Computer having random 'slow' spikes. Need help fixing it out.

RenshuYuu · April 13, 2013

Hello, my laptop has recently been having extreme frame loss issues when working and most frequently during video games.

I've never had frame-loss issues before and it's becoming so frequent, I believe there's an issue happening with my laptop.

I'm not good with this sort of thing and if possible I'd like some help getting this cleaned, and having my hand held a little. Please and thank you for anyone that respond.

Maniac · April 13, 2013

Hello RenshuYuu and :welcome: ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and post your log files:

http://forums.malwarebytes.org/index.php?showtopic=9573

RenshuYuu · April 13, 2013

DDS.txt file

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.7.2

Run by Paul K. Ngo at 19:10:25 on 2013-04-13

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8099.4426 [GMT -4:00]

.

AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\windows\system32\ThpSrv.exe

C:\windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\TOSHIBA\TECO\TecoService.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\SearchIndexer.exe

C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\System32\ThpSrv.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe

C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe

C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

C:\windows\system32\svchost.exe -k SDRSVC

C:\windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe

C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.133\deploy\LoLLauncher.exe

C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.0\deploy\LolClient.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\igfxsrvc.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3220468

uProxyOverride = <local>;*.local

uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll

mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\IPS\IPSBHO.dll

BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: uTorrentControl_v2 Toolbar: {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\CoIEPlg.dll

TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [Akamai NetSession Interface] "C:\Users\Paul K. Ngo\AppData\Local\Akamai\netsession_win.exe"

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [Desura] C:\Program Files (x86)\Desura\desura.exe -autostart

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP

mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOLREC~1.LNK - C:\Program Files (x86)\LOLReplay\LOLRecorder.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{B8B7AB30-42BB-47F3-B067-565E6DD8C709} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{B8B7AB30-42BB-47F3-B067-565E6DD8C709}\46562756B6 : DHCPNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{F10F8DEF-97C1-44ED-AC45-2B62002247B0} : DHCPNameServer = 100.100.0.101

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\windows\System32\igfxpers.exe

x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe

x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 /MAXX3

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon

x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r

x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe

x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe

x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Paul K. Ngo\AppData\Roaming\Mozilla\Firefox\Profiles\waxxv1p8.default\

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&SearchSource=2&q=

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

FF - plugin: C:\windows\System32\npDeployJava1.dll

FF - plugin: C:\windows\System32\npmproxy.dll

FF - plugin: C:\windows\System32\npOGPPlugin.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\windows\SysWOW64\npmproxy.dll

FF - plugin: C:\windows\SysWOW64\npOGPPlugin.dll

FF - ExtSQL: 2013-03-07 22:07; firefox@mega.co.nz; C:\Users\Paul K. Ngo\AppData\Roaming\Mozilla\Firefox\Profiles\waxxv1p8.default\extensions\firefox@mega.co.nz.xpi

FF - ExtSQL: 2013-03-15 11:40; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; C:\Users\Paul K. Ngo\AppData\Roaming\Mozilla\Firefox\Profiles\waxxv1p8.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;C:\windows\System32\drivers\NISx64\1300000.080\SymDS64.sys [2012-1-13 451192]

R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\NISx64\1300000.080\SymEFA64.sys [2012-1-13 1083512]

R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2011-3-23 36992]

R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784]

R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2012-1-13 482384]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20120517.001\BHDrvx64.sys [2012-5-23 1160824]

R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\windows\System32\drivers\NISx64\1300000.080\ccSetx64.sys [2012-1-13 165512]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2012-5-11 283200]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20120531.003\IDSviA64.sys [2012-6-1 488568]

R1 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\NISx64\1300000.080\Ironx64.sys [2012-1-13 189560]

R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\NISx64\1300000.080\symnets.sys [2012-1-13 396408]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-1 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-15 701512]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe [2012-1-13 138760]

R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [2012-1-13 123320]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2012-1-13 126392]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-3-19 3289208]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-5-24 294848]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-1-13 2656280]

R3 CeKbFilter;CeKbFilter;C:\windows\System32\drivers\CeKbFilter.sys [2012-1-13 20592]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-5-31 138912]

R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]

R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2012-8-15 25928]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]

R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-1-13 38096]

R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-1-13 413800]

R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2012-1-13 1109096]

R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2012-1-13 57216]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-10 138152]

R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-7-1 828856]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]

S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-7-4 131912]

S3 GamesAppService;GamesAppService;"C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" --> C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [?]

