I purchased a new laptop about a month ago and it has had some strange behaviour. It sometimes restarts after I start up and I don't know why. I am worried there is something bad on my computer so I performed the steps on this post https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/ and have attached the results.
Mbam
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.01.20.08
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
dit15_000 :: ROROHIKO [administrator]
1/21/2013 1:41:21 PM
mbam-log-2013-01-21 (13-41-21).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208641
Time elapsed: 2 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453
Run by dit15_000 at 13:28:04 on 2013-01-21
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.4050.1321 [GMT 13:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\system32\dwm.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\dashost.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.11\ccSvcHst.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Teco\TecoService.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.11\ccSvcHst.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
C:\Program Files\TOSHIBA\Teco\TecoResident.exe
C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.11\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\system32\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
C:\Program Files\WindowsApps\Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe\glcnd.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://toshiba13.msn.com
uDefault_Page_URL = hxxp://toshiba13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ips\ipsbho.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [TPUReg(x86)] "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
mRun: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\DIT15_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{228993F8-0499-4926-9E4D-670E124268C5} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{228993F8-0499-4926-9E4D-670E124268C5}\4586F6D637F6E6134413642343 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F00F0B28-26A4-4CA0-968F-FDAF1BE516C7} : DHCPNameServer = 127.0.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe
x64-Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
x64-Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
x64-Run: [SRS Premium Sound HD] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2012-10-13 645952]
R0 THAccel;THAccel;C:\windows\System32\Drivers\THAccel.sys [2012-10-13 131520]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\Drivers\tos_sps64.sys [2012-10-13 499096]
R1 aswnet;avast! AG Firewall Core Driver;C:\windows\System32\Drivers\aswnet.sys [2013-1-21 470192]
R1 aswSP;aswSP;C:\windows\System32\Drivers\aswSP.sys [2013-1-21 370288]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-8-9 239616]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\Drivers\aswFsBlk.sys [2013-1-21 25232]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\Drivers\aswMonFlt.sys [2013-1-21 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-1-21 44808]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-1-13 101376]
R2 GFNEXSrv;GFNEX Service;C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [2011-10-14 156672]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-10-13 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-10-13 166720]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccsvchst.exe [2012-12-13 143928]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.11\SymcPCCULaunchSvc.exe [2012-10-13 123320]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.11\ccSvcHst.exe [2012-10-13 126392]
R2 PEGAGFN;PEGAGFN;C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [2009-9-12 14344]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-11-28 548264]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-10-17 386920]
R2 THAccelSvc;TOSHIBA HDD Accelerator Service;C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [2012-8-11 214488]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\Teco\TecoService.exe [2012-8-25 291240]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\Drivers\TVALZFL.sys [2012-7-22 16768]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-13 365376]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\Drivers\AtihdW86.sys [2012-7-18 98472]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130107.001\BHDrvx64.sys [2013-1-9 1384608]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\windows\System32\Drivers\btfilter.sys [2012-7-12 43944]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\windows\System32\Drivers\NISx64\1402000.013\ccsetx64.sys [2012-12-13 168096]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-12-13 138912]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130109.001\IDSviA64.sys [2013-1-10 513184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUStor.sys [2012-10-13 252048]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2012-10-13 690832]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2012-9-11 43832]
R3 SymDS;Symantec Data Store;C:\windows\System32\Drivers\NISx64\1402000.013\symds64.sys [2012-12-13 493216]
R3 SymEFA;Symantec Extended File Attributes;C:\windows\System32\Drivers\NISx64\1402000.013\symefa64.sys [2012-12-13 1133216]
R3 SymIRON;Symantec Iron Driver;C:\windows\System32\Drivers\NISx64\1402000.013\ironx64.sys [2012-12-13 224416]
