Jump to content

Infected or Corrupted?


Recommended Posts

Hi guys,

My laptop has been running very slowly recently and I suspect that I may be infected. Certain applications which have worked well in the past are giving me error messages and I experience long loading times and frequent freezes. My antivirus (I have Bit-defender) did not detect anything when I performed a full scan, but I noticed that it skipped a few thousand files for no reason that I can discern. I also got some static when I ran HJT - I got an error message that is included in the post. The findings of the other scans are attached.

I had to bring my laptop in for repairs once already so it is possible that there's a problem with my laptops hard drive.

I'd really appreciate any help you guys could give me.

Thanks a lot,

Trapezoid

Error message:

HJT.jpg

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 7839

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

01/10/2011 10:10:47 AM

mbam-log-2011-10-01 (10-10-44).txt

Scan type: Full scan (C:\|)

Objects scanned: 433548

Time elapsed: 47 minute(s), 13 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar (PUP.Zugo) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\program files (x86)\startnow toolbar\startnowtoolbaruninstall.exe (PUP.Zugo) -> No action taken.

c:\Users\Paul\documents\vuze downloads\diablo 2 full game with expansion\diablo 2 cd key generator.exe (RiskWare.Tool.CK) -> No action taken.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by Paul at 11:41:37 on 2011-10-03

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.2811.1360 [GMT -4:00]

.

AV: BitDefender Antivirus *Enabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: BitDefender AntiSpyware *Enabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\TODDSrv.exe

C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe

C:\windows\Explorer.EXE

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files (x86)\AIM\aim.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe

C:\windows\system32\taskeng.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe

C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files\BitDefender\BitDefender 2011\antispam32\bdimguiaux.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\windows\system32\SearchProtocolHost.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\windows\SysWOW64\rundll32.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\servicing\TrustedInstaller.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\windows\system32\wuauclt.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\Program Files\BitDefender\BitDefender 2011\downloader.exe

C:\windows\system32\conhost.exe

C:\Users\Paul\Downloads\Defogger.exe

C:\windows\system32\conhost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110614&user_guid=BD513784140E41AEB37CA7B4A38BADD9&machine_id=1c423fc903ebff39b67366a61f334c5e&browser=IE&os=win&os_version=6.1-x64-SP1

uWindow Title = Presented by TOSHIBA Leading Innovation >>>

uDefault_Page_URL = hxxp://www.toshiba.ca/welcome

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

BHO: Window Shopper: {74f475fa-6c75-43bd-aab9-ecda6184f600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll

uRun: [Google Update] "C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US

uRun: [eyeBeam SIP Client] "C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe"

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

uRun: [Facebook Update] "C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60

mRun: [TaskTray]

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"

StartupFolder: C:\Users\Paul\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

StartupFolder: C:\Users\Paul\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 24.200.243.189 24.200.241.37 24.201.245.77

TCP: Interfaces\{4A3162F5-E685-4F51-96A1-54D0D8C0297F} : DhcpNameServer = 24.200.243.189 24.200.241.37 24.201.245.77

TCP: Interfaces\{4A3162F5-E685-4F51-96A1-54D0D8C0297F}\071657C637E65647 : DhcpNameServer = 10.10.10.1

TCP: Interfaces\{4A3162F5-E685-4F51-96A1-54D0D8C0297F}\2454C4C4034343 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{4A3162F5-E685-4F51-96A1-54D0D8C0297F}\2454C4C4638323 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{4A3162F5-E685-4F51-96A1-54D0D8C0297F}\35B6972796D6 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{9615114E-811C-4824-8907-158EBD856F5D} : DhcpNameServer = 24.200.241.37 24.200.243.189 24.201.245.77

TCP: Interfaces\{C76DFCF9-990C-4E8F-8083-73F603D2A708} : DhcpNameServer = 10.10.100.85 10.10.100.86

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

BHO-X64: StartNowToolbarHelper - No File

BHO-X64: Window Shopper: {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll

BHO-X64: WindowShopper - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: BitDefender Toolbar: {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun-x64: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60

mRun-x64: [TaskTray]

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\gct5wclk.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110614&user_guid=BD513784140E41AEB37CA7B4A38BADD9&machine_id=1c423fc903ebff39b67366a61f334c5e&browser=FF&os=win&os_version=6.1-x64-SP1

FF - prefs.js: keyword.URL - hxxp://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110614&user_guid=BD513784140E41AEB37CA7B4A38BADD9&machine_id=1c423fc903ebff39b67366a61f334c5e&browser=FF&os=win&os_version=6.1-x64-SP1&q=

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Paul\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Paul\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Users\Paul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Paul\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Paul\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2011-10-2 99408]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?]

R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]

R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-10-1 366152]

R2 Toolbar Updater Service;Toolbar Updater Service;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-3-24 199904]

R2 Updatesrv;BitDefender Desktop Update Service;C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe [2011-10-2 53224]

R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atipmdag.sys --> C:\windows\system32\DRIVERS\atipmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys --> C:\windows\system32\DRIVERS\atikmpag.sys [?]

R3 BDFM;BDFM;C:\windows\system32\DRIVERS\bdfm.sys --> C:\windows\system32\DRIVERS\bdfm.sys [?]

R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]

R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2011-5-31 51512]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-5 135664]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-5 135664]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 Update Server;BitDefender Update Server v2;C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2011-10-2 467248]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S4 avc3;avc3;C:\windows\system32\DRIVERS\avc3.sys --> C:\windows\system32\DRIVERS\avc3.sys [?]

S4 avckf;avckf;C:\windows\system32\DRIVERS\avckf.sys --> C:\windows\system32\DRIVERS\avckf.sys [?]

.

=============== Created Last 30 ================

.

