1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Malware? - Toshiba 135 Windows 7

Discussion in 'Virus & Other Malware Removal' started by dlannon, Jan 15, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. dlannon

    dlannon Thread Starter

    Joined:
    Jan 15, 2011
    Messages:
    1
    Hi. New to site. Not a novice, but definitely not an expert. (Can follow basic directions)
    Toshiba 135 (Windows 7) wouldn’t boot yesterday. Had to keep starting in safe mode. Typed “Toshiba Support” into Google and got an 800#, whereby they answered and asked for remote access in order to diagnose, which I stupidly gave them. Call center person was very concerned, diagnosing extremely vicious malware in my registry. She offered to fix it for $300. I declined, figuring that I was probably getting scammed, as when I thought about it, she didn’t ask anything about the computer itself. When I said I would think about her offer, she said she would call me back later on! I disconnected her remote access from my comp, but now think she may have installed some (additional?) malware without me knowing it, as she said several times that her diagnosis would take a few minutes and that I should “go have a cup of coffee”.

    Anyway, now that I feel like a complete chump, I’d like to know if I have any malware/spyware/viruses on my hard drive. Thanks very much. in advance. Here are the logs:


    HiJackThis log:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:10:12 PM, on 1/15/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16700)
    Boot mode: Normal

    Running processes:
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\windows\System32\rundll32.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\ThpSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
    C:\windows\system32\igfxext.exe
    C:\Program Files\TOSHIBA\TECO\TEco.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Lexmark Z2400 Series\ezprint.exe
    C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
    C:\Program Files\Freecorder\FLVSrvc.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Metacafe\MetacafeAgent.exe
    C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
    C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\Users\Deb-Admin\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1060933
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\IPSBHO.DLL
    O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\coIEPlg.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe
    O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
    O4 - HKLM\..\Run: [lxdqmon.exe] "C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark Z2400 Series\ezprint.exe"
    O4 - HKLM\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Toshiba DetectAC Utility] "C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe"
    O4 - HKLM\..\Run: [Toshiba DetectAC Utility1] "C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\CollectInfo.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - Startup: Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Metacafe.lnk = C:\Program Files\Metacafe\MetacafeAgent.exe
    O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
    O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Deb-Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Deb-Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} (Symantec Configuration Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://freetrial.webex.com/client/T27L/webex/ieatgpc1.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\coIEPlg.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop Inc - C:\Users\Deb-Admin\AppData\Local\CrossLoop\CrossLoopService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: lxdqCATSCustConnectService - Lexmark International, Inc. - C:\windows\system32\spool\DRIVERS\W32X86\3\\lxdqserv.exe
    O23 - Service: lxdq_device - - C:\windows\system32\lxdqcoms.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
    O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
    O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\windows\system32\ThpSrv.exe
    O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
    O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Users\Deb-Admin\AppData\Local\CrossLoop\tvnserver.exe
    O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
    O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

    --
    End of file - 11491 bytes

    DDS.txt log:

    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Deb-Admin at 21:39:28.27 on Sat 01/15/2011
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2937.1069 [GMT -5:00]

    AV: Norton Security Suite *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton Security Suite *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    FW: Norton Security Suite *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