R3 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\Drivers\NISx64\1402000.013\symnets.sys [2012-12-13 432800]
R3 TMachInfo;TMachInfo;C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-7-28 53384]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2012-7-29 458152]
S0 SymELAM;Symantec ELAM Driver;C:\windows\System32\Drivers\NISx64\1402000.013\symelam.sys [2012-12-13 23448]
S1 aswSnx;aswSnx;C:\windows\System32\Drivers\aswSnx.sys [2013-1-21 984144]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-13 206072]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\Drivers\rtwlane.sys [2012-6-30 1119232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\Drivers\usbaapl64.sys [2012-9-28 53760]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-01-21 00:19:31--------d-----w-C:\Users\dit15_000\AppData\Roaming\Malwarebytes
2013-01-21 00:19:1424176----a-w-C:\windows\System32\drivers\mbam.sys
2013-01-21 00:19:14--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-21 00:18:50--------d-----w-C:\Users\dit15_000\AppData\Local\Programs
2013-01-20 20:58:0754072----a-w-C:\windows\System32\drivers\aswRdr2.sys
2013-01-20 20:57:54984144----a-w-C:\windows\System32\drivers\aswSnx.sys
2013-01-20 20:57:54470192----a-w-C:\windows\System32\drivers\aswnet.sys
2013-01-20 20:57:4771600----a-w-C:\windows\System32\drivers\aswMonFlt.sys
2013-01-20 20:57:2441224----a-w-C:\windows\avastSS.scr
2013-01-20 20:57:15--------d-----w-C:\ProgramData\AVAST Software
2013-01-20 20:57:15--------d-----w-C:\Program Files\AVAST Software
2013-01-19 13:58:39--------d-----w-C:\Users\dit15_000\AppData\Local\HP
2013-01-18 22:23:56432800----a-w-C:\windows\System32\drivers\NISx64\1402010.016\symnets.sys
2013-01-18 22:23:55776864----a-w-C:\windows\System32\drivers\NISx64\1402010.016\srtsp64.sys
2013-01-18 22:23:55493216----a-w-C:\windows\System32\drivers\NISx64\1402010.016\symds64.sys
2013-01-18 22:23:5537496----a-r-C:\windows\System32\drivers\NISx64\1402010.016\srtspx64.sys
2013-01-18 22:23:5523448----a-r-C:\windows\System32\drivers\NISx64\1402010.016\symelam.sys
2013-01-18 22:23:55224416----a-w-C:\windows\System32\drivers\NISx64\1402010.016\ironx64.sys
2013-01-18 22:23:55168096----a-w-C:\windows\System32\drivers\NISx64\1402010.016\ccsetx64.sys
2013-01-18 22:23:551133216----a-w-C:\windows\System32\drivers\NISx64\1402010.016\symefa64.sys
2013-01-18 22:23:44--------d-----w-C:\windows\System32\drivers\NISx64\1402010.016
2013-01-17 02:41:51184000----a-w-C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10189.bin
2013-01-17 01:31:49--------d-----w-C:\Program Files (x86)\Common Files\Digidesign
2013-01-17 01:31:481332224----a-w-C:\windows\SysWow64\SYNSOEMU.DLL
2013-01-13 05:15:24--------d-----w-C:\ProgramData\Freemake
2013-01-13 05:15:13--------d-----w-C:\Program Files (x86)\Freemake
2013-01-13 05:12:07--------d-----w-C:\Program Files (x86)\Audacity
2013-01-11 21:03:05--------d-----w-C:\Program Files (x86)\ESET
2013-01-11 10:24:28--------d-----w-C:\ProgramData\Malwarebytes
2013-01-09 22:58:55--------d-----w-C:\Users\dit15_000\AppData\Roaming\OpenOffice.org
2013-01-09 22:44:30--------d-----w-C:\Program Files (x86)\OpenOffice.org 3
2013-01-09 22:37:10--------d-----w-C:\Users\dit15_000\AppData\Local\Adobe
2013-01-09 22:21:11--------d-----w-C:\Users\dit15_000\AppData\Roaming\AVG2013
2013-01-09 22:17:46--------d-----w-C:\Users\dit15_000\AppData\Roaming\TuneUp Software
2013-01-09 22:17:07--------d-----w-C:\ProgramData\AVG2013
2013-01-09 22:16:26--------d-----w-C:\Program Files (x86)\AVG
2013-01-09 22:13:14--------d--h--w-C:\ProgramData\Common Files
2013-01-09 22:13:14--------d-----w-C:\Users\dit15_000\AppData\Local\MFAData
2013-01-09 22:13:14--------d-----w-C:\Users\dit15_000\AppData\Local\Avg2013
2013-01-09 22:13:14--------d-----w-C:\ProgramData\MFAData
2013-01-09 21:03:562397184----a-w-C:\windows\System32\WpcMon.exe
2013-01-09 07:01:2886016----a-w-C:\windows\System32\ncryptsslp.dll
2013-01-09 07:01:2871168----a-w-C:\windows\SysWow64\ncryptsslp.dll
2013-01-09 06:58:322361344----a-w-C:\windows\System32\msxml6.dll
2013-01-09 06:58:321836032----a-w-C:\windows\System32\msxml3.dll
2013-01-09 06:58:321802240----a-w-C:\windows\SysWow64\msxml6.dll
2013-01-09 06:58:312048----a-w-C:\windows\SysWow64\msxml6r.dll
2013-01-09 06:58:312048----a-w-C:\windows\SysWow64\msxml3r.dll
2013-01-09 06:58:312048----a-w-C:\windows\System32\msxml6r.dll
2013-01-09 06:58:312048----a-w-C:\windows\System32\msxml3r.dll
2013-01-09 06:58:311438720----a-w-C:\windows\SysWow64\msxml3.dll
2013-01-03 05:08:48--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-03 05:08:48--------d-----w-C:\Program Files\iTunes
2013-01-03 05:08:48--------d-----w-C:\Program Files\iPod
2013-01-03 05:08:48--------d-----w-C:\Program Files (x86)\iTunes
2012-12-30 23:18:2781408----a-w-C:\Program Files (x86)\taskkill.exe
2012-12-30 23:05:2033240----a-w-C:\windows\System32\drivers\GEARAspiWDM.sys
2012-12-29 23:55:51--------d-----w-C:\Program Files (x86)\uTorrent
2012-12-29 23:55:09--------d-----w-C:\Users\dit15_000\AppData\Roaming\uTorrent
2012-12-29 00:42:23--------d-----w-C:\Program Files\SharePod
2012-12-28 05:57:1146080----a-w-C:\windows\System32\atmlib.dll
2012-12-28 05:57:11362496----a-w-C:\windows\System32\atmfd.dll
2012-12-28 05:57:1135328----a-w-C:\windows\SysWow64\atmlib.dll
2012-12-28 05:57:11300032----a-w-C:\windows\SysWow64\atmfd.dll
.