2011-10-03 04:20:00 -------- d-----w- C:\Users\Paul\AppData\Local\{BEBAC424-65C6-43E8-B4C2-805C1A9E27C0}

2011-10-03 02:03:29 431176 ----a-w- C:\windows\System32\drivers\bdfsfltr.sys

2011-10-02 16:19:00 -------- d-----w- C:\Users\Paul\AppData\Local\{3D291820-8646-4327-AF9B-535FF1E0BC58}

2011-10-02 16:18:45 -------- d-----w- C:\Users\Paul\AppData\Local\{AF139691-76DE-41A8-A617-65123098565D}

2011-10-02 00:49:53 -------- d-----w- C:\Users\Paul\AppData\Roaming\BitDefender

2011-10-02 00:49:38 -------- d-----w- C:\Program Files\BitDefender

2011-10-02 00:27:40 -------- d-----w- C:\Users\Paul\AppData\Roaming\QuickScan

2011-10-02 00:27:24 -------- d-----w- C:\Program Files\Common Files\BitDefender

2011-10-02 00:27:22 -------- d-----w- C:\ProgramData\BitDefender

2011-10-02 00:25:20 -------- d-----w- C:\Users\Paul\AppData\Local\{4082C682-A039-4F63-8906-6C63D56885D4}

2011-10-02 00:25:00 -------- d-----w- C:\Users\Paul\AppData\Local\{71E4BE6F-C02C-4B3D-95B0-5CDE43D6231C}

2011-10-01 06:14:49 -------- d-----w- C:\Users\Paul\AppData\Local\{8E7F5997-3909-49CE-9C69-885B1051CDD4}

2011-10-01 06:14:36 -------- d-----w- C:\Users\Paul\AppData\Local\{5E875591-817C-40B0-9DB5-41B52F6EE26C}

2011-10-01 06:10:34 -------- d-----w- C:\Users\Paul\AppData\Roaming\Malwarebytes

2011-10-01 06:10:28 -------- d-----w- C:\ProgramData\Malwarebytes

2011-10-01 06:10:24 25416 ----a-w- C:\windows\System32\drivers\mbam.sys

2011-10-01 06:10:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-09-30 18:15:52 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9415D6FD-28B9-4082-9C29-477ABE2D3333}\mpengine.dll

2011-09-30 18:14:05 -------- d-----w- C:\Users\Paul\AppData\Local\{F9B3BE04-F81F-440F-9396-FD29009558E7}

2011-09-30 18:13:49 -------- d-----w- C:\Users\Paul\AppData\Local\{FED81AD3-8A8C-45B3-A521-7D84DFDCF341}

2011-09-29 17:37:35 -------- d-----w- C:\Users\Paul\AppData\Local\{CFB0B775-D806-4FB7-80BA-6BFF6B64A373}

2011-09-29 17:37:20 -------- d-----w- C:\Users\Paul\AppData\Local\{581B7427-DA7F-47B0-9C50-7B8EF6508315}

2011-09-28 19:48:53 -------- d-----w- C:\Users\Paul\AppData\Roaming\MathWorks

2011-09-28 19:33:44 -------- d-----w- C:\Program Files\MATLAB

2011-09-28 17:05:07 -------- d-----w- C:\Users\Paul\AppData\Local\{63CBDEF0-0692-4220-8895-143A66FE338C}

2011-09-28 17:04:53 -------- d-----w- C:\Users\Paul\AppData\Local\{711E74F5-0EFA-4FF6-B2BD-86F6921FD89C}

2011-09-27 16:35:01 -------- d-----w- C:\Users\Paul\AppData\Local\{E9C3B7AC-B713-4DAF-89E9-43602F5C2729}

2011-09-27 16:34:50 -------- d-----w- C:\Users\Paul\AppData\Local\{ADA560DD-2F33-4A66-A6DA-1F2CD34DCF3D}

2011-09-27 04:34:24 -------- d-----w- C:\Users\Paul\AppData\Local\{29C61876-3971-4B31-B99F-750ECBFFAEF3}

2011-09-27 04:34:11 -------- d-----w- C:\Users\Paul\AppData\Local\{B57056BD-C491-44FC-9086-BAA023869E1E}

2011-09-26 16:33:40 -------- d-----w- C:\Users\Paul\AppData\Local\{C62CD130-5A5F-4417-B61E-CE956EB94666}

2011-09-26 16:33:24 -------- d-----w- C:\Users\Paul\AppData\Local\{51669B7E-096C-4428-BEC9-886BC608D5C9}

2011-09-26 02:55:33 -------- d-----w- C:\Users\Paul\AppData\Local\{51B26D9E-9863-464E-B35E-F82C1C4284B9}

2011-09-25 14:54:53 -------- d-----w- C:\Users\Paul\AppData\Local\{3319C68F-838A-43C9-A42B-242CAD7B66DF}

2011-09-24 18:10:06 -------- d-----w- C:\Users\Paul\AppData\Local\{F71EC4DC-D729-405F-A0E2-F2B2FE14AC97}

2011-09-24 18:09:54 -------- d-----w- C:\Users\Paul\AppData\Local\{9C3C44BE-3D6E-4F6C-B515-D1C894D6D38F}

2011-09-24 06:09:27 -------- d-----w- C:\Users\Paul\AppData\Local\{466196D9-7A81-4DB5-A567-420FC6B5E493}

2011-09-23 18:08:30 -------- d-----w- C:\Users\Paul\AppData\Local\{D24CC205-F38B-4CFB-8581-BB1251786AE6}

2011-09-23 18:08:17 -------- d-----w- C:\Users\Paul\AppData\Local\{84EE5FBC-EED5-4431-ABA1-133AD4098B49}

2011-09-23 04:35:14 -------- d-----w- C:\Users\Paul\AppData\Local\{02F26BF9-AC5E-47CF-B708-E23FBFD481B7}

2011-09-22 16:34:49 -------- d-----w- C:\Users\Paul\AppData\Local\{B742AF74-2FC7-4259-95B0-6F91678E8A23}

2011-09-22 16:34:39 -------- d-----w- C:\Users\Paul\AppData\Local\{229C0465-0DF4-417E-BE0F-7BE03496C26A}