S3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-5-2 175192]

S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\windows\System32\drivers\MijXfilt.sys [2013-3-22 121416]

S3 npggsvc;nProtect GameGuard Service;C:\windows\System32\GameMon.des -service --> C:\windows\System32\GameMon.des -service [?]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-5-6 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-04-12 20:03:14 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BE377D16-428C-4B3A-B03B-DEF390AD19A6}\offreg.dll

2013-04-12 15:17:52 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BE377D16-428C-4B3A-B03B-DEF390AD19A6}\mpengine.dll

2013-04-11 14:02:53 2706432 ----a-w- C:\windows\System32\mshtml.tlb

2013-04-10 11:25:33 3717632 ----a-w- C:\windows\System32\mstscax.dll

2013-04-09 20:18:40 -------- d-----w- C:\Users\Paul K. Ngo\AppData\Local\Tific

2013-04-07 03:03:24 -------- d-----w- C:\Users\Paul K. Ngo\AppData\Local\{3268815D-C30B-4AA5-8B05-7EB8DACBFCBC}

2013-04-01 01:52:37 -------- d-----w- C:\Users\Paul K. Ngo\AppData\Local\Warframe

2013-04-01 00:23:07 -------- d-----w- C:\Users\Paul K. Ngo\AppData\Local\{31180B7D-CC80-4F66-9300-FC59CED5E152}

2013-03-23 16:49:35 -------- d-----w- C:\ProgramData\Digipen

2013-03-23 16:48:15 -------- d-----w- C:\Program Files (x86)\DigiPen

2013-03-22 16:44:08 -------- d-----w- C:\Users\Paul K. Ngo\AppData\Roaming\MotioninJoy

2013-03-22 16:43:59 74960 ----a-w- C:\windows\System32\drivers\xusb21.sys

2013-03-22 16:43:59 328712 ----a-w- C:\windows\System32\MijFrc.dll

2013-03-22 16:43:59 121416 ----a-w- C:\windows\System32\drivers\MijXfilt.sys

2013-03-22 16:43:59 -------- d-----w- C:\Program Files\MotioninJoy

2013-03-20 23:14:02 -------- d-----w- C:\ProgramData\Steam

2013-03-20 20:20:47 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys

.

==================== Find3M ====================

.

2013-04-04 18:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe

2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe

2013-03-13 03:46:12 73432 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-03-13 03:46:12 693976 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2013-03-12 05:10:56 282744 ------w- C:\windows\System32\MpSigStub.exe

2013-03-02 06:04:53 1655656 ----a-w- C:\windows\System32\drivers\ntfs.sys

2013-03-01 03:36:04 3153408 ----a-w- C:\windows\System32\win32k.sys

2013-02-21 10:30:16 1766912 ----a-w- C:\windows\SysWow64\wininet.dll

2013-02-21 10:29:39 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll

2013-02-21 10:29:37 61440 ----a-w- C:\windows\SysWow64\iesetup.dll

2013-02-21 10:29:37 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll

2013-02-21 10:15:07 2240512 ----a-w- C:\windows\System32\wininet.dll

2013-02-21 10:14:09 3958784 ----a-w- C:\windows\System32\jscript9.dll

2013-02-21 10:14:05 67072 ----a-w- C:\windows\System32\iesetup.dll

2013-02-21 10:14:05 136704 ----a-w- C:\windows\System32\iesysprep.dll

2013-02-19 12:01:03 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb

2013-02-19 11:10:53 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe

2013-02-19 10:51:18 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe

2013-02-15 06:08:40 44032 ----a-w- C:\windows\System32\tsgqec.dll

2013-02-15 06:02:26 158720 ----a-w- C:\windows\System32\aaclient.dll

2013-02-15 04:37:10 3217408 ----a-w- C:\windows\SysWow64\mstscax.dll

2013-02-15 04:34:10 131584 ----a-w- C:\windows\SysWow64\aaclient.dll

2013-02-15 03:25:51 36864 ----a-w- C:\windows\SysWow64\tsgqec.dll

2013-02-12 05:45:24 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45:22 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45:22 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45:22 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48:31 474112 ----a-w- C:\windows\apppatch\AcSpecfc.dll

2013-02-12 04:48:26 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll

2013-01-24 06:01:01 223752 ----a-w- C:\windows\System32\drivers\fvevol.sys

.