==================== Find3M ====================
.
2012-12-18 23:32:5880728----a-w-C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-18 23:32:58695640----a-w-C:\windows\SysWow64\FlashPlayerApp.exe
2012-12-13 07:26:24348160----a-w-C:\windows\SysWow64\msvcr71.dll
2012-12-13 07:26:241060864----a-w-C:\windows\SysWow64\mfc71.dll
2012-12-06 04:23:00170496----a-w-C:\windows\System32\TimeBrokerServer.dll
2012-12-06 04:22:59178176----a-w-C:\windows\System32\SystemEventsBrokerServer.dll
2012-12-04 04:21:42368640----a-w-C:\windows\System32\sppwinob.dll
2012-12-04 03:59:084055552----a-w-C:\windows\System32\win32k.sys
2012-11-29 05:05:57707584----a-w-C:\windows\System32\AppXDeploymentExtensions.dll
2012-11-29 05:05:571131520----a-w-C:\windows\System32\AppXDeploymentServer.dll
2012-11-28 04:21:1744032----a-w-C:\windows\SysWow64\UXInit.dll
2012-11-28 04:20:5953760----a-w-C:\windows\System32\UXInit.dll
2012-11-27 07:00:32194280----a-w-C:\windows\System32\drivers\sdbus.sys
2012-11-27 07:00:29124648----a-w-C:\windows\System32\drivers\dumpsd.sys
2012-11-27 06:59:13329960----a-w-C:\windows\System32\drivers\storport.sys
2012-11-27 06:39:461122768----a-w-C:\windows\System32\Taskmgr.exe
2012-11-27 04:49:201027152----a-w-C:\windows\SysWow64\Taskmgr.exe
2012-11-27 04:20:501048064----a-w-C:\windows\SysWow64\mstsc.exe
2012-11-27 04:20:42179200----a-w-C:\windows\SysWow64\wpnapps.dll
2012-11-27 04:20:35891904----a-w-C:\windows\SysWow64\winmde.dll
2012-11-27 04:20:31798208----a-w-C:\windows\SysWow64\WebcamUi.dll
2012-11-27 04:20:2946592----a-w-C:\windows\SysWow64\vds_ps.dll
2012-11-27 04:20:28560128----a-w-C:\windows\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:231217536----a-w-C:\windows\SysWow64\storagewmi.dll
2012-11-27 04:20:15680960----a-w-C:\windows\System32\vds.exe
2012-11-27 04:20:07702464----a-w-C:\windows\SysWow64\nshwfp.dll
2012-11-27 04:20:071123840----a-w-C:\windows\System32\mstsc.exe
2012-11-27 04:18:59888832----a-w-C:\windows\System32\nshwfp.dll
2012-11-27 04:18:395974528----a-w-C:\windows\System32\mstscax.dll
2012-11-27 04:18:131071104----a-w-C:\windows\System32\IKEEXT.DLL
2012-11-27 04:18:06378880----a-w-C:\windows\System32\FWPUCLNT.DLL
2012-11-27 04:17:32718848----a-w-C:\windows\System32\BFE.DLL
2012-11-27 04:17:312302464----a-w-C:\windows\System32\authui.dll
2012-11-27 03:57:3218432----a-w-C:\windows\System32\drivers\BtaMPM.sys
2012-11-27 03:56:2931104----a-w-C:\windows\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:4429952----a-w-C:\windows\System32\drivers\BthhfHid.sys
2012-11-20 08:00:236971624----a-w-C:\windows\System32\ntoskrnl.exe
2012-11-20 05:24:191164800----a-w-C:\windows\SysWow64\Display.dll
2012-11-20 05:24:1736352----a-w-C:\windows\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:231184256----a-w-C:\windows\System32\Display.dll
2012-11-20 05:17:2049152----a-w-C:\windows\System32\DevDispItemProvider.dll
2012-11-20 05:02:466656----a-w-C:\windows\SysWow64\KBDKURD.DLL
2012-11-20 04:59:267168----a-w-C:\windows\System32\KBDKURD.DLL
2012-11-20 04:56:2727136----a-w-C:\windows\System32\drivers\usbohci.sys
2012-11-20 04:56:1183456----a-w-C:\windows\System32\drivers\hidclass.sys
2012-11-20 04:54:3139936----a-w-C:\windows\System32\drivers\hidi2c.sys
2012-11-15 06:08:412706432----a-w-C:\windows\System32\mshtml.tlb
2012-11-15 06:06:342706432----a-w-C:\windows\SysWow64\mshtml.tlb
2012-11-13 04:20:301120768----a-w-C:\windows\System32\msctf.dll
2012-11-13 04:19:23890880----a-w-C:\windows\SysWow64\msctf.dll
