gringo - I had no problems following your initial instructions.
Here are the 3 log files:
security check log:
Results of screen317's Security Check version 0.99.61
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:````````` SpywareBlaster 4.4
Malwarebytes Anti-Malware version 1.65.1.1000
Java 6 Update 17
Java version out of Date! Adobe Flash Player 10
Flash Player out of Date! Adobe Reader 9
Adobe Reader out of Date! ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check````````````````` Total Fragmentation on Drive C: 0%
````````````````````End of Log`````````````````````` DDS logs:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464
Run by Linda at 13:55:13 on 2013-03-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.1824 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\System32\WUDFHost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\wuauclt.exe
C:\Program Files (x86)\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\windows\system32\Macromed\Flash\FlashUtil64_11_4_402_265_ActiveX.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Users\Linda\Desktop\SecurityCheck.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\svchost.exe -k defragsvc
C:\windows\SysWOW64\notepad.exe
C:\windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\windows\system32\vssvc.exe
C:\windows\System32\svchost.exe -k swprv
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\wuauclt.exe
C:\windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.145.1529.0.exe
C:\windows\system32\MpSigStub.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://forecast.weather.gov/MapClick.php?CityName=Roebuck&state=SC&site=GSP&textField1=34.8761&textField2=-81.9642&e=0
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND
uProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Logitech Scroll App: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\ScrollApp\32-bit\LogiSmooth.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Linda\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
StartupFolder: C:\Users\Linda\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{333FE1E2-FE16-4C2B-96ED-00E7DC87BA0F} : DHCPNameServer = 100.100.0.101
TCP: Interfaces\{4DD15D8A-DF70-47F2-BA5B-0C680BCBF063} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{4DD15D8A-DF70-47F2-BA5B-0C680BCBF063} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4DD15D8A-DF70-47F2-BA5B-0C680BCBF063}\65562796A7F6E602D496649623230303021423243302355636572756 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: Logitech Scroll App: {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\ScrollApp\LogiSmooth.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [LogiScrollApp] C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 95.211.0.119 www.google-analytics.com.
Hosts: 95.211.0.119 ad-emea.doubleclick.net.
Hosts: 95.211.0.119 www.statcounter.com.
Hosts: 93.115.241.27 www.google-analytics.com.
Hosts: 93.115.241.27 ad-emea.doubleclick.net.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2010-9-17 202752]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2010-10-24 130008]
R2 NWVZHelper;Novatel Wireless Verizon Device Helper;C:\Program Files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe [2010-6-14 270848]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2010-9-17 35008]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-9-17 232992]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2010-9-17 325152]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2010-9-17 932384]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-9-17 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;C:\windows\System32\drivers\hitmanpro35.sys [2011-8-31 25160]
S3 NWUSBCDFIL64;Novatel Wireless Installation CD;C:\windows\System32\drivers\NwUsbCdFil64.sys [2010-7-8 25600]
S3 NWUSBModem_000;Novatel Wireless USB Modem Driver (vGEN);C:\windows\System32\drivers\nwusbmdm_000.sys [2010-7-8 217728]
S3 NWUSBPort_000;Novatel Wireless USB Status Port Driver (vGEN);C:\windows\System32\drivers\nwusbser_000.sys [2010-7-8 217728]
S3 NWUSBPort2_000;Novatel Wireless USB Status2 Port Driver (vGEN);C:\windows\System32\drivers\nwusbser2_000.sys [2010-7-8 217728]
S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-5-26 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2010-10-11 1255736]
.
=============== Created Last 30 ================
.
2013-03-12 17:54:57 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{88028786-FEF7-4850-8E72-730D3BA3F9F2}\mpengine.dll
2013-03-12 17:43:38 9162192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{51504DE0-FE3D-403C-983C-7D320F9CF11B}\mpengine.dll
2013-03-12 14:08:13 -------- d-----w- C:\Users\Linda\AppData\Local\Programs
2013-03-05 22:18:56 9162192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-22 01:52:18 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-22 01:52:18 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-22 00:00:59 5553512 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-02-22 00:00:58 3967848 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-02-22 00:00:57 3913064 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-02-22 00:00:54 3153408 ----a-w- C:\windows\System32\win32k.sys
2013-02-22 00:00:40 215040 ----a-w- C:\windows\System32\winsrv.dll
2013-02-22 00:00:34 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2013-02-22 00:00:34 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2013-02-22 00:00:33 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2013-02-22 00:00:33 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2013-02-22 00:00:29 2048 ----a-w- C:\windows\SysWow64\user.exe
2013-02-22 00:00:16 1913192 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-02-22 00:00:15 288088 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
.