    ============== Running Processes ===============

    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\windows\System32\svchost.exe -k Akamai
    C:\Users\Deb-Admin\AppData\Local\CrossLoop\CrossLoopService.exe
    C:\windows\system32\svchost.exe -k hpdevmgmt
    C:\windows\system32\lxdqcoms.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
    C:\windows\System32\svchost.exe -k HPZ12
    C:\windows\System32\svchost.exe -k HPZ12
    C:\windows\system32\svchost.exe -k imgsvc
    C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    C:\windows\system32\ThpSrv.exe
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    C:\Program Files\TOSHIBA\TECO\TecoService.exe
    C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
    C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
    C:\windows\system32\taskhost.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
    C:\windows\system32\svchost.exe -k HPService
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\System32\rundll32.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\ThpSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
    C:\windows\system32\igfxext.exe
    C:\Program Files\TOSHIBA\TECO\TEco.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Lexmark Z2400 Series\ezprint.exe
    C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
    C:\Program Files\Freecorder\FLVSrvc.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\TOSHIBA\Toshiba DetectAC Utility\DetectAC.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Metacafe\MetacafeAgent.exe
    C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
    C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
    C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\windows\system32\DllHost.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\windows\system32\svchost.exe -k SDRSVC
    C:\windows\system32\SearchIndexer.exe
    C:\windows\system32\taskhost.exe
    C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\DllHost.exe
    C:\Users\Deb-Admin\Desktop\dds.scr
    C:\windows\system32\conhost.exe
    C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1060933
    mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
    mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\tbFree.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
    BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\tbFree.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton security suite\engine\3.8.0.41\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton security suite\engine\3.8.0.41\IPSBHO.DLL
    BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - c:\programdata\partner\Partner.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton security suite\engine\3.8.0.41\coIEPlg.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\tbFree.dll
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    mRun: [<NO NAME>]
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe
    mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe
    mRun: [lxdqmon.exe] "c:\program files\lexmark z2400 series\lxdqmon.exe"
    mRun: [EzPrint] "c:\program files\lexmark z2400 series\ezprint.exe"
    mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [Toshiba DetectAC Utility] "c:\program files\toshiba\toshiba detectac utility\DetectAC.exe"
    mRun: [Toshiba DetectAC Utility1] "c:\program files\toshiba\toshiba detectac utility\CollectInfo.exe"
    StartupFolder: c:\users\deb-ad~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\metacafe.lnk - c:\program files\metacafe\MetacafeAgent.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\metacafe.lnk - c:\program files\metacafe\MetacafeAgent.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
    DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://freetrial.webex.com/client/T27L/webex/ieatgpc1.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton security suite\engine\3.8.0.41\CoIEPlg.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\deb-ad~1\appdata\roaming\mozilla\firefox\profiles\5osi1wxa.default\
    FF - prefs.js: browser.startup.homepage - hxxps://www.linkedin.com/secure/login?trk=hb_signin
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll
    FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll
    FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
    FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll
    FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\plugins\nphpclipbook.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\deb-admin\appdata\roaming\mozilla\plugins\npatgpc.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    FF - Ext: Norton Toolbar: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC} - c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coFFPlgn
    FF - Ext: HP Smart Web Printing: [email protected] - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
    FF - Ext: HP Smart Web Printing: [email protected] - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3

    ============= SERVICES / DRIVERS ===============

    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0308000.029\SymEFA.sys [2010-2-3 310320]
    R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2009-6-29 30272]
    R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2009-6-29 13120]
    R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0308000.029\BHDrvx86.sys [2010-2-3 259632]
    R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0308000.029\cchpx86.sys [2010-2-3 482432]
    R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20110114.002\IDSvix86.sys [2011-1-15 353912]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
    R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 20992]
    R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
    R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
    R2 CrossLoopService;CrossLoop Service;c:\users\deb-admin\appdata\local\crossloop\CrossLoopService.exe [2010-9-17 560848]
    R2 lxdq_device;lxdq_device;c:\windows\system32\lxdqcoms.exe -service --> c:\windows\system32\lxdqcoms.exe -service [?]
    R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\3.8.0.41\ccSvcHst.exe [2010-2-3 117640]
    R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2010-12-12 2228008]
    R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-8-27 185712]
    R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920]
    R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-10-14 98304]
    R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-1-15 102448]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-7-10 122880]
    R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-7-27 51712]
    R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2009-11-28 24064]
    R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2009-6-15 9216]
    R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-4-26 1011232]
    R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\n360\0308000.029\symndisv.sys [2010-2-3 48688]
    R3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-11-28 51512]
    R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-9-17 111960]
    R3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-8-6 685424]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-27 135664]
    S2 lxdqCATSCustConnectService;lxdqCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdqserv.exe [2009-4-28 94208]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 Partner Service;Partner Service;c:\programdata\partner\Partner.exe [2009-8-31 332272]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-11-28 171520]
    S3 tvnserver;TightVNC Server;c:\users\deb-admin\appdata\local\crossloop\tvnserver.exe [2010-9-17 814080]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-3 1343400]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]

