Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

Internet Problems

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

Internet Problems

Unread postby RJay0890 » January 3rd, 2010, 2:08 am

I am having random problems with my internet freezing up and requiring a modem/router restart. I am suspicious that someone was careless with the internet browsing on my laptop while I was away recently and even though AVG cant find anything wrong I believe there is a problem hidden in my pc somewhere.

Here are the logs:

HiJackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:03:37 AM, on 1/2/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Adolix\Adolix Wallpaper Changer\AWC.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Wallpaper Manager] C:\Program Files\Adolix\Adolix Wallpaper Changer\AWC.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9830 bytes


Uninstall_List
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.4
Adolix Wallpaper Changer 2.2
ALPS Touch Pad Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Driver Installation Program
Atheros Wi-Fi Protected Setup Library
AVG 8.5
Bluetooth Stack for Windows by Toshiba
Bonjour
CD/DVD Drive Acoustic Silencer
Compatibility Pack for the 2007 Office system
DVD MovieFactory for TOSHIBA
GearDrvs
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
iTunes
Java(TM) 6 Update 3
Memeo AutoBackup
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox (3.5.6)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Napster
Napster Burn Engine
Norton 360
Picasa 2
QuickBooks Financial Center
QuickTime
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
Security Update for Windows Media Encoder (KB954156)
Texas Instruments PCIxx21/x515/xx12 drivers.
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Flash Cards Support Utility
TOSHIBA Games
TOSHIBA Hardware Setup
Toshiba Registration
TOSHIBA SD Memory Utilities
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Office 2007 (KB934528)
Update for Office System 2007 Setup (KB929722)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
WinRAR archiver
RJay0890
Active Member
 
Posts: 11
Joined: December 18th, 2009, 10:53 pm
Top
Advertisement
Register to Remove

Re: Internet Problems

Unread postby MWR 3 day Mod » January 7th, 2010, 1:49 am

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am
Top

Re: Internet Problems

Unread postby Dakeyras » January 8th, 2010, 8:20 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.
Hi RJay0890 and welcome back to Malware Removal. :)

I'm Dakeyras and I am going to try to assist you with your problem. Please take note of the below:

  • I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!.
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

Vista Advice:

All applications I ask to be used will require to be run in Administrator mode. IE: Right click on and select Run as Administrator.

The Operating System(Vista aka Windows 6) in use comes with a inbuilt utility called User Access Control(UAC) when prompted by this with anything I ask you to do carry out please select the option Allow.

Next:

Please go to Start >> Control Panel >> Programs and Features and remove the following (if present):

Norton 360

To do so click once on each of the below and click on Uninstall/Change and follow the prompts.

Note: Take extra care in answering questions posed by any Uninstaller. Some questions may be worded to deceive you into keeping the program.

TFC(Temp File Cleaner):

Note: TFC will run automatically in elevated admin mode so no need to right click upon the executable.

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • Click the Start button in the bottom left of TFC
  • If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

Next:

Please download Malwarebytes' Anti-Malware to your desktop.

  • Right-click mbam-setup.exe and select Run as Administrator then follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please post that log in your next reply.

The log can also be found here:
  1. Launch Malwarebytes' Anti-Malware
  2. Click on the Logs radio tab.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Next:

  • Please download Random's System Information Tool by random/random from here and save it to your desktop.
Please make sure that RSIT.exe is on the your Desktop before running the application!
  • Right-click on RSIT.exe and select Run as Administrator to start RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open:
    • log.txt will be opened maximized.
    • info.txt will be opened minimized.
  • Please post the contents of both log.txt and info.txt.

When completed the above, please post back the following:

  • Inform myself how your computer is running. Any problems encountered and or further symptoms?
  • Malwarebytes Anti-Malware Log.
  • Both RSIT Logs. <-- Post them individually please. IE: one Log per post/reply.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Top

Re: Internet Problems

Unread postby RJay0890 » January 8th, 2010, 4:05 pm

Hello and thank you for your help! My computer seems to be running as smoothly as it was before.

Here are the logs you asked for:

Malwarebytes' Anti-Malware 1.44
Database version: 3520
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

1/8/2010 2:59:08 PM
mbam-log-2010-01-08 (14-59-08).txt

Scan type: Quick Scan
Objects scanned: 101462
Time elapsed: 9 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
RJay0890
Active Member
 
Posts: 11
Joined: December 18th, 2009, 10:53 pm
Top

Re: Internet Problems

Unread postby RJay0890 » January 8th, 2010, 4:06 pm

Logfile of random's system information tool 1.06 (written by random/random)
Run by Rjay at 2010-01-08 15:01:14
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 65 GB (43%) free of 151 GB
Total RAM: 2038 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:01:23 PM, on 1/8/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Adolix\Adolix Wallpaper Changer\AWC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Rjay\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Rjay.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Wallpaper Manager] C:\Program Files\Adolix\Adolix Wallpaper Changer\AWC.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 10056 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-10 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-08 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-10-30 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-09 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-08 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-09-20 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-09-20 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-09-20 129560]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-15 448080]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-09-11 180224]
"jswtrayutil"=C:\Program Files\Jumpstart\jswtrayutil.exe []
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"NDSTray.exe"=NDSTray.exe []
"HWSetup"=\HWSetup.exe hwSetUP []
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-02-18 1862144]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-29 4911104]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-12-10 2043160]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=TOSCDSPD.EXE []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-09 39408]
"Wallpaper Manager"=C:\Program Files\Adolix\Adolix Wallpaper Changer\AWC.exe [2008-03-14 1946624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-09-13 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\TOSHIBA\ivp\NetInt\Netint.exe"="C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"
"C:\TOSHIBA\Ivp\ISM\pinger.exe"="C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a00f7b8-d961-11de-b997-001eec33ad48}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\m.exe /s