2011-09-22 04:34:13 -------- d-----w- C:\Users\Paul\AppData\Local\{E217F36A-CC59-426B-B2D6-2AF453C446A1}

2011-09-21 16:33:47 -------- d-----w- C:\Users\Paul\AppData\Local\{604781D6-0927-4A1F-9481-A76AB55C7531}

2011-09-21 16:33:36 -------- d-----w- C:\Users\Paul\AppData\Local\{C0108070-B091-4D9D-9965-19B1D0BCEE04}

2011-09-21 04:33:09 -------- d-----w- C:\Users\Paul\AppData\Local\{EA0C5F7C-71E0-4B57-ABE5-4A41CF113D84}

2011-09-20 16:32:43 -------- d-----w- C:\Users\Paul\AppData\Local\{FE3AEEE7-7C72-43EF-826D-56FA4A1C7794}

2011-09-20 16:32:32 -------- d-----w- C:\Users\Paul\AppData\Local\{0B486A05-0116-4EBC-83F7-FC37146DDAD8}

2011-09-20 04:32:05 -------- d-----w- C:\Users\Paul\AppData\Local\{816A09A0-9433-446F-B03E-E6C2E9D35A5E}

2011-09-19 16:31:36 -------- d-----w- C:\Users\Paul\AppData\Local\{B833F7DE-143A-4FF2-A570-021436355EA4}

2011-09-19 16:31:23 -------- d-----w- C:\Users\Paul\AppData\Local\{B63903EE-47F1-4B1B-96D5-31DE7A6FEC18}

2011-09-17 16:43:18 -------- d-----w- C:\Users\Paul\AppData\Local\{6F197313-03F2-4EBC-8909-11E402538BDD}

2011-09-17 16:43:06 -------- d-----w- C:\Users\Paul\AppData\Local\{525CD53C-0876-45C4-A396-B7982F10F656}

2011-09-17 04:42:40 -------- d-----w- C:\Users\Paul\AppData\Local\{71A41D2A-D0F7-457E-862D-F16654E4A417}

2011-09-16 16:42:11 -------- d-----w- C:\Users\Paul\AppData\Local\{54C50B45-E936-4583-BBC9-FC617B835194}

2011-09-16 16:41:58 -------- d-----w- C:\Users\Paul\AppData\Local\{0DE5DB09-DC7E-42A1-B28E-31CAE1F3B3CD}

2011-09-15 18:32:02 -------- d-----w- C:\Users\Paul\AppData\Local\{39F459BD-CE5A-48A2-8D7F-D15DABDCF535}

2011-09-15 18:31:49 -------- d-----w- C:\Users\Paul\AppData\Local\{929882EB-81D1-48FD-8C46-3B1353B37505}

2011-09-15 04:39:57 -------- d-----w- C:\Users\Paul\AppData\Local\{1B002576-A426-4FC6-8076-E615500B8688}

2011-09-15 04:39:45 -------- d-----w- C:\Users\Paul\AppData\Local\{A1D0E88B-2C7B-4785-AC17-9EBF02B918A6}

2011-09-14 16:39:19 -------- d-----w- C:\Users\Paul\AppData\Local\{F26F51C2-C45E-43E5-94A3-ECB2C398608E}

2011-09-14 16:39:06 -------- d-----w- C:\Users\Paul\AppData\Local\{CD96985C-485D-4513-8950-56E5AD88A4A2}

2011-09-14 04:38:40 -------- d-----w- C:\Users\Paul\AppData\Local\{EB9812B6-08F2-4E77-84AF-612897DFF238}

2011-09-14 04:38:28 -------- d-----w- C:\Users\Paul\AppData\Local\{FC47910D-832F-4709-B188-C63226C92B13}

2011-09-13 16:38:01 -------- d-----w- C:\Users\Paul\AppData\Local\{AC09D0E7-25B8-4C92-A5B6-80353D554E69}

2011-09-13 16:37:49 -------- d-----w- C:\Users\Paul\AppData\Local\{55E7EC29-EDAF-481E-A804-FE63E59186E1}

2011-09-13 04:37:22 -------- d-----w- C:\Users\Paul\AppData\Local\{06976FA4-9374-4281-AF57-60B4CB647DB1}

2011-09-12 16:36:55 -------- d-----w- C:\Users\Paul\AppData\Local\{E9971BB1-1C85-4E5B-9B93-0A4DF9263656}

2011-09-12 16:36:45 -------- d-----w- C:\Users\Paul\AppData\Local\{F195F8FD-6EC4-43AB-B5AD-C86D708848F5}

2011-09-12 02:46:02 -------- d-----w- C:\Users\Paul\AppData\Local\{E85BDF69-1299-4FE2-8589-76AA806AFDF4}

2011-09-11 14:45:37 -------- d-----w- C:\Users\Paul\AppData\Local\{96F3E54B-7177-4531-8CD5-D9804F02BBFD}

2011-09-11 02:40:37 -------- d-----w- C:\Users\Paul\AppData\Local\{2DE4ED54-98FF-40CA-BBC4-1A3F0F8DE7CF}

2011-09-10 14:40:07 -------- d-----w- C:\Users\Paul\AppData\Local\{9E4CF676-B2CA-4CA7-B7C7-41620988AB01}

2011-09-10 14:39:53 -------- d-----w- C:\Users\Paul\AppData\Local\{79D39713-0004-4B5E-86A7-5C411DDF621C}

2011-09-10 02:32:47 -------- d-----w- C:\Users\Paul\AppData\Local\{619077F6-292A-46F3-BB18-228B11F85F55}

2011-09-09 14:32:19 -------- d-----w- C:\Users\Paul\AppData\Local\{C313DF53-FF55-4CD5-AF16-B303646EF9C6}

2011-09-09 14:32:04 -------- d-----w- C:\Users\Paul\AppData\Local\{DC6E6633-B976-4E8D-8A5A-079457E954C7}

