User Action Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster. If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.

1/22/2013 12:24:30 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.

1/22/2013 12:23:12 AM, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

1/22/2013 1:59:06 AM, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

1/22/2013 1:59:01 AM, Error: Service Control Manager [7034] - The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).

1/22/2013 1:29:59 AM, Error: Service Control Manager [7034] - The Toshiba Laptop Checkup Application Launcher service terminated unexpectedly. It has done this 1 time(s).

1/21/2013 8:02:09 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.466.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x80240017 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

1/21/2013 5:36:40 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).

1/21/2013 5:36:40 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).

1/21/2013 5:02:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

1/21/2013 4:18:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

1/21/2013 4:07:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}

1/21/2013 4:04:24 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr vpcvmm Wanarpv6

1/21/2013 4:03:37 PM, Error: Service Control Manager [7023] - The Intel® Management and Security Application User Notification Service service terminated with the following error: %%-2147467243

1/21/2013 4:02:20 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

1/21/2013 11:23:11 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user ISLECAP\MScheepens SID (S-1-5-21-1085031214-1606980848-725345543-4844) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

1/16/2013 7:32:53 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 2 time(s).

1/16/2013 7:23:48 PM, Error: Service Control Manager [7030] - The Local System Utility service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

1/16/2013 5:24:08 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 2 time(s).

1/16/2013 5:06:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

1/16/2013 5:06:48 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/16/2013 5:06:24 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

1/16/2013 5:06:24 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

1/16/2013 3:23:17 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avc3 discache gzflt spldr trufos vpcvmm Wanarpv6

.

==== End Of File ===========================</orphaned></orphaned></orphaned></orphaned></orphaned>

# AdwCleaner v2.107 - Logfile created 01/23/2013 at 15:02:14

# Updated 21/01/2013 by Xplode

# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)

# User : MScheepens - IGYURU-MALKA

# Boot Mode : Safe mode with networking

# Running from : C:\Users\mscheepens\Downloads\adwcleaner (1).exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Found : HKCU\Software\ProtectedSearch

Key Found : HKLM\SOFTWARE\Software

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.52

File : C:\Users\mscheepens\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [777 octets] - [23/01/2013 15:02:14]

########## EOF - C:\AdwCleaner[R1].txt - [836 octets] ##########

TDSSKiller Report

16:49:45.0400 6140 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

16:49:46.0229 6140 ============================================================

16:49:46.0230 6140 Current date / time: 2013/01/23 16:49:46.0229

16:49:46.0230 6140 SystemInfo:

16:49:46.0230 6140

16:49:46.0230 6140 OS Version: 6.1.7601 ServicePack: 1.0

16:49:46.0230 6140 Product type: Workstation

16:49:46.0230 6140 ComputerName: IGYURU-MALKA

16:49:46.0230 6140 UserName: MScheepens

16:49:46.0231 6140 Windows directory: C:\windows

16:49:46.0231 6140 System windows directory: C:\windows

16:49:46.0231 6140 Running under WOW64

16:49:46.0231 6140 Processor architecture: Intel x64

16:49:46.0231 6140 Number of processors: 8

16:49:46.0231 6140 Page size: 0x1000

16:49:46.0231 6140 Boot type: Normal boot

16:49:46.0231 6140 ============================================================

16:49:46.0973 6140 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:49:52.0472 6140 Drive \Device\Harddisk1\DR1 - Size: 0xE8DF200000 (931.49 Gb), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

16:49:52.0478 6140 ============================================================

16:49:52.0478 6140 \Device\Harddisk0\DR0:

16:49:52.0495 6140 MBR partitions:

16:49:52.0495 6140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x3845A000

16:49:52.0495 6140 \Device\Harddisk1\DR1:

16:49:52.0496 6140 MBR partitions:

16:49:52.0496 6140 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x746F8800