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64bdc195-dad5-11de-9e25-001eec33ad48}]
shell\AutoRun\command - E:\slacker.synclauncher.exe
shell\slacker\command - E:\slacker.synclauncher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{738c6b62-3da2-11de-932e-001eec33ad48}]
shell\AutoRun\command - E:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aabda668-7249-11de-9a0e-001eec33ad48}]
shell\AutoRun\command - F:\start.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-01-08 15:01:14 ----D---- C:\rsit
2010-01-08 14:48:34 ----D---- C:\Users\Rjay\AppData\Roaming\Malwarebytes
2010-01-08 14:48:26 ----D---- C:\ProgramData\Malwarebytes
2010-01-08 14:48:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-02 01:01:45 ----D---- C:\Program Files\Trend Micro
2009-12-15 01:05:33 ----D---- C:\Users\Rjay\AppData\Roaming\WildTangent
2009-12-12 13:53:25 ----D---- C:\Program Files\Windows Portable Devices
2009-12-12 13:23:24 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-12-12 13:23:24 ----A---- C:\Windows\system32\UIAnimation.dll
2009-12-12 13:23:23 ----A---- C:\Windows\system32\UIRibbon.dll
2009-12-12 13:22:41 ----A---- C:\Windows\system32\WMPhoto.dll
2009-12-12 13:22:40 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-12-12 13:22:40 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-12-12 13:22:40 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-12-12 13:22:40 ----A---- C:\Windows\system32\d3d10warp.dll
2009-12-12 13:22:40 ----A---- C:\Windows\system32\cdd.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\xpsservices.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\XpsPrint.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-12-12 13:22:39 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\OpcServices.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\FntCache.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\dxgi.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\dxdiagn.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\dxdiag.exe
2009-12-12 13:22:39 ----A---- C:\Windows\system32\DWrite.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d11.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d10level9.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d10core.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d10_1.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d10.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d2d1.dll
2009-12-12 13:22:10 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-12-12 13:22:10 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-12-12 13:22:10 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-12-12 13:22:08 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\WPDSp.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\wpdshext.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\WpdMtp.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\WpdConns.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\wpd_ci.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-12-12 13:21:00 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-12-12 13:21:00 ----A---- C:\Windows\system32\oleaccrc.dll
2009-12-12 13:21:00 ----A---- C:\Windows\system32\oleacc.dll
2009-12-12 13:18:46 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-12 13:18:44 ----A---- C:\Windows\system32\httpapi.dll
2009-12-11 04:11:26 ----D---- C:\Windows\system32\eu-ES
2009-12-11 04:11:26 ----D---- C:\Windows\system32\ca-ES
2009-12-11 04:11:18 ----D---- C:\Windows\system32\vi-VN
2009-12-11 00:54:41 ----D---- C:\Windows\system32\EventProviders
2009-12-09 17:58:56 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 17:58:52 ----A---- C:\Windows\system32\ieframe.dll
2009-12-09 17:58:47 ----A---- C:\Windows\system32\iertutil.dll
2009-12-09 17:58:46 ----A---- C:\Windows\system32\urlmon.dll
2009-12-09 17:58:45 ----A---- C:\Windows\system32\wininet.dll
2009-12-09 17:58:44 ----A---- C:\Windows\system32\occache.dll
2009-12-09 17:58:44 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-09 17:58:43 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-09 17:58:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-09 17:58:41 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-09 17:58:41 ----A---- C:\Windows\system32\ieui.dll
2009-12-09 17:58:41 ----A---- C:\Windows\system32\iepeers.dll
2009-12-09 17:58:40 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-09 17:58:40 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-09 17:58:39 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-09 17:58:39 ----A---- C:\Windows\system32\iesetup.dll
2009-12-09 17:58:39 ----A---- C:\Windows\system32\iernonce.dll
2009-12-09 17:58:39 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-09 17:03:50 ----A---- C:\Windows\system32\winhttp.dll
2009-12-09 13:43:57 ----A---- C:\Windows\system32\rastls.dll