    =============== Created Last 30 ================

    2011-01-15 22:14:59 -------- d-----w- c:\progra~2\STOPzilla!
    2011-01-13 02:54:19 -------- d-----w- c:\users\deb-ad~1\appdata\local\Symantec
    2011-01-13 02:26:07 -------- d-sh--w- C:\found.000
    2010-12-23 03:47:35 -------- d-----w- c:\progra~2\WEBREG
    2010-12-23 03:42:07 -------- d-----w- c:\users\deb-ad~1\appdata\local\HP
    2010-12-23 03:40:52 316928 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpfpp092.dll
    2010-12-23 03:37:23 -------- d-----w- c:\windows\hpoj4500g510n-z
    2010-12-23 03:37:07 122880 ----a-w- c:\windows\system32\hpf3l092.dll
    2010-12-23 03:33:33 716288 ----a-w- c:\windows\system32\hpwwiax9.dll
    2010-12-23 03:33:33 593920 ----a-w- c:\windows\system32\hpwtscl5.dll
    2010-12-23 03:33:33 452408 ----a-w- c:\windows\system32\hpzids01.dll
    2010-12-23 03:33:33 315392 ----a-w- c:\windows\system32\hpwvst01.dll
    2010-12-23 03:33:32 372736 ----a-w- c:\windows\system32\hppldcoi.dll
    2010-12-23 02:41:05 -------- d-----w- c:\program files\Microsoft IntelliPoint
    2010-12-23 02:39:46 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
    2010-12-23 02:29:03 -------- d-----w- c:\program files\common files\HP
    2010-12-23 02:29:02 -------- d-----w- c:\program files\common files\Hewlett-Packard
    2010-12-23 02:28:46 -------- d-----w- c:\windows\hpoj4500g510g-m
    2010-12-23 02:28:03 -------- d-----w- c:\program files\HP
    2010-12-23 01:23:28 -------- d-----w- c:\program files\HP_OfficeJet_4500_G510_Printer
    2010-12-21 11:59:12 -------- d-----w- c:\users\deb-ad~1\appdata\roaming\Uniblue
    2010-12-21 05:41:46 -------- d-----w- c:\users\deb-ad~1\appdata\local\OpenCandy
    2010-12-21 05:41:44 -------- d-----w- c:\users\deb-ad~1\appdata\roaming\OpenCandy
    2010-12-21 05:41:43 -------- d-----w- c:\program files\OpenCandyDemoInstaller
    2010-12-21 05:41:21 -------- d-----w- c:\program files\Conduit
    2010-12-21 05:41:17 -------- d-----w- c:\program files\ConduitEngine
    2010-12-21 05:41:00 -------- d-----w- c:\users\deb-ad~1\appdata\local\FLVService
    2010-12-21 05:40:54 -------- d-----w- c:\windows\Freecorder
    2010-12-21 05:40:53 -------- d-----w- c:\program files\Freecorder

    ==================== Find3M ====================

    2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll
    2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll
    2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec
    2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-11-02 04:41:36 442880 ----a-w- c:\windows\system32\XpsPrint.dll
    2010-11-02 04:41:36 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
    2010-11-02 04:41:36 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
    2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll
    2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll
    2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll
    2010-11-02 04:36:16 801792 ----a-w- c:\windows\system32\FntCache.dll
    2010-11-02 04:35:51 1074176 ----a-w- c:\windows\system32\DWrite.dll
    2010-11-02 04:35:35 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
    2010-11-02 04:35:34 739840 ----a-w- c:\windows\system32\d2d1.dll
    2010-11-02 04:35:34 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
    2010-11-02 04:35:34 161792 ----a-w- c:\windows\system32\d3d10_1.dll
    2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe
    2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe
    2010-11-02 04:23:44 107520 ----a-w- c:\windows\system32\cdd.dll
    2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-10-20 04:54:18 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-10-20 03:00:24 2327552 ----a-w- c:\windows\system32\win32k.sys
    2010-10-20 02:58:41 294400 ----a-w- c:\windows\system32\atmfd.dll

    ============= FINISH: 21:40:13.83 ===============

    Attach.txt log:

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 1/27/2010 10:00:47 PM
    System Uptime: 1/15/2011 6:25:36 PM (3 hours ago)

    Motherboard: TOSHIBA | | Satellite T135
    Processor: Genuine Intel(R) CPU U4100 @ 1.30GHz | U2E1 | 1300/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 289 GiB total, 229.204 GiB free.