2012-11-10 04:23:25132608----a-w-C:\windows\SysWow64\poqexec.exe
2012-11-10 04:23:18148480----a-w-C:\windows\System32\poqexec.exe
2012-11-10 04:22:40122880----a-w-C:\windows\System32\VmHostAI.dll
2012-11-10 04:22:35144384----a-w-C:\windows\System32\tssdisai.dll
2012-11-10 04:22:14126976----a-w-C:\windows\System32\RDWebAI.dll
2012-11-10 04:20:20135680----a-w-C:\windows\System32\appserverai.dll
2012-11-09 04:49:512048----a-w-C:\windows\System32\tzres.dll
2012-11-09 04:03:482048----a-w-C:\windows\SysWow64\tzres.dll
2012-11-08 04:25:36523776----a-w-C:\windows\SysWow64\WSShared.dll
2012-11-08 04:25:36143872----a-w-C:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2012-11-08 04:25:36124928----a-w-C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:25:351775104----a-w-C:\windows\SysWow64\wininet.dll
2012-11-08 04:24:272881536----a-w-C:\windows\SysWow64\jscript9.dll
2012-11-08 04:24:2261440----a-w-C:\windows\SysWow64\iesetup.dll
2012-11-08 04:24:22109056----a-w-C:\windows\SysWow64\iesysprep.dll
2012-11-08 04:24:1975776----a-w-C:\windows\SysWow64\fontsub.dll
2012-11-08 04:24:0610752----a-w-C:\windows\SysWow64\dciman32.dll
2012-11-08 04:22:21641536----a-w-C:\windows\System32\WSShared.dll
2012-11-08 04:22:20198656----a-w-C:\windows\System32\Windows.ApplicationModel.Store.dll
2012-11-08 04:22:20163840----a-w-C:\windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:22:192246656----a-w-C:\windows\System32\wininet.dll
2012-11-08 04:22:12907776----a-w-C:\windows\System32\uxtheme.dll
2012-11-08 04:21:003966464----a-w-C:\windows\System32\jscript9.dll
2012-11-08 04:20:5667072----a-w-C:\windows\System32\iesetup.dll
2012-11-08 04:20:56136704----a-w-C:\windows\System32\iesysprep.dll
2012-11-08 04:20:5096256----a-w-C:\windows\System32\fontsub.dll
2012-11-08 04:20:3714336----a-w-C:\windows\System32\dciman32.dll
2012-11-08 04:02:163072----a-w-C:\windows\System32\lpk.dll
2012-11-08 04:01:403072----a-w-C:\windows\SysWow64\lpk.dll
2012-11-08 01:56:52534528----a-w-C:\windows\SysWow64\uxtheme.dll
2012-11-06 07:52:07445160----a-w-C:\windows\System32\drivers\USBHUB3.SYS
2012-11-06 07:52:04277736----a-w-C:\windows\System32\drivers\msiscsi.sys
2012-11-06 07:36:2369864----a-w-C:\windows\System32\drivers\pdc.sys
2012-11-06 07:33:46522640----a-w-C:\windows\System32\AUDIOKSE.dll
2012-11-06 07:33:46253512----a-w-C:\windows\System32\audiodg.exe
2012-11-06 07:33:45490064----a-w-C:\windows\System32\AudioEng.dll
2012-11-06 07:33:45447792----a-w-C:\windows\System32\AudioSes.dll
2012-11-06 07:33:301566432----a-w-C:\windows\System32\ole32.dll
2012-11-06 05:00:06463768----a-w-C:\windows\SysWow64\AUDIOKSE.dll
2012-11-06 05:00:06427568----a-w-C:\windows\SysWow64\AudioEng.dll
2012-11-06 05:00:06324344----a-w-C:\windows\SysWow64\AudioSes.dll
2012-11-06 04:54:132205696----a-w-C:\windows\SysWow64\PrintConfig.dll
2012-11-06 04:48:271150160----a-w-C:\windows\SysWow64\ole32.dll
2012-11-06 04:19:59470016----a-w-C:\windows\System32\wlanmsm.dll
2012-11-06 04:18:5884992----a-w-C:\windows\SysWow64\fdWCN.dll
2012-11-06 04:17:58110080----a-w-C:\windows\System32\dafWCN.dll
2012-11-06 04:17:42785920----a-w-C:\windows\System32\audiosrv.dll
2012-11-06 04:17:41169472----a-w-C:\windows\System32\AudioEndpointBuilder.dll
2012-11-06 04:17:352146816----a-w-C:\windows\System32\actxprxy.dll
2012-11-06 04:17:32212992----a-w-C:\windows\System32\bthprops.cpl
.
============= FINISH: 13:29:09.80 ===============
Attach
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 12/11/2012 11:33:03 PM
System Uptime: 1/21/2013 8:59:20 AM (5 hours ago)
.