======List of files/folders modified in the last 1 months======

2010-01-08 15:01:23 ----D---- C:\Windows\Temp
2010-01-08 15:01:23 ----D---- C:\Windows\Prefetch
2010-01-08 14:48:27 ----D---- C:\Windows\system32\drivers
2010-01-08 14:48:26 ----HD---- C:\ProgramData
2010-01-08 14:48:25 ----RD---- C:\Program Files
2010-01-08 14:41:12 ----D---- C:\Windows
2010-01-07 16:21:15 ----HD---- C:\$AVG8.VAULT$
2010-01-07 15:35:43 ----SHD---- C:\System Volume Information
2010-01-04 21:45:46 ----AD---- C:\Windows\System32
2010-01-04 21:45:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-04 21:45:45 ----D---- C:\Windows\inf
2010-01-03 19:17:00 ----SD---- C:\Users\Rjay\AppData\Roaming\Microsoft
2010-01-01 12:38:52 ----D---- C:\Windows\system32\catroot2
2009-12-18 18:46:55 ----SHD---- C:\Windows\Installer
2009-12-18 18:44:45 ----D---- C:\Program Files\Google
2009-12-16 03:47:11 ----D---- C:\Program Files\Mozilla Firefox
2009-12-15 01:05:30 ----D---- C:\ProgramData\WildTangent
2009-12-12 14:21:26 ----D---- C:\Windows\Microsoft.NET
2009-12-12 14:21:17 ----RSD---- C:\Windows\assembly
2009-12-12 14:12:39 ----D---- C:\Windows\rescache
2009-12-12 13:56:46 ----D---- C:\Windows\system32\Tasks
2009-12-12 13:53:28 ----D---- C:\Windows\system32\en-US
2009-12-12 13:53:25 ----D---- C:\Windows\system32\wbem
2009-12-12 13:53:20 ----D---- C:\Windows\system32\zh-TW
2009-12-12 13:53:20 ----D---- C:\Windows\system32\zh-HK
2009-12-12 13:53:20 ----D---- C:\Windows\system32\zh-CN
2009-12-12 13:53:20 ----D---- C:\Windows\system32\uk-UA
2009-12-12 13:53:20 ----D---- C:\Windows\system32\tr-TR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\th-TH
2009-12-12 13:53:20 ----D---- C:\Windows\system32\sv-SE
2009-12-12 13:53:20 ----D---- C:\Windows\system32\sr-Latn-CS
2009-12-12 13:53:20 ----D---- C:\Windows\system32\sl-SI
2009-12-12 13:53:20 ----D---- C:\Windows\system32\sk-SK
2009-12-12 13:53:20 ----D---- C:\Windows\system32\ru-RU
2009-12-12 13:53:20 ----D---- C:\Windows\system32\ro-RO
2009-12-12 13:53:20 ----D---- C:\Windows\system32\pt-PT
2009-12-12 13:53:20 ----D---- C:\Windows\system32\pt-BR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\pl-PL
2009-12-12 13:53:20 ----D---- C:\Windows\system32\nl-NL
2009-12-12 13:53:20 ----D---- C:\Windows\system32\lv-LV
2009-12-12 13:53:20 ----D---- C:\Windows\system32\lt-LT
2009-12-12 13:53:20 ----D---- C:\Windows\system32\ko-KR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\ja-JP
2009-12-12 13:53:20 ----D---- C:\Windows\system32\it-IT
2009-12-12 13:53:20 ----D---- C:\Windows\system32\hu-HU
2009-12-12 13:53:20 ----D---- C:\Windows\system32\hr-HR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\he-IL
2009-12-12 13:53:20 ----D---- C:\Windows\system32\fr-FR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\fi-FI
2009-12-12 13:53:20 ----D---- C:\Windows\system32\et-EE
2009-12-12 13:53:20 ----D---- C:\Windows\system32\es-ES
2009-12-12 13:53:20 ----D---- C:\Windows\system32\el-GR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\de-DE
2009-12-12 13:53:20 ----D---- C:\Windows\system32\cs-CZ
2009-12-12 13:53:20 ----D---- C:\Windows\system32\bg-BG
2009-12-12 13:53:20 ----D---- C:\Windows\system32\ar-SA
2009-12-12 13:53:19 ----D---- C:\Windows\system32\nb-NO
2009-12-12 13:53:19 ----D---- C:\Windows\system32\da-DK
2009-12-12 13:23:38 ----D---- C:\Windows\winsxs
2009-12-12 13:23:36 ----D---- C:\Windows\system32\catroot
2009-12-11 04:25:07 ----SHD---- C:\Boot
2009-12-11 04:17:33 ----D---- C:\Program Files\Windows Calendar
2009-12-11 04:17:32 ----D---- C:\Program Files\Windows Mail
2009-12-11 04:17:32 ----D---- C:\Program Files\Movie Maker
2009-12-11 04:17:25 ----D---- C:\Program Files\Windows Sidebar
2009-12-11 04:17:25 ----D---- C:\Program Files\Windows Media Player
2009-12-11 04:17:25 ----D---- C:\Program Files\Internet Explorer
2009-12-11 04:17:23 ----D---- C:\Program Files\Windows Collaboration
2009-12-11 04:17:22 ----D---- C:\Program Files\Windows Journal
2009-12-11 04:17:14 ----D---- C:\Program Files\Common Files\System
2009-12-11 04:17:13 ----D---- C:\Program Files\Windows Photo Gallery
2009-12-11 04:16:55 ----D---- C:\Windows\servicing
2009-12-11 04:16:55 ----D---- C:\Program Files\Windows Defender
2009-12-11 04:16:54 ----D---- C:\Windows\ehome
2009-12-11 04:16:02 ----D---- C:\Windows\IME
2009-12-11 04:16:01 ----D---- C:\Windows\system32\XPSViewer
2009-12-11 04:15:56 ----D---- C:\Windows\system32\oobe
2009-12-11 04:15:55 ----D---- C:\Windows\system32\migration
2009-12-11 04:15:44 ----D---- C:\Windows\system32\AdvancedInstallers
2009-12-11 04:15:43 ----D---- C:\Windows\system32\setup
2009-12-11 04:15:42 ----D---- C:\Windows\system32\SLUI
2009-12-11 04:15:38 ----D---- C:\Windows\system32\manifeststore
2009-12-11 04:15:38 ----D---- C:\Windows\system32\en
2009-12-11 04:15:19 ----D---- C:\Windows\system32\migwiz
2009-12-11 04:11:38 ----RSD---- C:\Windows\Fonts
2009-12-11 04:11:38 ----D---- C:\Windows\AppPatch
2009-12-11 04:11:18 ----D---- C:\Windows\system32\Boot
2009-12-11 04:09:16 ----D---- C:\Windows\system32\RTCOM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-07-30 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-07-30 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-05-12 108552]
R1 Cdr4_xp;Cdr4_xp; C:\Windows\system32\drivers\Cdr4_xp.sys [2006-10-04 2432]
R1 Cdralw2k;Cdralw2k; C:\Windows\system32\drivers\Cdralw2k.sys [2006-10-04 2560]
R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2007-08-31 20352]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-08-30 140800]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-01-25 764416]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-09-13 1925632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-30 2058528]
R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 89088]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2007-05-23 49904]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-01 235520]
S3 motccgp;Motorola USB Composite Device Driver; C:\Windows\system32\DRIVERS\motccgp.sys [2008-08-21 18688]
S3 motccgpfl;MotCcgpFlService; C:\Windows\system32\DRIVERS\motccgpfl.sys [2008-08-21 8320]
S3 motmodem;Motorola USB CDC ACM Driver; C:\Windows\system32\DRIVERS\motmodem.sys [2007-06-18 23680]
S3 motport;Motorola USB Diagnostic Port; C:\Windows\system32\DRIVERS\motport.sys [2007-06-18 23680]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2008-04-16 22784]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-09-30 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-11-08 219264]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-11-08 211072]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-20 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-30 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-30 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 pinger;pinger; C:\Toshiba\IVP\ISM\pinger.exe [2007-01-25 136816]
R2 Swupdtmr;Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [2007-10-23 66928]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 128360]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-02 135664]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-20 21504]
S3 GameConsoleService;GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [2007-09-24 181784]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-02-18 1862144]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-09 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe [2007-10-29 937984]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
RJay0890
Active Member
 