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP72: 12/22/2010 9:39:28 PM - Windows Update
    RP73: 12/31/2010 9:13:44 AM - Windows Update
    RP74: 1/12/2011 9:37:58 PM - Windows Update
    RP75: 1/12/2011 9:57:21 PM - Windows Backup
    RP76: 1/13/2011 3:00:16 AM - Windows Update
    RP77: 1/13/2011 6:20:47 PM - Windows Update
    RP78: 1/14/2011 8:26:15 AM - Windows Update
    RP79: 1/14/2011 11:11:34 AM - Removed Symantec Technical Support Web Controls
    RP81: 1/14/2011 12:11:52 PM - Installed Toshiba DetectAC Utility
    RP82: 1/14/2011 12:38:15 PM - Windows Update
    RP83: 1/15/2011 5:14:12 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP86: 1/15/2011 8:49:41 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP87: 1/15/2011 8:50:29 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.

    ==== Installed Programs ======================

    32 Bit HP CIO Components Installer
    4500_G510gm_Help_Web
    4500_G510nz_Help
    4500G510gm_Software_Min
    4500G510gm_web
    4500G510nz
    4500G510nz_Software_Min
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.1
    Akamai NetSession Interface
    Apple Application Support
    Apple Software Update
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    BufferChm
    Business Contact Manager for Outlook 2007 Database Tool
    Compatibility Pack for the 2007 Office system
    Conexant HD Audio
    CrossLoop 2.74
    D3DX10
    Destinations
    DeviceDiscovery
    DocMgr
    DocProc
    Fax
    File Uploader
    Freecorder
    Freecorder Toolbar
    Google Earth Plug-in
    Google Toolbar for Internet Explorer
    Google Update Helper
    GoToMeeting 4.5.0.457
    GPBaseService2
    HP Customer Participation Program 13.0
    HP Document Manager 2.0
    HP Imaging Device Functions 13.0
    HP Officejet 4500 G510g-m
    HP Officejet 4500 G510n-z
    HP Smart Web Printing 4.5
    HP Solution Center 13.0
    HP Update
    HPProductAssistant
    HPSSupply
    Intel(R) Graphics Media Accelerator Driver
    Intel® Matrix Storage Manager
    Java(TM) 6 Update 14
    Junk Mail filter update
    Lexmark Z2400 Series
    MarketResearch
    Metacafe
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft IntelliPoint 8.0
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Works
    Mozilla Firefox (3.6.13)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MyToshiba
    Network
    NetZero Launcher
    Nikon Message Center
    Nikon Transfer
    Norton Security Suite
    OCR Software by I.R.I.S. 13.0
    OGA Notifier 2.0.0048.0
    PlayReady PC Runtime x86
    Quickbooks Financial Center
    QuickTime
    Realtek USB 2.0 Card Reader
    Realtek WLAN Driver
    RESUMate 11
    RESUMate Repair+ v7.4
    Scan
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2289158)
    Security Update for 2007 Microsoft Office System (KB2344875)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2345035)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Shop for HP Supplies
    Skype Launcher
    Skype Toolbars
    Skype™ 4.2
    SmartWebPrinting
    SolutionCenter
    Status
    Symantec Technical Support Web Controls
    Synaptics Pointing Device Driver
    TeamViewer 6
    Time Stamp
    Toolbox
    Toshiba Application and Driver Installer
    TOSHIBA Assist
    TOSHIBA ConfigFree
    Toshiba DetectAC Utility
    TOSHIBA Disc Creator
    TOSHIBA eco Utility
    TOSHIBA Extended Tiles for Windows Mobility Center
    TOSHIBA Face Recognition
    TOSHIBA Hardware Setup
    TOSHIBA HDD Protection
    TOSHIBA HDD/SSD Alert
    Toshiba Online Backup
    TOSHIBA PC Health Monitor
    Toshiba Quality Application
    TOSHIBA Recovery Media Creator
    TOSHIBA Service Station
    TOSHIBA Speech System Applications
    TOSHIBA Speech System SR Engine(U.S.) Version1.0
    TOSHIBA Speech System TTS Engine(U.S.) Version1.0
    TOSHIBA Supervisor Password
    TOSHIBA USB Sleep and Charge Utility
    TOSHIBA Value Added Package
    TOSHIBA Web Camera Application
    ToshibaRegistration
    TrayApp
    UB
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office Outlook 2007 (KB2412171)
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update for Outlook 2007 Junk Email Filter (KB2483110)
    WD SmartWare
    WebEx
    WebReg
    WildTangent Games
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Player Firefox Plugin