2011-09-08 21:36:03 -------- d-----w- C:\Users\Paul\AppData\Local\{9B22BF34-4D99-4814-9281-60726F5E5CB4}

2011-09-08 21:35:49 -------- d-----w- C:\Users\Paul\AppData\Local\{697D0FC0-DC03-487A-888F-AA9F78459A35}

2011-09-08 05:11:45 -------- d-----w- C:\Users\Paul\AppData\Local\{9768C59E-3C09-44BE-B454-D52A7773DCF7}

2011-09-07 17:11:19 -------- d-----w- C:\Users\Paul\AppData\Local\{C5F91FEA-EC11-4572-84C0-5C628D524608}

2011-09-07 04:18:41 -------- d-----w- C:\Users\Paul\AppData\Local\{DA69D7C6-C19A-4784-9788-26A89FC70B31}

2011-09-06 16:18:13 -------- d-----w- C:\Users\Paul\AppData\Local\{BB9FCE66-BBB8-4AB6-8B6A-7BB656059CCD}

2011-09-06 16:18:02 -------- d-----w- C:\Users\Paul\AppData\Local\{990125CE-06AC-4730-95CD-E81AA2B1F276}

2011-09-06 02:02:28 -------- d-----w- C:\Users\Paul\AppData\Local\{9451FBD9-E5D7-4835-AC15-0F4CED7A3413}

2011-09-05 14:01:59 -------- d-----w- C:\Users\Paul\AppData\Local\{616C4B13-4DE7-44B2-A655-968E0962D39E}

2011-09-05 14:01:47 -------- d-----w- C:\Users\Paul\AppData\Local\{1AD92C7D-E7CF-4F4B-9463-72D7846F9903}

2011-09-05 00:35:14 -------- d-----w- C:\Users\Paul\AppData\Local\{D627792C-E102-4C95-ACE2-60D1BFC40078}

2011-09-04 12:34:48 -------- d-----w- C:\Users\Paul\AppData\Local\{C5E2B21D-E1EA-484F-8C65-4A8B5959EA71}

2011-09-03 16:57:35 -------- d-----w- C:\Users\Paul\AppData\Local\{113F1BC8-2464-4013-AF3D-D48A5FE9CD6B}

2011-09-03 16:57:22 -------- d-----w- C:\Users\Paul\AppData\Local\{09913706-BC6A-4F3E-A15B-5C9BEAA2FEFB}

.

==================== Find3M ====================

.

2011-09-27 16:06:08 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-07-22 05:42:23 2303488 ----a-w- C:\windows\System32\jscript9.dll

2011-07-22 05:36:16 1389056 ----a-w- C:\windows\System32\wininet.dll

2011-07-22 05:32:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2011-07-22 02:54:43 1797632 ----a-w- C:\windows\SysWow64\jscript9.dll

2011-07-22 02:48:26 1126912 ----a-w- C:\windows\SysWow64\wininet.dll

2011-07-22 02:44:36 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2011-07-18 13:58:05 72080 ----a-w- C:\Users\Paul\g2mdlhlpx.exe

2011-07-16 05:41:50 362496 ----a-w- C:\windows\System32\wow64win.dll

2011-07-16 05:41:49 243200 ----a-w- C:\windows\System32\wow64.dll

2011-07-16 05:41:49 13312 ----a-w- C:\windows\System32\wow64cpu.dll

2011-07-16 05:39:10 16384 ----a-w- C:\windows\System32\ntvdm64.dll

2011-07-16 05:37:12 421888 ----a-w- C:\windows\System32\KernelBase.dll

2011-07-16 04:29:19 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll

2011-07-16 04:26:00 44032 ----a-w- C:\windows\apppatch\acwow64.dll

2011-07-16 04:25:37 25600 ----a-w- C:\windows\SysWow64\setup16.exe

2011-07-16 04:24:23 5120 ----a-w- C:\windows\SysWow64\wow32.dll

2011-07-16 04:24:22 272384 ----a-w- C:\windows\SysWow64\KernelBase.dll

2011-07-16 02:21:44 7680 ----a-w- C:\windows\SysWow64\instnm.exe

2011-07-16 02:21:41 2048 ----a-w- C:\windows\SysWow64\user.exe

2011-07-16 02:17:19 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-07-16 02:17:19 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2011-07-16 02:17:19 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2011-07-16 02:17:19 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2011-07-09 05:26:20 2048 ----a-w- C:\windows\System32\tzres.dll

2011-07-09 04:29:46 2048 ----a-w- C:\windows\SysWow64\tzres.dll

2011-07-09 02:46:28 288768 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys

2011-07-05 21:28:12 525544 ----a-w- C:\windows\System32\deployJava1.dll

2010-03-29 22:40:20 100256 ----a-w- C:\Program Files\Common Files\LinkInstaller.exe

.

============= FINISH: 11:45:28.84 ===============

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 1:07:20 PM, on 03/10/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\AIM\aim.exe

C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe

C:\Program Files\BitDefender\BitDefender 2011\antispam32\bdimguiaux.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\windows\SysWOW64\rundll32.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Paul\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Paul\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Paul\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.ca/welcome

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110614&user_guid=BD513784140E41AEB37CA7B4A38BADD9&machine_id=1c423fc903ebff39b67366a61f334c5e&browser=IE&os=win&os_version=6.1-x64-SP1

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Presented by TOSHIBA Leading Innovation >>>

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: StartNowToolbarHelper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

O2 - BHO: WindowShopper - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US

O4 - HKCU\..\Run: [eyeBeam SIP Client] "C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

O9 - Extra button: Window Shopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)

O23 - Service: Toolbar Updater Service - Unknown owner - C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe

O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 14481 bytes

attach.zip

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please see:

HijackThis Forum Policy

We will not be party to obvious use of key gens, cracks, warez or other illegal means of downloading software, music, videos ect. This means no P2P evidence will be supported. Logs that show these in them, will given the option to remove the P2P items. Keygens, cracks, warez and similar will have the thread closed period. It's theft and against the law.