Posts: 11
Joined: December 18th, 2009, 10:53 pm
Top

Re: Internet Problems

Unread postby RJay0890 » January 8th, 2010, 4:07 pm

info.txt logfile of random's system information tool 1.06 2010-01-08 15:01:32

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->"C:\Program Files\TOSHIBA Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Blackhawk Striker 2\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\FATE\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Mystery P.I. - The Lottery Ticket\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Sea Life Safari\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Virtual Villagers - A New Home\Uninstall.exe"
-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {926CC8AE-8414-43DF-8EB4-CF26D9C3C663}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.4-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adolix Wallpaper Changer 2.2-->"C:\Program Files\Adolix\Adolix Wallpaper Changer\unins000.exe"
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x9 -removeonly
Atheros Wi-Fi Protected Setup Library-->C:\Program Files\InstallShield Installation Information\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}\setup.exe -runfromtemp -l0x0009 -removeonly
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CD/DVD Drive Acoustic Silencer-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x0009 -removeonly
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x9
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Memeo AutoBackup-->C:\Program Files\InstallShield Installation Information\{03240EBA-04F2-4652-BC7F-B055902BDCD3}\setup.exe -runfromtemp -l0x0409
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Napster Burn Engine-->MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
Napster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe" -l0x9 -removeonly
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
QuickBooks Financial Center-->MsiExec.exe /I{890EF3F8-742F-46BD-9E8E-084B3A1F4364}
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x0409
TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x0009 -removeonly
TOSHIBA ConfigFree-->MsiExec.exe /X{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0009 -ADDREMOVE -removeonly
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0409
TOSHIBA Flash Cards Support Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{620BBA5E-F848-4D56-8BDA-584E44584C5E}
TOSHIBA Games-->"C:\Program Files\TOSHIBA Games\Uninstall.exe"
TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1033
Toshiba Registration-->MsiExec.exe /I{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Software Upgrades-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe" -l0x9 -removeonly
TOSHIBA Speech System Applications-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
TOSHIBA Supervisor Password-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1033
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0409
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Office 2007 (KB934528)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
Update for Office System 2007 Setup (KB929722)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D8E9BEBD-655F-467D-8176-CA9959C140A3}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: Rjay-owner
Event Code: 4374
Message: Windows Servicing identified that package KB972036(Update) is not applicable for this system
Record Number: 50379
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903180759.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Rjay-owner
Event Code: 4374
Message: Windows Servicing identified that package KB972036(Update) is not applicable for this system
Record Number: 50378
Source Name: Microsoft-Windows-Servicing
Time Written: 20090903180758.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Rjay-owner
Event Code: 7000
Message: The Parallel port driver service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 50279
Source Name: Service Control Manager
Time Written: 20090903180405.000000-000
Event Type: Error
User:

Computer Name: Rjay-owner
Event Code: 15016
Message: Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
Record Number: 50239
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090903180311.594436-000
Event Type: Error
User:

Computer Name: Rjay-owner
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.

Record Number: 50225
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20090903042945.936400-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Rjay-owner
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1926262843-4026421499-2628908753-1000_Classes:
Process 944 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1926262843-4026421499-2628908753-1000_CLASSES

Record Number: 1260
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090510051508.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Rjay-owner
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1926262843-4026421499-2628908753-1000:
Process 944 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1926262843-4026421499-2628908753-1000

Record Number: 1259
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090510051507.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Rjay-owner
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1926262843-4026421499-2628908753-1000:
Process 604 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-1926262843-4026421499-2628908753-1000

Record Number: 1235
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090510051205.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Rjay-owner
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 1207
Source Name: Microsoft-Windows-WMI
Time Written: 20090509190354.000000-000
Event Type: Error
User:

Computer Name: Rjay-owner
Event Code: 1008
Message: The Windows Search Service is attempting to remove the old catalog.