    ==== Event Viewer Messages From Past Week ========

    1/15/2011 6:32:20 PM, Error: Service Control Manager [7022] - The Windows Font Cache Service service hung on starting.
    1/15/2011 6:27:00 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom is3srv
    1/15/2011 6:26:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxdqCATSCustConnectService service to connect.
    1/15/2011 6:26:44 PM, Error: Service Control Manager [7000] - The lxdqCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/15/2011 1:30:50 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user Deb-Admin-PC\Deb-Admin SID (S-1-5-21-4121388299-2077998826-1917715651-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    1/15/2011 1:30:50 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user Deb-Admin-PC\Deb-Admin SID (S-1-5-21-4121388299-2077998826-1917715651-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    1/14/2011 9:55:32 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    1/14/2011 9:49:57 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom SRTSP
    1/14/2011 9:47:47 AM, Error: SRTSP [5] - Error loading Symantec real time Anti-Virus driver.
    1/14/2011 9:47:47 AM, Error: SRTSP [4] - Error loading virus definitions.
    1/14/2011 9:44:46 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    1/14/2011 9:31:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
    1/14/2011 9:31:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
    1/14/2011 9:18:12 AM, Error: Service Control Manager [7030] - The LogMeIn Rescue (b4c7a6a1-7fe4-42e2-a05b-d61cffe3fdc1) service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    1/14/2011 9:14:40 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    1/14/2011 9:13:54 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccHP cdrom discache eeCtrl IDSVix86 spldr SRTSP SRTSPX SYMTDI Wanarpv6
    1/14/2011 9:03:51 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0816: Update for Windows 7 (KB2454826).
    1/14/2011 9:03:51 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0816: Security Update for Windows 7 (KB2419640).
    1/14/2011 8:58:21 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x00000008, 0x807c7750, 0x00000000, 0x00000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011411-29624-01.
    1/14/2011 7:30:42 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
    1/14/2011 12:03:02 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ConfigFree Service service to connect.
    1/14/2011 12:03:02 PM, Error: Service Control Manager [7000] - The ConfigFree Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/14/2011 11:56:05 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    1/14/2011 11:56:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    1/14/2011 11:56:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    1/14/2011 11:56:05 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
    1/14/2011 11:56:04 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    1/14/2011 11:56:04 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    1/14/2011 11:56:03 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    1/14/2011 11:55:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    1/14/2011 11:55:45 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 ccHP cdrom DfsC discache eeCtrl IDSVix86 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSP SRTSPX SymIM SYMTDI tdx vwififlt Wanarpv6 WfpLwf
    1/14/2011 11:55:45 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    1/14/2011 11:55:45 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    1/14/2011 11:55:45 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    1/14/2011 11:55:45 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    1/14/2011 11:55:45 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    1/14/2011 11:55:45 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    1/14/2011 11:55:45 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    1/14/2011 11:55:45 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    1/14/2011 11:55:45 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    1/14/2011 11:55:45 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    1/13/2011 7:46:34 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x00000008, 0x801dd000, 0x00000000, 0x00000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011311-27955-01.
    1/13/2011 7:35:11 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x00000008, 0x801dd000, 0x00000000, 0x00000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011311-34959-01.
    1/13/2011 5:36:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the WD SmartWare Background Service service to connect.
    1/12/2011 9:58:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 (KB2454826).
    1/12/2011 9:58:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 (KB2419640).
    1/12/2011 9:56:00 PM, Error: Microsoft-Windows-Application-Experience [205] - The Program Compatibility Assistant service failed to perform the phase two initialization.
    1/12/2011 9:53:45 PM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
    1/12/2011 9:53:08 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x00000008, 0x807c7750, 0x00000000, 0x00000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011211-45942-01.
    1/12/2011 9:17:32 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
    1/12/2011 11:14:25 PM, Error: Virtual Disk Service [9] - Unexpected provider failure. Restarting the service may fix the problem. Error code: 8007001F@02000014

    ==== End Of File ===========================

    ark.text log:

    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit quick scan 2011-01-15 21:29:27
    Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.FG02
    Running: smd5mjoe.exe; Driver: C:\Users\DEB-AD~1\AppData\Local\Temp\kwliquob.sys


    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs szkgfs.sys
    AttachedDevice \Driver\tdx \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\tdx \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----
    Thank you.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/974934