16:49:52.0496 6140 ============================================================

16:49:52.0499 6140 C: <-> \Device\Harddisk0\DR0\Partition1

16:49:52.0530 6140 E: <-> \Device\Harddisk1\DR1\Partition1

16:49:52.0531 6140 ============================================================

16:49:52.0531 6140 Initialize success

16:49:52.0531 6140 ============================================================

16:50:20.0944 4848 ============================================================

16:50:20.0944 4848 Scan started

16:50:20.0944 4848 Mode: Manual; SigCheck; TDLFS;

16:50:20.0944 4848 ============================================================

16:50:26.0864 4848 ================ Scan system memory ========================

16:50:26.0865 4848 System memory - ok

16:50:26.0866 4848 ================ Scan services =============================

16:51:01.0421 4848 ================ Scan global ===============================

16:51:01.0442 4848 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll

16:51:01.0518 4848 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll

16:51:01.0553 4848 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll

16:51:01.0581 4848 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll

16:51:01.0615 4848 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe

16:51:01.0662 4848 [Global] - ok

16:51:01.0664 4848 ================ Scan MBR ==================================

16:51:01.0684 4848 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0

16:51:01.0998 4848 \Device\Harddisk0\DR0 - ok

16:51:07.0440 4848 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1

16:51:07.0591 4848 \Device\Harddisk1\DR1 - ok

16:51:07.0593 4848 ================ Scan VBR ==================================

16:51:07.0610 4848 [ D77ED5C1A4ABAD313646690308D00A1E ] \Device\Harddisk0\DR0\Partition1

16:51:07.0613 4848 \Device\Harddisk0\DR0\Partition1 - ok

16:51:07.0617 4848 [ F180A011DFBE1A58F59665D44E22738A ] \Device\Harddisk1\DR1\Partition1

16:51:07.0620 4848 \Device\Harddisk1\DR1\Partition1 - ok

16:51:07.0621 4848 ============================================================

16:51:07.0621 4848 Scan finished

16:51:07.0621 4848 ============================================================

16:51:07.0624 5960 Detected object count: 6

16:51:07.0624 5960 Actual detected object count: 6

19:13:46.0023 5960 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - copied to quarantine

19:13:46.0125 5960 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:13:46.0141 5960 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - copied to quarantine

19:13:46.0212 5960 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:13:46.0244 5960 C:\Windows\system32\HPZinw12.dll - copied to quarantine

19:13:46.0272 5960 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:13:46.0285 5960 C:\Windows\system32\HPZipm12.dll - copied to quarantine

19:13:46.0303 5960 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:13:46.0333 5960 C:\Program Files (x86)\movistar\Escritorio movistar Latam\ImpWiFiSvc.exe - copied to quarantine

19:13:46.0401 5960 TGCM_ImportWiFiSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

19:13:46.0422 5960 C:\windows\system32\ThpSrv.exe - copied to quarantine

19:13:46.0469 5960 Thpsrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

RKReport

RogueKiller V8.4.3 [Jan 21 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo...13-roguekiller/

Website : http://tigzy.geeksto...roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : MScheepens [Admin rights]

Mode : Scan -- Date : 01/23/2013 16:52:58

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Seagate ST9500423AS +++++

--- User ---

[MBR] 8b213e24bcc4323c3dac72dc6d489013

[bSP] 2abaeadc023deadcaf79bc8d80534f9a : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 460980 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 947161088 | Size: 14459 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive1: WD My Passport 071A USB Device +++++

--- User ---

[MBR] b46ed1b1c322e66e1f4eaeba67c05722

[bSP] 135e686b19abccecba56a30f9ca51ba0 : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953841 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

Finished : << RKreport[1]_S_01232013_02d1652.txt >>

RKreport[1]_S_01232013_02d1652.txt

Downloaded and ran from deskrop the program ERUNT

When I ran the TDSSkiller I am not able to Cure any of the 6 threats that was detected.

ANY HELP </dot></at>

Link to post
Share on other sites

Hello koontzman and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

When I ran the TDSSkiller I am not able to Cure any of the 6 threats that was detect

These are legitimate items, not malware related. You fixed the wrong things. You could find information here how to restore them:

http://forum.kaspersky.com/index.php?showtopic=225489

Next, generate a new fresh DDS log files.

Link to post
Share on other sites

  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.