Record Number: 1203
Source Name: Microsoft-Windows-Search
Time Written: 20090509190346.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: Rjay-owner
Event Code: 4647
Message: User initiated logoff:

Subject:
Security ID: S-1-5-21-1926262843-4026421499-2628908753-500
Account Name: Administrator
Account Domain: WIN-KYHVYMRWRSQ
Logon ID: 0x3bb40

This event is generated when a logoff is initiated but the token reference count is not zero and the logon session cannot be destroyed. No further user-initiated activity can occur. This event can be interpreted as a logoff event.
Record Number: 1366
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090509063902.027600-000
Event Type: Audit Success
User:

Computer Name: WIN-KYHVYMRWRSQ
Event Code: 1108
Message: The event logging service encountered an error while processing an incoming event published from Microsoft-Windows-Security-Auditing.
Record Number: 1365
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090509063900.686000-000
Event Type: Audit Success
User:

Computer Name: WIN-KYHVYMRWRSQ
Event Code: 1108
Message: The event logging service encountered an error while processing an incoming event published from Microsoft-Windows-Security-Auditing.
Record Number: 1364
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090509063900.686000-000
Event Type: Audit Success
User:

Computer Name: WIN-KYHVYMRWRSQ
Event Code: 1100
Message: The event logging service has shut down.
Record Number: 1363
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090509063900.467600-000
Event Type: Audit Success
User:

Computer Name: WIN-KYHVYMRWRSQ
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-1926262843-4026421499-2628908753-500
Account Name: Administrator
Domain Name: WIN-KYHVYMRWRSQ
Logon ID: 0x3bb40
Record Number: 1362
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090509063819.050300-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------
RJay0890
Active Member
 
Posts: 11
Joined: December 18th, 2009, 10:53 pm
Top

Re: Internet Problems

Unread postby Dakeyras » January 8th, 2010, 5:47 pm

Hi. :)

Hello and thank you for your help! My computer seems to be running as smoothly as it was before.
You're welcome and thanks for the update.

Norton/Symantec RT:

Please download the Norton Removal Tool and Save it to your Desktop.

  • Close all programs and right-click the Norton_Removal_Tool.exe and select Run as Administrator.
  • Follow the on-screen instructions.
  • Restart the computer if asked.
  • Then delete Norton_Removal_Tool.exe from your desktop.

Reset Host File:

  • Open Notepad.
  • Copy and Paste everything from the Code Box below into Notepad: <-- Start >> Run... type in notepad and select OK
Code: Select all
@Echo off
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
del %0
  • Go to File >> Save As
  • Save File name as "Dakeyras.bat" <-- Make sure to include the quotes.
  • Change Save as Type to All Files and save the file to your Desktop.
  • It should look similar to this: Image

Now right-click on the desktop Dakeyras.bat and select Run as Administrator to run the batch file. It will self-delete when completed.

Flash_Disinfector:

  • Please download Flash_Disinfector and save it to your desktop.
  • Right click on Flash_Disinfector.exe and select Run As Administrator to run it. If you receive a prompt, please allow it.
  • You will be prompted to plug in your flash drive. Plug it in. <-- Repeat this for all the Flash/USB drives you have.
  • Flash_Disinfector will start disinfecting your flash and hard drives. This takes a few seconds. Your desktop will disappear in the meantime.
  • When done, a message box will appear. Click OK. Your desktop should now appear. If it doesn't, press Ctrl + Shift + Esc to open Task Manager.
  • Click on File > New Task (Run...). Type in explorer.exe and press Enter. Your desktop should now appear.

Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder...it will help protect your drives from future infection.

Scan with GMER:

Please download GMER Rootkit Scanner from here.

  • Right-click the .exe file and select Run as Administrator. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO

    Image
    Click the image to enlarge it

  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file
  • Save it where you can easily find it, such as your desktop, and post it in reply
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
Note: Do not run any programs while Gmer is running.

When completed the above, please post back the following:

  • How is your computer performing now? Any problems encountered and or any further symptoms?
  • GMER Log.
  • A new RSIT Log. <-- Remember to right-click on RSIT.exe and select Run as Administrator. Only one log will be created this time.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Top

Re: Internet Problems

Unread postby RJay0890 » January 9th, 2010, 4:59 pm

My PC is still running smooth from what I can tell. Here are the logs

Logfile of random's system information tool 1.06 (written by random/random)
Run by Rjay at 2010-01-09 15:49:34
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 65 GB (43%) free of 151 GB
Total RAM: 2038 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:49:50 PM, on 1/9/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Adolix\Adolix Wallpaper Changer\AWC.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Rjay\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Rjay.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Wallpaper Manager] C:\Program Files\Adolix\Adolix Wallpaper Changer\AWC.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9683 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-10 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-08 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-10-30 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-09 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-08 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-09-20 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-09-20 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-09-20 129560]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-15 448080]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-09-11 180224]
"jswtrayutil"=C:\Program Files\Jumpstart\jswtrayutil.exe []
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"NDSTray.exe"=NDSTray.exe []
"HWSetup"=\HWSetup.exe hwSetUP []
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-02-18 1862144]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-29 4911104]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-12-10 2043160]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=TOSCDSPD.EXE []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-09 39408]
"Wallpaper Manager"=C:\Program Files\Adolix\Adolix Wallpaper Changer\AWC.exe [2008-03-14 1946624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-09-13 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\TOSHIBA\ivp\NetInt\Netint.exe"="C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"
"C:\TOSHIBA\Ivp\ISM\pinger.exe"="C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a00f7b8-d961-11de-b997-001eec33ad48}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\m.exe /s