==================== Find3M ====================
.
2013-01-30 10:53:22 273840 ------w- C:\windows\System32\MpSigStub.exe
2013-01-20 20:59:04 230320 ----a-w- C:\windows\System32\drivers\MpFilter.sys
2013-01-20 20:59:04 130008 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys
2013-01-09 01:19:09 2312704 ----a-w- C:\windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-01-04 04:43:21 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2012-12-16 17:11:22 46080 ----a-w- C:\windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
.
============= FINISH: 13:55:37.55 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/9/2010 4:01:46 PM
System Uptime: 3/12/2013 1:42:59 PM (0 hours ago)
.
Motherboard: TOSHIBA | | NALAE
Processor: AMD Phenom II N640 Dual-Core Processor | Socket M2/S1G1 | 2900/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 453 GiB total, 401.692 GiB free.
D: is CDROM (CDFS)
E: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP368: 2/15/2013 1:55:32 AM - Windows Update
RP369: 2/18/2013 12:29:06 PM - Windows Update
RP370: 2/21/2013 8:48:48 PM - Windows Update
RP371: 2/25/2013 8:50:01 AM - Windows Update
RP372: 2/26/2013 4:15:07 PM - Windows Update
RP373: 3/2/2013 7:40:23 AM - Windows Update
RP374: 3/5/2013 9:28:24 AM - Windows Update
RP375: 3/10/2013 7:26:23 AM - Windows Update
RP376: 3/12/2013 1:38:31 PM - Restore Operation
RP377: 3/12/2013 1:54:24 PM - Windows Update
.
==== Hosts File Hijack ======================
.
Hosts: 95.211.0.119 www.google-analytics.com.
Hosts: 95.211.0.119 ad-emea.doubleclick.net.
Hosts: 95.211.0.119 www.statcounter.com.
Hosts: 93.115.241.27 www.google-analytics.com.
Hosts: 93.115.241.27 ad-emea.doubleclick.net.
Hosts: 93.115.241.27 www.statcounter.com.
.
==== Installed Programs ======================
.
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.2
Adobe Shockwave Player 11.6
ATI Catalyst Install Manager
Best Buy pc app
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cubis Gold 2
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
e-Sword
eReg
Free File Opener v2011.7.0.1
Google Toolbar for Internet Explorer
Google Update Helper
Hitman Pro 3.5
Java 7 Update 6 (64-bit)
Java 6 Update 17
Junk Mail filter update
Label@Once 1.0
Logitech Scroll App 2.0
Logitech SetPoint 6.32
Malwarebytes Anti-Malware version 1.65.1.1000
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Mathematics (64-bit)
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozaki Blocks Deluxe
MSVCRT
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
PlayReady PC Runtime amd64
Punch! Professional Home Design
Realtek Ethernet Controller Driver For Windows 7
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Skype™ 5.5
SpywareBlaster 4.4
swMSM
Synaptics Pointing Device Driver
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Utility Common Driver
Verizon Mobile Broadband Drivers
Verizon Wireless MiFi-2200 Firmware Updates
VZAccess Manager
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Zoo Tycoon 2 Endangered Species
.
==== Event Viewer Messages From Past Week ========
.
3/9/2013 2:12:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.1381.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/9/2013 10:58:11 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Linda-PC\Linda SID (S-1-5-21-1095528271-3612652570-1581237243-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
3/8/2013 8:25:02 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.1381.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/7/2013 7:25:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/6/2013 8:12:05 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/6/2013 11:35:56 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/5/2013 9:18:35 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR12.
3/5/2013 9:07:45 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.954.0 Update Source: Microsoft Update Server Update Stage: Download Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
3/5/2013 9:07:45 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.954.0 Update Source: Microsoft Update Server Update Stage: Download Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
3/12/2013 9:48:26 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.145.1529.0 Update Source: Microsoft Update Server Update Stage: Search Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
3/12/2013 1:43:38 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 0.0.0.0;0.0.0.0 Engine version: 0.0.0.0
3/11/2013 9:22:34 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
3/10/2013 8:14:08 PM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107.
3/10/2013 8:14:08 PM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
3/10/2013 7:47:38 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.2 with the system having network hardware address 78-92-9C-A0-2B-68. Network operations on this system may be disrupted as a result.
.
==== End Of File ===========================