It's likely why your issue began in the first place.

This goes for Vuze and anything else you may have installed.

Link to post
Share on other sites

Hi,

I'm really sorry about that. I have unintalled Vuze from my laptop and have rescanned my computer. I hope that sets everything right.

Trapezoid

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 7859

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

06/10/2011 3:30:50 PM

mbam-log-2011-10-06 (15-30-50).txt

Scan type: Quick scan

Objects scanned: 180219

Time elapsed: 6 minute(s), 22 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by Paul at 15:32:42 on 2011-10-06

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.2811.1584 [GMT -4:00]

.

AV: BitDefender Antivirus *Enabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: BitDefender AntiSpyware *Enabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}

FW: BitDefender Firewall *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\windows\system32\taskhost.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe

C:\windows\system32\TODDSrv.exe

C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files (x86)\AIM\aim.exe

C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\BitDefender\BitDefender 2011\antispam32\bdimguiaux.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\system32\taskeng.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\windows\system32\wuauclt.exe

C:\Program Files\BitDefender\BitDefender 2011\downloader.exe

C:\windows\system32\conhost.exe

C:\windows\system32\taskeng.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110614&user_guid=BD513784140E41AEB37CA7B4A38BADD9&machine_id=1c423fc903ebff39b67366a61f334c5e&browser=IE&os=win&os_version=6.1-x64-SP1

uWindow Title = Presented by TOSHIBA Leading Innovation >>>

uDefault_Page_URL = hxxp://www.toshiba.ca/welcome

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSCA&bmod=TSCA

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

BHO: Window Shopper: {74f475fa-6c75-43bd-aab9-ecda6184f600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll

uRun: [Google Update] "C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US

uRun: [eyeBeam SIP Client] "C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe"

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

uRun: [Facebook Update] "C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60

mRun: [TaskTray]

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"

StartupFolder: C:\Users\Paul\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

StartupFolder: C:\Users\Paul\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 132.206.85.18 132.206.85.19 132.206.85.36 132.206.44.21 132.206.25.21

TCP: Interfaces\{4A3162F5-E685-4F51-96A1-54D0D8C0297F} : DhcpNameServer = 132.206.85.18 132.206.85.19 132.206.85.36 132.206.44.21 132.206.25.21

TCP: Interfaces\{4A3162F5-E685-4F51-96A1-54D0D8C0297F}\071657C637E65647 : DhcpNameServer = 10.10.10.1

TCP: Interfaces\{4A3162F5-E685-4F51-96A1-54D0D8C0297F}\16964616E637E65647 : DhcpNameServer = 24.200.243.189 24.200.241.37 24.201.245.77

TCP: Interfaces\{4A3162F5-E685-4F51-96A1-54D0D8C0297F}\2454C4C4034343 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{4A3162F5-E685-4F51-96A1-54D0D8C0297F}\2454C4C4638323 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{4A3162F5-E685-4F51-96A1-54D0D8C0297F}\35B6972796D6 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{9615114E-811C-4824-8907-158EBD856F5D} : DhcpNameServer = 24.200.241.37 24.200.243.189 24.201.245.77

TCP: Interfaces\{C76DFCF9-990C-4E8F-8083-73F603D2A708} : DhcpNameServer = 10.10.100.85 10.10.100.86

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

BHO-X64: StartNowToolbarHelper - No File

BHO-X64: Window Shopper: {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll

BHO-X64: WindowShopper - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: BitDefender Toolbar: {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun-x64: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60

mRun-x64: [TaskTray]

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\gct5wclk.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110614&user_guid=BD513784140E41AEB37CA7B4A38BADD9&machine_id=1c423fc903ebff39b67366a61f334c5e&browser=FF&os=win&os_version=6.1-x64-SP1

FF - prefs.js: keyword.URL - hxxp://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110614&user_guid=BD513784140E41AEB37CA7B4A38BADD9&machine_id=1c423fc903ebff39b67366a61f334c5e&browser=FF&os=win&os_version=6.1-x64-SP1&q=

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Paul\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Paul\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Users\Paul\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Paul\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Paul\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2011-10-2 99408]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?]

R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]

R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2009-3-10 46448]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-10-1 366152]

R2 Toolbar Updater Service;Toolbar Updater Service;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-3-24 199904]

R2 Updatesrv;BitDefender Desktop Update Service;C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe [2011-10-2 53224]

R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atipmdag.sys --> C:\windows\system32\DRIVERS\atipmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys --> C:\windows\system32\DRIVERS\atikmpag.sys [?]

R3 BDFM;BDFM;C:\windows\system32\DRIVERS\bdfm.sys --> C:\windows\system32\DRIVERS\bdfm.sys [?]

R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]

R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2011-5-31 51512]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-5 135664]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-5 135664]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 Update Server;BitDefender Update Server v2;C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2011-10-2 467248]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S4 avc3;avc3;C:\windows\system32\DRIVERS\avc3.sys --> C:\windows\system32\DRIVERS\avc3.sys [?]

S4 avckf;avckf;C:\windows\system32\DRIVERS\avckf.sys --> C:\windows\system32\DRIVERS\avckf.sys [?]

.

=============== Created Last 30 ================

.