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64bdc195-dad5-11de-9e25-001eec33ad48}]
shell\AutoRun\command - E:\slacker.synclauncher.exe
shell\slacker\command - E:\slacker.synclauncher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{738c6b62-3da2-11de-932e-001eec33ad48}]
shell\AutoRun\command - E:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aabda668-7249-11de-9a0e-001eec33ad48}]
shell\AutoRun\command - F:\start.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-01-08 15:01:14 ----D---- C:\rsit
2010-01-08 14:48:34 ----D---- C:\Users\Rjay\AppData\Roaming\Malwarebytes
2010-01-08 14:48:26 ----D---- C:\ProgramData\Malwarebytes
2010-01-08 14:48:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-02 01:01:45 ----D---- C:\Program Files\Trend Micro
2009-12-15 01:05:33 ----D---- C:\Users\Rjay\AppData\Roaming\WildTangent
2009-12-12 13:53:25 ----D---- C:\Program Files\Windows Portable Devices
2009-12-12 13:23:24 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-12-12 13:23:24 ----A---- C:\Windows\system32\UIAnimation.dll
2009-12-12 13:23:23 ----A---- C:\Windows\system32\UIRibbon.dll
2009-12-12 13:22:41 ----A---- C:\Windows\system32\WMPhoto.dll
2009-12-12 13:22:40 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-12-12 13:22:40 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-12-12 13:22:40 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-12-12 13:22:40 ----A---- C:\Windows\system32\d3d10warp.dll
2009-12-12 13:22:40 ----A---- C:\Windows\system32\cdd.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\xpsservices.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\XpsPrint.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-12-12 13:22:39 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\OpcServices.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\FntCache.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\dxgi.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\dxdiagn.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\dxdiag.exe
2009-12-12 13:22:39 ----A---- C:\Windows\system32\DWrite.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d11.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d10level9.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d10core.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d10_1.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d3d10.dll
2009-12-12 13:22:39 ----A---- C:\Windows\system32\d2d1.dll
2009-12-12 13:22:10 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-12-12 13:22:10 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-12-12 13:22:10 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-12-12 13:22:08 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\WPDSp.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\wpdshext.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\WpdMtp.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\WpdConns.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\wpd_ci.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-12-12 13:22:07 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-12-12 13:21:00 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-12-12 13:21:00 ----A---- C:\Windows\system32\oleaccrc.dll
2009-12-12 13:21:00 ----A---- C:\Windows\system32\oleacc.dll
2009-12-12 13:18:46 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-12 13:18:44 ----A---- C:\Windows\system32\httpapi.dll
2009-12-11 04:11:26 ----D---- C:\Windows\system32\eu-ES
2009-12-11 04:11:26 ----D---- C:\Windows\system32\ca-ES
2009-12-11 04:11:18 ----D---- C:\Windows\system32\vi-VN
2009-12-11 00:54:41 ----D---- C:\Windows\system32\EventProviders