============= FINISH: 19:11:11.65 ===============

RenshuYuu · April 13, 2013

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 5/1/2012 8:03:14 PM

System Uptime: 4/12/2013 6:01:16 PM (25 hours ago)

.

Motherboard: TOSHIBA | | PHRAA

Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU 1 | 2178/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 682 GiB total, 338.93 GiB free.

D: is CDROM ()

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP186: 4/10/2013 7:23:01 AM - Windows Update

RP187: 4/11/2013 10:01:37 AM - Windows Update

.

==== Installed Programs ======================

.

µTorrent

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.6) MUI

Amnesia: The Dark Descent

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Audacity 2.0.3

AutoHotkey 1.0.48.03

Bandisoft MPEG-1 Decoder

Bastion

Bejeweled 3

Bonjour

Chantelise

Chuzzle Deluxe

Counter-Strike: Global Offensive Beta

Counter-Strike: Source

D3DX10

DAEMON Tools Lite

Desura

Doom 3

Dragon Saga

FATE - The Traitor Soul

Fishdom 2

Fortune Summoners: Secret of the Elemental Stone

Fraps (remove only)

GoldWave v5.67

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Half-Life 2

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

iTunes

Java 7 Update 7

Java Auto Updater

JMicron Flash Media Controller Driver

Junk Mail filter update

League of Legends

LOLReplay

Malwarebytes Anti-Malware version 1.75.0.1300

MapleStory

Mesh Runtime

Metro 2033

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft XNA Framework Redistributable 3.1

Microsoft XNA Framework Redistributable 4.0 Refresh

MotioninJoy Gamepad tool 0.7.1001

Mozilla Firefox 20.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

Mumble 1.2.3

Nexon Game Manager

Norton Internet Security

NVIDIA PhysX

OGPlanet Game Launcher

osu!

Penguins!

Perspective 1.0

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime amd64

PlayReady PC Runtime x86

Polar Bowler

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Realtek WLAN Driver

Recettear: An Item Shop's Tale

Renesas Electronics USB 3.0 Host Controller Driver

RPG Maker VX Ace

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Skype Click to Call

Skype Launcher

Skype™ 6.3

Source SDK Base 2007

Steam

Swiff Player 1.7.2

Synaptics Pointing Device Driver

Team Fortress 2

The Walking Dead Survival Instinct © Activision version 1

The War Z version alpha

Tom Clancy's Splinter Cell

TortoiseSVN 1.7.8.23174 (64 bit)

Toshiba App Place

TOSHIBA Application Installer

TOSHIBA Assist

Toshiba Book Place

TOSHIBA Bulletin Board

TOSHIBA Disc Creator

TOSHIBA eco Utility

TOSHIBA Face Recognition

TOSHIBA Flash Cards Support Utility

TOSHIBA Hardware Setup

TOSHIBA HDD Protection

TOSHIBA HDD/SSD Alert

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA PC Health Monitor

TOSHIBA Quality Application

TOSHIBA Recovery Media Creator

TOSHIBA ReelTime

TOSHIBA Resolution+ Plug-in for Windows Media Player

TOSHIBA Service Station

TOSHIBA Sleep Utility

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA VIDEO PLAYER

TOSHIBA Web Camera Application

TOSHIBA Wireless LAN Indicator

TOSHIBARegistration

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update Installer for WildTangent Games App

Utility Common Driver

uTorrentControl_v2 Toolbar

Ventrilo Client for Windows x64

Vindictus

Virtual Villagers 5 - New Believers

VLC media player 2.0.4

Warframe

WildTangent Games App (Toshiba Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.11 (32-bit)

WinZip Registry Optimizer

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

4/9/2013 3:16:35 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

4/8/2013 8:31:11 AM, Error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).