2011-10-06 16:39:26 -------- d-----w- C:\Users\Paul\AppData\Local\{83D9ED60-92AA-4A09-988E-17FB9CE115B0}

2011-10-06 16:39:08 -------- d-----w- C:\Users\Paul\AppData\Local\{24C49E4C-57C7-49B8-8A4E-F8CD8412BF39}

2011-10-05 19:23:19 -------- d-----w- C:\Users\Paul\AppData\Local\{489E0E8B-6B93-4CCD-81EF-837F6E465653}

2011-10-05 19:23:07 -------- d-----w- C:\Users\Paul\AppData\Local\{7D802E96-76FB-4D92-A0E1-5F4F4C33D67B}

2011-10-05 07:21:24 -------- d-----w- C:\Users\Paul\AppData\Local\{174809DD-5C3E-4BD6-9D1B-990FCCFB921A}

2011-10-05 07:21:11 -------- d-----w- C:\Users\Paul\AppData\Local\{5F598692-C945-48E8-9E3C-6E332DA5E420}

2011-10-04 17:59:52 -------- d-----w- C:\ProgramData\bdch

2011-10-04 16:32:39 -------- d-----w- C:\Users\Paul\AppData\Local\{660CA662-1306-4A64-B4FA-0FAC29702CE9}

2011-10-04 16:32:21 -------- d-----w- C:\Users\Paul\AppData\Local\{15A53D2F-8F4A-43FC-B9FA-E5762128B4EB}

2011-10-04 04:21:25 -------- d-----w- C:\Users\Paul\AppData\Local\{83EA2277-C440-44CB-B489-2DA65655DADF}

2011-10-04 04:21:12 -------- d-----w- C:\Users\Paul\AppData\Local\{33D90A65-34D4-43AE-BC8A-C5ADF7388162}

2011-10-03 16:20:42 -------- d-----w- C:\Users\Paul\AppData\Local\{54ED3B5D-0FA9-47ED-B23F-1A41CDD26E23}

2011-10-03 16:20:28 -------- d-----w- C:\Users\Paul\AppData\Local\{00720CA9-1FDF-403F-8380-E0B3D1B15440}

2011-10-03 04:20:00 -------- d-----w- C:\Users\Paul\AppData\Local\{BEBAC424-65C6-43E8-B4C2-805C1A9E27C0}

2011-10-03 02:03:29 431176 ----a-w- C:\windows\System32\drivers\bdfsfltr.sys

2011-10-02 16:19:00 -------- d-----w- C:\Users\Paul\AppData\Local\{3D291820-8646-4327-AF9B-535FF1E0BC58}

2011-10-02 16:18:45 -------- d-----w- C:\Users\Paul\AppData\Local\{AF139691-76DE-41A8-A617-65123098565D}

2011-10-02 00:49:53 -------- d-----w- C:\Users\Paul\AppData\Roaming\BitDefender

2011-10-02 00:49:38 -------- d-----w- C:\Program Files\BitDefender

2011-10-02 00:27:40 -------- d-----w- C:\Users\Paul\AppData\Roaming\QuickScan

2011-10-02 00:27:24 -------- d-----w- C:\Program Files\Common Files\BitDefender

2011-10-02 00:27:22 -------- d-----w- C:\ProgramData\BitDefender

2011-10-02 00:25:20 -------- d-----w- C:\Users\Paul\AppData\Local\{4082C682-A039-4F63-8906-6C63D56885D4}

2011-10-02 00:25:00 -------- d-----w- C:\Users\Paul\AppData\Local\{71E4BE6F-C02C-4B3D-95B0-5CDE43D6231C}

2011-10-01 06:14:49 -------- d-----w- C:\Users\Paul\AppData\Local\{8E7F5997-3909-49CE-9C69-885B1051CDD4}

2011-10-01 06:14:36 -------- d-----w- C:\Users\Paul\AppData\Local\{5E875591-817C-40B0-9DB5-41B52F6EE26C}

2011-10-01 06:10:34 -------- d-----w- C:\Users\Paul\AppData\Roaming\Malwarebytes

2011-10-01 06:10:28 -------- d-----w- C:\ProgramData\Malwarebytes

2011-10-01 06:10:24 25416 ----a-w- C:\windows\System32\drivers\mbam.sys

2011-10-01 06:10:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-09-30 18:15:52 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9415D6FD-28B9-4082-9C29-477ABE2D3333}\mpengine.dll

2011-09-30 18:14:05 -------- d-----w- C:\Users\Paul\AppData\Local\{F9B3BE04-F81F-440F-9396-FD29009558E7}

2011-09-30 18:13:49 -------- d-----w- C:\Users\Paul\AppData\Local\{FED81AD3-8A8C-45B3-A521-7D84DFDCF341}

2011-09-29 17:37:35 -------- d-----w- C:\Users\Paul\AppData\Local\{CFB0B775-D806-4FB7-80BA-6BFF6B64A373}

2011-09-29 17:37:20 -------- d-----w- C:\Users\Paul\AppData\Local\{581B7427-DA7F-47B0-9C50-7B8EF6508315}

2011-09-28 19:48:53 -------- d-----w- C:\Users\Paul\AppData\Roaming\MathWorks

2011-09-28 19:33:44 -------- d-----w- C:\Program Files\MATLAB

2011-09-28 17:05:07 -------- d-----w- C:\Users\Paul\AppData\Local\{63CBDEF0-0692-4220-8895-143A66FE338C}

2011-09-28 17:04:53 -------- d-----w- C:\Users\Paul\AppData\Local\{711E74F5-0EFA-4FF6-B2BD-86F6921FD89C}

2011-09-27 16:35:01 -------- d-----w- C:\Users\Paul\AppData\Local\{E9C3B7AC-B713-4DAF-89E9-43602F5C2729}

2011-09-27 16:34:50 -------- d-----w- C:\Users\Paul\AppData\Local\{ADA560DD-2F33-4A66-A6DA-1F2CD34DCF3D}

2011-09-27 04:34:24 -------- d-----w- C:\Users\Paul\AppData\Local\{29C61876-3971-4B31-B99F-750ECBFFAEF3}

2011-09-27 04:34:11 -------- d-----w- C:\Users\Paul\AppData\Local\{B57056BD-C491-44FC-9086-BAA023869E1E}

2011-09-26 16:33:40 -------- d-----w- C:\Users\Paul\AppData\Local\{C62CD130-5A5F-4417-B61E-CE956EB94666}