======List of files/folders modified in the last 1 months======

2010-01-09 15:49:34 ----D---- C:\Windows\Temp
2010-01-09 14:34:46 ----D---- C:\Program Files\Mozilla Firefox
2010-01-09 14:34:08 ----HD---- C:\ProgramData
2010-01-09 14:33:40 ----SHD---- C:\Windows\Installer
2010-01-09 14:32:35 ----D---- C:\Windows\Prefetch
2010-01-08 19:22:01 ----SHD---- C:\System Volume Information
2010-01-08 15:53:28 ----HD---- C:\$AVG8.VAULT$
2010-01-08 14:48:27 ----D---- C:\Windows\system32\drivers
2010-01-08 14:48:25 ----RD---- C:\Program Files
2010-01-08 14:41:12 ----D---- C:\Windows
2010-01-04 21:45:46 ----AD---- C:\Windows\System32
2010-01-04 21:45:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-04 21:45:45 ----D---- C:\Windows\inf
2010-01-03 19:17:00 ----SD---- C:\Users\Rjay\AppData\Roaming\Microsoft
2010-01-01 12:38:52 ----D---- C:\Windows\system32\catroot2
2009-12-18 18:44:45 ----D---- C:\Program Files\Google
2009-12-15 01:05:30 ----D---- C:\ProgramData\WildTangent
2009-12-12 14:21:26 ----D---- C:\Windows\Microsoft.NET
2009-12-12 14:21:17 ----RSD---- C:\Windows\assembly
2009-12-12 14:12:39 ----D---- C:\Windows\rescache
2009-12-12 13:56:46 ----D---- C:\Windows\system32\Tasks
2009-12-12 13:53:28 ----D---- C:\Windows\system32\en-US
2009-12-12 13:53:25 ----D---- C:\Windows\system32\wbem
2009-12-12 13:53:20 ----D---- C:\Windows\system32\zh-TW
2009-12-12 13:53:20 ----D---- C:\Windows\system32\zh-HK
2009-12-12 13:53:20 ----D---- C:\Windows\system32\zh-CN
2009-12-12 13:53:20 ----D---- C:\Windows\system32\uk-UA
2009-12-12 13:53:20 ----D---- C:\Windows\system32\tr-TR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\th-TH
2009-12-12 13:53:20 ----D---- C:\Windows\system32\sv-SE
2009-12-12 13:53:20 ----D---- C:\Windows\system32\sr-Latn-CS
2009-12-12 13:53:20 ----D---- C:\Windows\system32\sl-SI
2009-12-12 13:53:20 ----D---- C:\Windows\system32\sk-SK
2009-12-12 13:53:20 ----D---- C:\Windows\system32\ru-RU
2009-12-12 13:53:20 ----D---- C:\Windows\system32\ro-RO
2009-12-12 13:53:20 ----D---- C:\Windows\system32\pt-PT
2009-12-12 13:53:20 ----D---- C:\Windows\system32\pt-BR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\pl-PL
2009-12-12 13:53:20 ----D---- C:\Windows\system32\nl-NL
2009-12-12 13:53:20 ----D---- C:\Windows\system32\lv-LV
2009-12-12 13:53:20 ----D---- C:\Windows\system32\lt-LT
2009-12-12 13:53:20 ----D---- C:\Windows\system32\ko-KR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\ja-JP
2009-12-12 13:53:20 ----D---- C:\Windows\system32\it-IT
2009-12-12 13:53:20 ----D---- C:\Windows\system32\hu-HU
2009-12-12 13:53:20 ----D---- C:\Windows\system32\hr-HR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\he-IL
2009-12-12 13:53:20 ----D---- C:\Windows\system32\fr-FR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\fi-FI
2009-12-12 13:53:20 ----D---- C:\Windows\system32\et-EE
2009-12-12 13:53:20 ----D---- C:\Windows\system32\es-ES
2009-12-12 13:53:20 ----D---- C:\Windows\system32\el-GR
2009-12-12 13:53:20 ----D---- C:\Windows\system32\de-DE
2009-12-12 13:53:20 ----D---- C:\Windows\system32\cs-CZ
2009-12-12 13:53:20 ----D---- C:\Windows\system32\bg-BG
2009-12-12 13:53:20 ----D---- C:\Windows\system32\ar-SA
2009-12-12 13:53:19 ----D---- C:\Windows\system32\nb-NO
2009-12-12 13:53:19 ----D---- C:\Windows\system32\da-DK
2009-12-12 13:23:38 ----D---- C:\Windows\winsxs
2009-12-12 13:23:36 ----D---- C:\Windows\system32\catroot
2009-12-11 04:25:07 ----SHD---- C:\Boot
2009-12-11 04:17:33 ----D---- C:\Program Files\Windows Calendar
2009-12-11 04:17:32 ----D---- C:\Program Files\Windows Mail
2009-12-11 04:17:32 ----D---- C:\Program Files\Movie Maker
2009-12-11 04:17:25 ----D---- C:\Program Files\Windows Sidebar
2009-12-11 04:17:25 ----D---- C:\Program Files\Windows Media Player
2009-12-11 04:17:25 ----D---- C:\Program Files\Internet Explorer
2009-12-11 04:17:23 ----D---- C:\Program Files\Windows Collaboration
2009-12-11 04:17:22 ----D---- C:\Program Files\Windows Journal
2009-12-11 04:17:14 ----D---- C:\Program Files\Common Files\System
2009-12-11 04:17:13 ----D---- C:\Program Files\Windows Photo Gallery
2009-12-11 04:16:55 ----D---- C:\Windows\servicing
2009-12-11 04:16:55 ----D---- C:\Program Files\Windows Defender
2009-12-11 04:16:54 ----D---- C:\Windows\ehome
2009-12-11 04:16:02 ----D---- C:\Windows\IME
2009-12-11 04:16:01 ----D---- C:\Windows\system32\XPSViewer
2009-12-11 04:15:56 ----D---- C:\Windows\system32\oobe
2009-12-11 04:15:55 ----D---- C:\Windows\system32\migration
2009-12-11 04:15:44 ----D---- C:\Windows\system32\AdvancedInstallers
2009-12-11 04:15:43 ----D---- C:\Windows\system32\setup
2009-12-11 04:15:42 ----D---- C:\Windows\system32\SLUI
2009-12-11 04:15:38 ----D---- C:\Windows\system32\manifeststore
2009-12-11 04:15:38 ----D---- C:\Windows\system32\en
2009-12-11 04:15:19 ----D---- C:\Windows\system32\migwiz
2009-12-11 04:11:38 ----RSD---- C:\Windows\Fonts
2009-12-11 04:11:38 ----D---- C:\Windows\AppPatch
2009-12-11 04:11:18 ----D---- C:\Windows\system32\Boot
2009-12-11 04:09:16 ----D---- C:\Windows\system32\RTCOM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-07-30 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-07-30 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-05-12 108552]
R1 Cdr4_xp;Cdr4_xp; C:\Windows\system32\drivers\Cdr4_xp.sys [2006-10-04 2432]
R1 Cdralw2k;Cdralw2k; C:\Windows\system32\drivers\Cdralw2k.sys [2006-10-04 2560]
R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2007-08-31 20352]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-08-30 140800]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-01-25 764416]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-09-13 1925632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-30 2058528]
R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 89088]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2007-05-23 49904]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-01 235520]
S3 motccgp;Motorola USB Composite Device Driver; C:\Windows\system32\DRIVERS\motccgp.sys [2008-08-21 18688]
S3 motccgpfl;MotCcgpFlService; C:\Windows\system32\DRIVERS\motccgpfl.sys [2008-08-21 8320]
S3 motmodem;Motorola USB CDC ACM Driver; C:\Windows\system32\DRIVERS\motmodem.sys [2007-06-18 23680]
S3 motport;Motorola USB Diagnostic Port; C:\Windows\system32\DRIVERS\motport.sys [2007-06-18 23680]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S3 pwtyauob;pwtyauob; \??\C:\Users\Rjay\AppData\Local\Temp\pwtyauob.sys []
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2008-04-16 22784]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-09-30 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-11-08 219264]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-11-08 211072]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-20 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-30 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-30 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 pinger;pinger; C:\Toshiba\IVP\ISM\pinger.exe [2007-01-25 136816]
R2 Swupdtmr;Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [2007-10-23 66928]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 128360]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-02 135664]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-20 21504]
S3 GameConsoleService;GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [2007-09-24 181784]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-02-18 1862144]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-09 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe [2007-10-29 937984]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
RJay0890
Active Member
 
Posts: 11
Joined: December 18th, 2009, 10:53 pm
Top

Re: Internet Problems

Unread postby RJay0890 » January 9th, 2010, 4:59 pm

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-09 15:49:13
Windows 6.0.6002 Service Pack 2
Running: 3h83dg2z.exe; Driver: C:\Users\Rjay\AppData\Local\Temp\pwtyauob.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----
RJay0890
Active Member
 
Posts: 11
Joined: December 18th, 2009, 10:53 pm
Top

Re: Internet Problems

Unread postby Dakeyras » January 9th, 2010, 6:15 pm

Hi. :)

My PC is still running smooth from what I can tell.
OK and thanks for the update.