Motherboard: Intel | | PLCSF8
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz | U3E1 | 1200/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 921 GiB total, 746.457 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP6: 12/31/2012 12:04:05 PM - Installed iTunes
RP7: 1/7/2013 1:11:20 PM - Scheduled Checkpoint
RP8: 1/10/2013 11:16:09 AM - Installed AVG 2013
RP9: 1/10/2013 11:16:33 AM - Installed AVG 2013
RP10: 1/11/2013 9:57:47 AM - Restore Operation
RP11: 1/17/2013 5:25:57 PM - Windows Update
RP12: 1/21/2013 9:38:39 AM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
Adobe Reader X (10.1.5) MUI
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
Atheros Bluetooth Filter Driver Package
Atheros Driver Installation Program
Audacity 2.0.2
avast! Free Antivirus
Bejeweled 3
Bonjour
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
ESET Online Scanner v3
Evernote v. 4.5.7
FL Studio 10
Freemake Audio Converter version 1.1.0
Google Chrome
Google Update Helper
IL Download Manager
Intel AppUp(SM) center
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel® Trusted Connect Service Client
iTunes
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft Office
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Norton Internet Security
Norton PC Checkup
OpenOffice.org 3.4.1
Plants vs. Zombies - Game of the Year
Premium Sound HD
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
reFX Nexus VSTi RTAS v2.2.0
Splashtop Remote Client
Splashtop Streamer
Synaptics Pointing Device Driver
TOSHIBA Desktop Assist
TOSHIBA eco Utility
TOSHIBA Function Key
TOSHIBA HDD Accelerator
Toshiba Password Utility
TOSHIBA PC Health Monitor
TOSHIBA Recovery Media Creator
TOSHIBA Resolution+ Plug-in for Windows Media Player
TOSHIBA Service Station
TOSHIBA System Driver
TOSHIBA System Settings
TOSHIBA VIDEO PLAYER
Update Installer for WildTangent Games App
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.5
WildTangent Games
WildTangent Games App (Toshiba Games)
WinRAR 4.20 (64-bit)
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
1/21/2013 12:32:09 AM, Error: disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0.
1/20/2013 11:46:09 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x0000000000000028, 0x0000000000000002, 0x0000000000000000, 0xfffff8800436ad7c). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 012013-36906-01.
1/19/2013 8:44:08 AM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.3. The computer with the IP address 192.168.0.4 did not allow the name to be claimed by this computer.
1/18/2013 8:12:35 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x0000000000000028, 0x0000000000000002, 0x0000000000000000, 0xfffff88004c02d7c). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011813-19734-01.
1/18/2013 5:57:48 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer BRAD-HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{228993F8-0499-4926-9E4D-670E124268C5}. The master browser is stopping or an election is being forced.
1/14/2013 5:28:53 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6. The computer with the IP address 192.168.0.4 did not allow the name to be claimed by this computer.
.
==== End Of File ===========================
Mbam
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.01.20.08
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
dit15_000 :: ROROHIKO [administrator]
1/21/2013 1:41:21 PM
mbam-log-2013-01-21 (13-41-21).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208641
Time elapsed: 2 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453
Run by dit15_000 at 13:28:04 on 2013-01-21
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.4050.1321 [GMT 13:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\system32\dwm.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\dashost.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.11\ccSvcHst.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Teco\TecoService.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.11\ccSvcHst.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
C:\Program Files\TOSHIBA\Teco\TecoResident.exe
C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.11\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\system32\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
C:\Program Files\WindowsApps\Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe\glcnd.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://toshiba13.msn.com
uDefault_Page_URL = hxxp://toshiba13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ips\ipsbho.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coieplg.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [TPUReg(x86)] "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
mRun: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\DIT15_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{228993F8-0499-4926-9E4D-670E124268C5} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{228993F8-0499-4926-9E4D-670E124268C5}\4586F6D637F6E6134413642343 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F00F0B28-26A4-4CA0-968F-FDAF1BE516C7} : DHCPNameServer = 127.0.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe
x64-Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
x64-Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
x64-Run: [SRS Premium Sound HD] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2012-10-13 645952]
R0 THAccel;THAccel;C:\windows\System32\Drivers\THAccel.sys [2012-10-13 131520]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\Drivers\tos_sps64.sys [2012-10-13 499096]
R1 aswnet;avast! AG Firewall Core Driver;C:\windows\System32\Drivers\aswnet.sys [2013-1-21 470192]
R1 aswSP;aswSP;C:\windows\System32\Drivers\aswSP.sys [2013-1-21 370288]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-8-9 239616]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\Drivers\aswFsBlk.sys [2013-1-21 25232]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\Drivers\aswMonFlt.sys [2013-1-21 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-1-21 44808]
R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-1-13 101376]
R2 GFNEXSrv;GFNEX Service;C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [2011-10-14 156672]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-10-13 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-10-13 166720]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccsvchst.exe [2012-12-13 143928]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.11\SymcPCCULaunchSvc.exe [2012-10-13 123320]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.11\ccSvcHst.exe [2012-10-13 126392]
R2 PEGAGFN;PEGAGFN;C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [2009-9-12 14344]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-11-28 548264]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-10-17 386920]
R2 THAccelSvc;TOSHIBA HDD Accelerator Service;C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [2012-8-11 214488]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\Teco\TecoService.exe [2012-8-25 291240]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\Drivers\TVALZFL.sys [2012-7-22 16768]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-13 365376]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\Drivers\AtihdW86.sys [2012-7-18 98472]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130107.001\BHDrvx64.sys [2013-1-9 1384608]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\windows\System32\Drivers\btfilter.sys [2012-7-12 43944]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\windows\System32\Drivers\NISx64\1402000.013\ccsetx64.sys [2012-12-13 168096]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-12-13 138912]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130109.001\IDSviA64.sys [2013-1-10 513184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUStor.sys [2012-10-13 252048]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2012-10-13 690832]
R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2012-9-11 43832]
R3 SymDS;Symantec Data Store;C:\windows\System32\Drivers\NISx64\1402000.013\symds64.sys [2012-12-13 493216]
R3 SymEFA;Symantec Extended File Attributes;C:\windows\System32\Drivers\NISx64\1402000.013\symefa64.sys [2012-12-13 1133216]
R3 SymIRON;Symantec Iron Driver;C:\windows\System32\Drivers\NISx64\1402000.013\ironx64.sys [2012-12-13 224416]
R3 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\Drivers\NISx64\1402000.013\symnets.sys [2012-12-13 432800]
R3 TMachInfo;TMachInfo;C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-7-28 53384]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2012-7-29 458152]
S0 SymELAM;Symantec ELAM Driver;C:\windows\System32\Drivers\NISx64\1402000.013\symelam.sys [2012-12-13 23448]
S1 aswSnx;aswSnx;C:\windows\System32\Drivers\aswSnx.sys [2013-1-21 984144]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-13 206072]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\Drivers\rtwlane.sys [2012-6-30 1119232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\Drivers\usbaapl64.sys [2012-9-28 53760]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-01-21 00:19:31--------d-----w-C:\Users\dit15_000\AppData\Roaming\Malwarebytes
2013-01-21 00:19:1424176----a-w-C:\windows\System32\drivers\mbam.sys
2013-01-21 00:19:14--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-21 00:18:50--------d-----w-C:\Users\dit15_000\AppData\Local\Programs
2013-01-20 20:58:0754072----a-w-C:\windows\System32\drivers\aswRdr2.sys
2013-01-20 20:57:54984144----a-w-C:\windows\System32\drivers\aswSnx.sys
2013-01-20 20:57:54470192----a-w-C:\windows\System32\drivers\aswnet.sys
2013-01-20 20:57:4771600----a-w-C:\windows\System32\drivers\aswMonFlt.sys
2013-01-20 20:57:2441224----a-w-C:\windows\avastSS.scr
2013-01-20 20:57:15--------d-----w-C:\ProgramData\AVAST Software
2013-01-20 20:57:15--------d-----w-C:\Program Files\AVAST Software