2011-09-26 16:33:24 -------- d-----w- C:\Users\Paul\AppData\Local\{51669B7E-096C-4428-BEC9-886BC608D5C9}

2011-09-26 02:55:33 -------- d-----w- C:\Users\Paul\AppData\Local\{51B26D9E-9863-464E-B35E-F82C1C4284B9}

2011-09-25 14:54:53 -------- d-----w- C:\Users\Paul\AppData\Local\{3319C68F-838A-43C9-A42B-242CAD7B66DF}

2011-09-24 18:10:06 -------- d-----w- C:\Users\Paul\AppData\Local\{F71EC4DC-D729-405F-A0E2-F2B2FE14AC97}

2011-09-24 18:09:54 -------- d-----w- C:\Users\Paul\AppData\Local\{9C3C44BE-3D6E-4F6C-B515-D1C894D6D38F}

2011-09-24 06:09:27 -------- d-----w- C:\Users\Paul\AppData\Local\{466196D9-7A81-4DB5-A567-420FC6B5E493}

2011-09-23 18:08:30 -------- d-----w- C:\Users\Paul\AppData\Local\{D24CC205-F38B-4CFB-8581-BB1251786AE6}

2011-09-23 18:08:17 -------- d-----w- C:\Users\Paul\AppData\Local\{84EE5FBC-EED5-4431-ABA1-133AD4098B49}

2011-09-23 04:35:14 -------- d-----w- C:\Users\Paul\AppData\Local\{02F26BF9-AC5E-47CF-B708-E23FBFD481B7}

2011-09-22 16:34:49 -------- d-----w- C:\Users\Paul\AppData\Local\{B742AF74-2FC7-4259-95B0-6F91678E8A23}

2011-09-22 16:34:39 -------- d-----w- C:\Users\Paul\AppData\Local\{229C0465-0DF4-417E-BE0F-7BE03496C26A}

2011-09-22 04:34:13 -------- d-----w- C:\Users\Paul\AppData\Local\{E217F36A-CC59-426B-B2D6-2AF453C446A1}

2011-09-21 16:33:47 -------- d-----w- C:\Users\Paul\AppData\Local\{604781D6-0927-4A1F-9481-A76AB55C7531}

2011-09-21 16:33:36 -------- d-----w- C:\Users\Paul\AppData\Local\{C0108070-B091-4D9D-9965-19B1D0BCEE04}

2011-09-21 04:33:09 -------- d-----w- C:\Users\Paul\AppData\Local\{EA0C5F7C-71E0-4B57-ABE5-4A41CF113D84}

2011-09-20 16:32:43 -------- d-----w- C:\Users\Paul\AppData\Local\{FE3AEEE7-7C72-43EF-826D-56FA4A1C7794}

2011-09-20 16:32:32 -------- d-----w- C:\Users\Paul\AppData\Local\{0B486A05-0116-4EBC-83F7-FC37146DDAD8}

2011-09-20 04:32:05 -------- d-----w- C:\Users\Paul\AppData\Local\{816A09A0-9433-446F-B03E-E6C2E9D35A5E}

2011-09-19 16:31:36 -------- d-----w- C:\Users\Paul\AppData\Local\{B833F7DE-143A-4FF2-A570-021436355EA4}

2011-09-19 16:31:23 -------- d-----w- C:\Users\Paul\AppData\Local\{B63903EE-47F1-4B1B-96D5-31DE7A6FEC18}

2011-09-17 16:43:18 -------- d-----w- C:\Users\Paul\AppData\Local\{6F197313-03F2-4EBC-8909-11E402538BDD}

2011-09-17 16:43:06 -------- d-----w- C:\Users\Paul\AppData\Local\{525CD53C-0876-45C4-A396-B7982F10F656}

2011-09-17 04:42:40 -------- d-----w- C:\Users\Paul\AppData\Local\{71A41D2A-D0F7-457E-862D-F16654E4A417}

2011-09-16 16:42:11 -------- d-----w- C:\Users\Paul\AppData\Local\{54C50B45-E936-4583-BBC9-FC617B835194}

2011-09-16 16:41:58 -------- d-----w- C:\Users\Paul\AppData\Local\{0DE5DB09-DC7E-42A1-B28E-31CAE1F3B3CD}

2011-09-15 18:32:02 -------- d-----w- C:\Users\Paul\AppData\Local\{39F459BD-CE5A-48A2-8D7F-D15DABDCF535}

2011-09-15 18:31:49 -------- d-----w- C:\Users\Paul\AppData\Local\{929882EB-81D1-48FD-8C46-3B1353B37505}

2011-09-15 04:39:57 -------- d-----w- C:\Users\Paul\AppData\Local\{1B002576-A426-4FC6-8076-E615500B8688}

2011-09-15 04:39:45 -------- d-----w- C:\Users\Paul\AppData\Local\{A1D0E88B-2C7B-4785-AC17-9EBF02B918A6}

2011-09-14 16:39:19 -------- d-----w- C:\Users\Paul\AppData\Local\{F26F51C2-C45E-43E5-94A3-ECB2C398608E}

2011-09-14 16:39:06 -------- d-----w- C:\Users\Paul\AppData\Local\{CD96985C-485D-4513-8950-56E5AD88A4A2}

2011-09-14 04:38:40 -------- d-----w- C:\Users\Paul\AppData\Local\{EB9812B6-08F2-4E77-84AF-612897DFF238}

2011-09-14 04:38:28 -------- d-----w- C:\Users\Paul\AppData\Local\{FC47910D-832F-4709-B188-C63226C92B13}

2011-09-13 16:38:01 -------- d-----w- C:\Users\Paul\AppData\Local\{AC09D0E7-25B8-4C92-A5B6-80353D554E69}

2011-09-13 16:37:49 -------- d-----w- C:\Users\Paul\AppData\Local\{55E7EC29-EDAF-481E-A804-FE63E59186E1}

2011-09-13 04:37:22 -------- d-----w- C:\Users\Paul\AppData\Local\{06976FA4-9374-4281-AF57-60B4CB647DB1}