Next:

Out of date Adobe and Java installations pose a security risk. They can be used by malware as a means to infect a computer and or re-infect. We will update both in due course.

Now please go to Start >> Control Panel >> Programs and Features and remove the following (if present):

Adobe Reader 8.1.4
Java(TM) 6 Update 3

To do so click once on each of the below and click on Uninstall/Change and follow the prompts.

New Adobe Reader Installation:

  • Go here and click on AdbeRdr920_en_US.exe to download the latest version of Adobe Reader.
  • Save this file to your desktop and run it to install the latest version of Adobe Reader.

New Java Installation:

  • Click here to visit Java's website.
  • Scroll down to Java SE Runtime Environment (JRE) 6 Update 17. Click on Download.
  • Select Windows from the drop-down list for Platform.
  • Select Multi-language from the drop-down list for Language.
  • Check (tick) I agree to the Java SE Runtime Environment 6 License Agreement box and click on Continue.
  • Click on jre-6u17-windows-i586.exe link to download it and save this to a convenient location.
  • Double click on jre-6u17-windows-i586.exe to install Java.

Next:

Please run TFC(Temp File Cleaner) again as outlined here.

Run Kaspersky Online AV Scanner:

Right click on your favourite web browser (Internet Explorer, Firefox, etc) and select Run As Administrator to run it.

Go to Kaspersky website and perform an online antivirus scan.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
    • Archives
    • Mail databases
  • Click on My Computer under Scan and then put the kettle on!
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.

This online tuturial will help explain how to use the aforementioned online scan.

When completed the above, please post back the following:

  • Inform myself how your computer is running. Any problems encountered and or further symptoms?
  • Kaspersky results.
  • A new HijackThis Log. <-- Remember to right-click on HijackThis and select Run as Administrator.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Top

Re: Internet Problems

Unread postby RJay0890 » January 10th, 2010, 1:25 pm

Hello Again! My pc had a random freeze up while trying to wake it up from sleep. This is a first time occurrence. Other than that I have had no problems.

Here are the results:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Sunday, January 10, 2010
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Sunday, January 10, 2010 06:35:05
Records in database: 3296091
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\

Scan statistics:
Objects scanned: 146760
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 02:35:04

No threats found. Scanned area is clean.

Selected area has been scanned.









Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:23:57 PM, on 1/10/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Adolix\Adolix Wallpaper Changer\AWC.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files\Jumpstart\jswtrayutil.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Wallpaper Manager] C:\Program Files\Adolix\Adolix Wallpaper Changer\AWC.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9709 bytes
RJay0890
Active Member
 
Posts: 11
Joined: December 18th, 2009, 10:53 pm
Top

Re: Internet Problems

Unread postby Dakeyras » January 10th, 2010, 4:26 pm

Hi. :)

OK I do not actually think you have a malware problem nor is it anything hardware related with your computer far as I can tell. What you mentioned in you first post may be the actual culprit, as in the Modem/Router in use may be faulty and or problems with your actual ISP.

Not a lot I can do about that I'm afraid apart from advise contact your ISP and by all means inform them you have had your computer checked for any malware issues.

My pc had a random freeze up while trying to wake it up from sleep. This is a first time occurrence
This we can check as follows:-

Check Hard Disk For Errors:

  • Open Notepad.
  • Copy and Paste everything from the Code Box below into Notepad: <-- Start >> Run... type in notepad and select OK
Code: Select all
@Echo off
cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
del %0
  • Go to File >> Save As
  • Save File name as "Dakeyras.bat" <-- Make sure to include the quotes.
  • Change Save as Type to All Files and save the file to your Desktop.
  • It should look similar to this: Image

Now right-click on the desktop Dakeyras.bat and select Run as Administrator to run the batch file. It will self-delete when completed.

A file icon named checkhd.txt should appear on your Desktop. Please post the contents of this file in your next reply.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Top

Re: Internet Problems

Unread postby RJay0890 » January 10th, 2010, 11:24 pm

The file didnt auto delete but here's the log.

The type of the file system is NTFS.
Volume label is SQ004680V03.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
RJay0890
Active Member
 
Posts: 11
Joined: December 18th, 2009, 10:53 pm
Top

Re: Internet Problems

Unread postby Dakeyras » January 11th, 2010, 5:41 am

Hi. :)

The file didnt auto delete but here's the log.
Hmmm strange it should have but no matter, the log appears to be incomplete but no need to run the batch file again however.

Please carry out all the advice here

Vista Check-Disk:

Please visit this webpage and scroll down to:

METHOD ONE:
Run Check Disk from within Vista

Then follow the instructions through 1 - 10

Note: Please make sure you do carry out the above as it is vital!

When completed the above let myself know if any further issues, thank you.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Top

Re: Internet Problems

Unread postby RJay0890 » January 12th, 2010, 1:00 pm

Thanks for all your help! My pc seems to be running better than ever. I appreciate all of your help.
RJay0890
Active Member
 
Posts: 11
Joined: December 18th, 2009, 10:53 pm
Top
Advertisement
Register to Remove
Next
Topic locked
  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 106 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index