2013-01-19 13:58:39--------d-----w-C:\Users\dit15_000\AppData\Local\HP
2013-01-18 22:23:56432800----a-w-C:\windows\System32\drivers\NISx64\1402010.016\symnets.sys
2013-01-18 22:23:55776864----a-w-C:\windows\System32\drivers\NISx64\1402010.016\srtsp64.sys
2013-01-18 22:23:55493216----a-w-C:\windows\System32\drivers\NISx64\1402010.016\symds64.sys
2013-01-18 22:23:5537496----a-r-C:\windows\System32\drivers\NISx64\1402010.016\srtspx64.sys
2013-01-18 22:23:5523448----a-r-C:\windows\System32\drivers\NISx64\1402010.016\symelam.sys
2013-01-18 22:23:55224416----a-w-C:\windows\System32\drivers\NISx64\1402010.016\ironx64.sys
2013-01-18 22:23:55168096----a-w-C:\windows\System32\drivers\NISx64\1402010.016\ccsetx64.sys
2013-01-18 22:23:551133216----a-w-C:\windows\System32\drivers\NISx64\1402010.016\symefa64.sys
2013-01-18 22:23:44--------d-----w-C:\windows\System32\drivers\NISx64\1402010.016
2013-01-17 02:41:51184000----a-w-C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10189.bin
2013-01-17 01:31:49--------d-----w-C:\Program Files (x86)\Common Files\Digidesign
2013-01-17 01:31:481332224----a-w-C:\windows\SysWow64\SYNSOEMU.DLL
2013-01-13 05:15:24--------d-----w-C:\ProgramData\Freemake
2013-01-13 05:15:13--------d-----w-C:\Program Files (x86)\Freemake
2013-01-13 05:12:07--------d-----w-C:\Program Files (x86)\Audacity
2013-01-11 21:03:05--------d-----w-C:\Program Files (x86)\ESET
2013-01-11 10:24:28--------d-----w-C:\ProgramData\Malwarebytes
2013-01-09 22:58:55--------d-----w-C:\Users\dit15_000\AppData\Roaming\OpenOffice.org
2013-01-09 22:44:30--------d-----w-C:\Program Files (x86)\OpenOffice.org 3
2013-01-09 22:37:10--------d-----w-C:\Users\dit15_000\AppData\Local\Adobe
2013-01-09 22:21:11--------d-----w-C:\Users\dit15_000\AppData\Roaming\AVG2013
2013-01-09 22:17:46--------d-----w-C:\Users\dit15_000\AppData\Roaming\TuneUp Software
2013-01-09 22:17:07--------d-----w-C:\ProgramData\AVG2013
2013-01-09 22:16:26--------d-----w-C:\Program Files (x86)\AVG
2013-01-09 22:13:14--------d--h--w-C:\ProgramData\Common Files
2013-01-09 22:13:14--------d-----w-C:\Users\dit15_000\AppData\Local\MFAData
2013-01-09 22:13:14--------d-----w-C:\Users\dit15_000\AppData\Local\Avg2013
2013-01-09 22:13:14--------d-----w-C:\ProgramData\MFAData
2013-01-09 21:03:562397184----a-w-C:\windows\System32\WpcMon.exe
2013-01-09 07:01:2886016----a-w-C:\windows\System32\ncryptsslp.dll
2013-01-09 07:01:2871168----a-w-C:\windows\SysWow64\ncryptsslp.dll
2013-01-09 06:58:322361344----a-w-C:\windows\System32\msxml6.dll
2013-01-09 06:58:321836032----a-w-C:\windows\System32\msxml3.dll
2013-01-09 06:58:321802240----a-w-C:\windows\SysWow64\msxml6.dll
2013-01-09 06:58:312048----a-w-C:\windows\SysWow64\msxml6r.dll
2013-01-09 06:58:312048----a-w-C:\windows\SysWow64\msxml3r.dll
2013-01-09 06:58:312048----a-w-C:\windows\System32\msxml6r.dll
2013-01-09 06:58:312048----a-w-C:\windows\System32\msxml3r.dll
2013-01-09 06:58:311438720----a-w-C:\windows\SysWow64\msxml3.dll
2013-01-03 05:08:48--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-03 05:08:48--------d-----w-C:\Program Files\iTunes
2013-01-03 05:08:48--------d-----w-C:\Program Files\iPod
2013-01-03 05:08:48--------d-----w-C:\Program Files (x86)\iTunes
2012-12-30 23:18:2781408----a-w-C:\Program Files (x86)\taskkill.exe
2012-12-30 23:05:2033240----a-w-C:\windows\System32\drivers\GEARAspiWDM.sys
2012-12-29 23:55:51--------d-----w-C:\Program Files (x86)\uTorrent
2012-12-29 23:55:09--------d-----w-C:\Users\dit15_000\AppData\Roaming\uTorrent
2012-12-29 00:42:23--------d-----w-C:\Program Files\SharePod
2012-12-28 05:57:1146080----a-w-C:\windows\System32\atmlib.dll
2012-12-28 05:57:11362496----a-w-C:\windows\System32\atmfd.dll
2012-12-28 05:57:1135328----a-w-C:\windows\SysWow64\atmlib.dll
2012-12-28 05:57:11300032----a-w-C:\windows\SysWow64\atmfd.dll
.
==================== Find3M ====================
.
2012-12-18 23:32:5880728----a-w-C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-18 23:32:58695640----a-w-C:\windows\SysWow64\FlashPlayerApp.exe
2012-12-13 07:26:24348160----a-w-C:\windows\SysWow64\msvcr71.dll
2012-12-13 07:26:241060864----a-w-C:\windows\SysWow64\mfc71.dll
2012-12-06 04:23:00170496----a-w-C:\windows\System32\TimeBrokerServer.dll
2012-12-06 04:22:59178176----a-w-C:\windows\System32\SystemEventsBrokerServer.dll
2012-12-04 04:21:42368640----a-w-C:\windows\System32\sppwinob.dll
2012-12-04 03:59:084055552----a-w-C:\windows\System32\win32k.sys
2012-11-29 05:05:57707584----a-w-C:\windows\System32\AppXDeploymentExtensions.dll
2012-11-29 05:05:571131520----a-w-C:\windows\System32\AppXDeploymentServer.dll
2012-11-28 04:21:1744032----a-w-C:\windows\SysWow64\UXInit.dll
2012-11-28 04:20:5953760----a-w-C:\windows\System32\UXInit.dll
2012-11-27 07:00:32194280----a-w-C:\windows\System32\drivers\sdbus.sys
2012-11-27 07:00:29124648----a-w-C:\windows\System32\drivers\dumpsd.sys
2012-11-27 06:59:13329960----a-w-C:\windows\System32\drivers\storport.sys
2012-11-27 06:39:461122768----a-w-C:\windows\System32\Taskmgr.exe