4/13/2013 11:14:36 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

4/13/2013 11:14:36 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

Maniac · April 13, 2013

Step 1

Please uninstall the following applications

µTorrent

uTorrentControl_v2 Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Step 3

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 4

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

On completion of the scan click save log, save it to your desktop and post in your next reply

In your next reply, post the following log files:

Junkware Removal Tool log
Malwarebytes' Anti-Malware log
aswMBR log
a new fresh DDS log

RenshuYuu · April 14, 2013

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.8.3 (04.05.2013:1)

OS: Windows 7 Home Premium x64

Ran by Paul K. Ngo on Sat 04/13/2013 at 20:39:48.64

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Users\Paul K. Ngo\AppData\Roaming\mozilla\firefox\profiles\waxxv1p8.default\prefs.js

user_pref("CT3220468.BT_Stats", "{\"last_log\":1350577129,\"uuid\":230869502845805,\"seq_id\":2,\"ssb\":1350490378}");

user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get

user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");

user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\" Magick increased by 50% Intervention - 2 - 700 - Damage reduced by 15% from magick de\",\"EB_MAIN_FRAME_UR

user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");

user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");

user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");

user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2\"}");

user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");

Emptied folder: C:\Users\Paul K. Ngo\AppData\Roaming\mozilla\firefox\profiles\waxxv1p8.default\minidumps [156 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sat 04/13/2013 at 20:47:33.77

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RenshuYuu · April 14, 2013

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.04.13.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16540

Paul K. Ngo :: PAULKNGO-PC [administrator]

4/13/2013 8:34:46 PM

mbam-log-2013-04-13 (20-34-46).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 217372

Time elapsed: 2 minute(s), 55 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

RenshuYuu · April 14, 2013

Run date: 2013-04-13 20:14:23

-----------------------------

20:14:23.436 OS Version: Windows x64 6.1.7601 Service Pack 1

20:14:23.436 Number of processors: 8 586 0x2A07

20:14:23.452 ComputerName: PAULKNGO-PC UserName: Paul K. Ngo

20:14:29.271 Initialize success

20:14:44.013 AVAST engine defs: 13041301

20:16:12.839 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

20:16:12.839 Disk 0 Vendor: Hitachi_ JE4O Size: 715404MB BusType: 3

20:16:13.042 Disk 0 MBR read successfully

20:16:13.042 Disk 0 MBR scan

20:16:13.042 Disk 0 Windows VISTA default MBR code

20:16:13.058 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048

20:16:13.073 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 698469 MB offset 3074048

20:16:13.089 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 15434 MB offset 1433538560

20:16:13.339 Disk 0 scanning C:\windows\system32\drivers

20:16:27.254 Service scanning

20:17:01.402 Modules scanning

20:17:01.402 Disk 0 trace - called modules:

20:17:01.418 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys

20:17:01.434 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007bb3060]

20:17:01.434 3 CLASSPNP.SYS[fffff88001c6a43f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8007ade710]

20:17:03.072 AVAST engine scan C:\windows

20:17:09.140 AVAST engine scan C:\windows\system32

20:20:59.318 AVAST engine scan C:\windows\system32\drivers

20:21:16.104 AVAST engine scan C:\Users\Paul K. Ngo

20:27:02.752 AVAST engine scan C:\ProgramData

20:28:13.233 Scan finished successfully

20:32:03.599 Disk 0 MBR has been saved successfully to "C:\Users\Paul K. Ngo\Desktop\MBR.dat"

20:32:03.599 The log file has been saved successfully to "C:\Users\Paul K. Ngo\Desktop\aswMBR.txt"

RenshuYuu · April 14, 2013

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 5/1/2012 8:03:14 PM

System Uptime: 4/13/2013 8:08:52 PM (1 hours ago)

.

Motherboard: TOSHIBA | | PHRAA

Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU 1 | 2178/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 682 GiB total, 338.16 GiB free.