2011-09-12 16:36:55 -------- d-----w- C:\Users\Paul\AppData\Local\{E9971BB1-1C85-4E5B-9B93-0A4DF9263656}

2011-09-12 16:36:45 -------- d-----w- C:\Users\Paul\AppData\Local\{F195F8FD-6EC4-43AB-B5AD-C86D708848F5}

2011-09-12 02:46:02 -------- d-----w- C:\Users\Paul\AppData\Local\{E85BDF69-1299-4FE2-8589-76AA806AFDF4}

2011-09-11 14:45:37 -------- d-----w- C:\Users\Paul\AppData\Local\{96F3E54B-7177-4531-8CD5-D9804F02BBFD}

2011-09-11 02:40:37 -------- d-----w- C:\Users\Paul\AppData\Local\{2DE4ED54-98FF-40CA-BBC4-1A3F0F8DE7CF}

2011-09-10 14:40:07 -------- d-----w- C:\Users\Paul\AppData\Local\{9E4CF676-B2CA-4CA7-B7C7-41620988AB01}

2011-09-10 14:39:53 -------- d-----w- C:\Users\Paul\AppData\Local\{79D39713-0004-4B5E-86A7-5C411DDF621C}

2011-09-10 02:32:47 -------- d-----w- C:\Users\Paul\AppData\Local\{619077F6-292A-46F3-BB18-228B11F85F55}

2011-09-09 14:32:19 -------- d-----w- C:\Users\Paul\AppData\Local\{C313DF53-FF55-4CD5-AF16-B303646EF9C6}

2011-09-09 14:32:04 -------- d-----w- C:\Users\Paul\AppData\Local\{DC6E6633-B976-4E8D-8A5A-079457E954C7}

2011-09-08 21:36:03 -------- d-----w- C:\Users\Paul\AppData\Local\{9B22BF34-4D99-4814-9281-60726F5E5CB4}

2011-09-08 21:35:49 -------- d-----w- C:\Users\Paul\AppData\Local\{697D0FC0-DC03-487A-888F-AA9F78459A35}

2011-09-08 05:11:45 -------- d-----w- C:\Users\Paul\AppData\Local\{9768C59E-3C09-44BE-B454-D52A7773DCF7}

2011-09-07 17:11:19 -------- d-----w- C:\Users\Paul\AppData\Local\{C5F91FEA-EC11-4572-84C0-5C628D524608}

2011-09-07 04:18:41 -------- d-----w- C:\Users\Paul\AppData\Local\{DA69D7C6-C19A-4784-9788-26A89FC70B31}

.

==================== Find3M ====================

.

2011-09-27 16:06:08 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-07-22 05:42:23 2303488 ----a-w- C:\windows\System32\jscript9.dll

2011-07-22 05:36:16 1389056 ----a-w- C:\windows\System32\wininet.dll

2011-07-22 05:32:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2011-07-22 02:54:43 1797632 ----a-w- C:\windows\SysWow64\jscript9.dll

2011-07-22 02:48:26 1126912 ----a-w- C:\windows\SysWow64\wininet.dll

2011-07-22 02:44:36 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2011-07-18 13:58:05 72080 ----a-w- C:\Users\Paul\g2mdlhlpx.exe

2011-07-16 05:41:50 362496 ----a-w- C:\windows\System32\wow64win.dll

2011-07-16 05:41:49 243200 ----a-w- C:\windows\System32\wow64.dll

2011-07-16 05:41:49 13312 ----a-w- C:\windows\System32\wow64cpu.dll

2011-07-16 05:39:10 16384 ----a-w- C:\windows\System32\ntvdm64.dll

2011-07-16 05:37:12 421888 ----a-w- C:\windows\System32\KernelBase.dll

2011-07-16 04:29:19 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll

2011-07-16 04:26:00 44032 ----a-w- C:\windows\apppatch\acwow64.dll

2011-07-16 04:25:37 25600 ----a-w- C:\windows\SysWow64\setup16.exe

2011-07-16 04:24:23 5120 ----a-w- C:\windows\SysWow64\wow32.dll

2011-07-16 04:24:22 272384 ----a-w- C:\windows\SysWow64\KernelBase.dll

2011-07-16 02:21:44 7680 ----a-w- C:\windows\SysWow64\instnm.exe

2011-07-16 02:21:41 2048 ----a-w- C:\windows\SysWow64\user.exe

2011-07-16 02:17:19 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-07-16 02:17:19 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2011-07-16 02:17:19 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2011-07-16 02:17:19 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2011-07-09 05:26:20 2048 ----a-w- C:\windows\System32\tzres.dll

2011-07-09 04:29:46 2048 ----a-w- C:\windows\SysWow64\tzres.dll

2011-07-09 02:46:28 288768 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys

2010-03-29 22:40:20 100256 ----a-w- C:\Program Files\Common Files\LinkInstaller.exe

.

============= FINISH: 15:36:13.25 ===============

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 3:38:19 PM, on 06/10/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\AIM\aim.exe

C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\BitDefender\BitDefender 2011\antispam32\bdimguiaux.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Users\Paul\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.ca/welcome

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z057&partner_id=333&product_id=519&affiliate_id=&channel=DPGL15&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110614&user_guid=BD513784140E41AEB37CA7B4A38BADD9&machine_id=1c423fc903ebff39b67366a61f334c5e&browser=IE&os=win&os_version=6.1-x64-SP1

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Presented by TOSHIBA Leading Innovation >>>

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: StartNowToolbarHelper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

O2 - BHO: WindowShopper - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US

O4 - HKCU\..\Run: [eyeBeam SIP Client] "C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Paul\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

O9 - Extra button: Window Shopper - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files (x86)\Superfish\Window Shopper\SuperfishIEAddon.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)

O23 - Service: Toolbar Updater Service - Unknown owner - C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe

O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13647 bytes

Attach.zip

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.