2012-11-27 04:49:201027152----a-w-C:\windows\SysWow64\Taskmgr.exe
2012-11-27 04:20:501048064----a-w-C:\windows\SysWow64\mstsc.exe
2012-11-27 04:20:42179200----a-w-C:\windows\SysWow64\wpnapps.dll
2012-11-27 04:20:35891904----a-w-C:\windows\SysWow64\winmde.dll
2012-11-27 04:20:31798208----a-w-C:\windows\SysWow64\WebcamUi.dll
2012-11-27 04:20:2946592----a-w-C:\windows\SysWow64\vds_ps.dll
2012-11-27 04:20:28560128----a-w-C:\windows\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:231217536----a-w-C:\windows\SysWow64\storagewmi.dll
2012-11-27 04:20:15680960----a-w-C:\windows\System32\vds.exe
2012-11-27 04:20:07702464----a-w-C:\windows\SysWow64\nshwfp.dll
2012-11-27 04:20:071123840----a-w-C:\windows\System32\mstsc.exe
2012-11-27 04:18:59888832----a-w-C:\windows\System32\nshwfp.dll
2012-11-27 04:18:395974528----a-w-C:\windows\System32\mstscax.dll
2012-11-27 04:18:131071104----a-w-C:\windows\System32\IKEEXT.DLL
2012-11-27 04:18:06378880----a-w-C:\windows\System32\FWPUCLNT.DLL
2012-11-27 04:17:32718848----a-w-C:\windows\System32\BFE.DLL
2012-11-27 04:17:312302464----a-w-C:\windows\System32\authui.dll
2012-11-27 03:57:3218432----a-w-C:\windows\System32\drivers\BtaMPM.sys
2012-11-27 03:56:2931104----a-w-C:\windows\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:4429952----a-w-C:\windows\System32\drivers\BthhfHid.sys
2012-11-20 08:00:236971624----a-w-C:\windows\System32\ntoskrnl.exe
2012-11-20 05:24:191164800----a-w-C:\windows\SysWow64\Display.dll
2012-11-20 05:24:1736352----a-w-C:\windows\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:231184256----a-w-C:\windows\System32\Display.dll
2012-11-20 05:17:2049152----a-w-C:\windows\System32\DevDispItemProvider.dll
2012-11-20 05:02:466656----a-w-C:\windows\SysWow64\KBDKURD.DLL
2012-11-20 04:59:267168----a-w-C:\windows\System32\KBDKURD.DLL
2012-11-20 04:56:2727136----a-w-C:\windows\System32\drivers\usbohci.sys
2012-11-20 04:56:1183456----a-w-C:\windows\System32\drivers\hidclass.sys
2012-11-20 04:54:3139936----a-w-C:\windows\System32\drivers\hidi2c.sys
2012-11-15 06:08:412706432----a-w-C:\windows\System32\mshtml.tlb
2012-11-15 06:06:342706432----a-w-C:\windows\SysWow64\mshtml.tlb
2012-11-13 04:20:301120768----a-w-C:\windows\System32\msctf.dll
2012-11-13 04:19:23890880----a-w-C:\windows\SysWow64\msctf.dll
2012-11-10 04:23:25132608----a-w-C:\windows\SysWow64\poqexec.exe
2012-11-10 04:23:18148480----a-w-C:\windows\System32\poqexec.exe
2012-11-10 04:22:40122880----a-w-C:\windows\System32\VmHostAI.dll
2012-11-10 04:22:35144384----a-w-C:\windows\System32\tssdisai.dll
2012-11-10 04:22:14126976----a-w-C:\windows\System32\RDWebAI.dll
2012-11-10 04:20:20135680----a-w-C:\windows\System32\appserverai.dll
2012-11-09 04:49:512048----a-w-C:\windows\System32\tzres.dll
2012-11-09 04:03:482048----a-w-C:\windows\SysWow64\tzres.dll
2012-11-08 04:25:36523776----a-w-C:\windows\SysWow64\WSShared.dll
2012-11-08 04:25:36143872----a-w-C:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2012-11-08 04:25:36124928----a-w-C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:25:351775104----a-w-C:\windows\SysWow64\wininet.dll
2012-11-08 04:24:272881536----a-w-C:\windows\SysWow64\jscript9.dll
2012-11-08 04:24:2261440----a-w-C:\windows\SysWow64\iesetup.dll
2012-11-08 04:24:22109056----a-w-C:\windows\SysWow64\iesysprep.dll
2012-11-08 04:24:1975776----a-w-C:\windows\SysWow64\fontsub.dll
2012-11-08 04:24:0610752----a-w-C:\windows\SysWow64\dciman32.dll
2012-11-08 04:22:21641536----a-w-C:\windows\System32\WSShared.dll
2012-11-08 04:22:20198656----a-w-C:\windows\System32\Windows.ApplicationModel.Store.dll
2012-11-08 04:22:20163840----a-w-C:\windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:22:192246656----a-w-C:\windows\System32\wininet.dll
2012-11-08 04:22:12907776----a-w-C:\windows\System32\uxtheme.dll
2012-11-08 04:21:003966464----a-w-C:\windows\System32\jscript9.dll
2012-11-08 04:20:5667072----a-w-C:\windows\System32\iesetup.dll
2012-11-08 04:20:56136704----a-w-C:\windows\System32\iesysprep.dll
2012-11-08 04:20:5096256----a-w-C:\windows\System32\fontsub.dll
2012-11-08 04:20:3714336----a-w-C:\windows\System32\dciman32.dll
2012-11-08 04:02:163072----a-w-C:\windows\System32\lpk.dll
2012-11-08 04:01:403072----a-w-C:\windows\SysWow64\lpk.dll
2012-11-08 01:56:52534528----a-w-C:\windows\SysWow64\uxtheme.dll
2012-11-06 07:52:07445160----a-w-C:\windows\System32\drivers\USBHUB3.SYS
2012-11-06 07:52:04277736----a-w-C:\windows\System32\drivers\msiscsi.sys
2012-11-06 07:36:2369864----a-w-C:\windows\System32\drivers\pdc.sys
2012-11-06 07:33:46522640----a-w-C:\windows\System32\AUDIOKSE.dll
2012-11-06 07:33:46253512----a-w-C:\windows\System32\audiodg.exe
2012-11-06 07:33:45490064----a-w-C:\windows\System32\AudioEng.dll
2012-11-06 07:33:45447792----a-w-C:\windows\System32\AudioSes.dll
2012-11-06 07:33:301566432----a-w-C:\windows\System32\ole32.dll
2012-11-06 05:00:06463768----a-w-C:\windows\SysWow64\AUDIOKSE.dll
2012-11-06 05:00:06427568----a-w-C:\windows\SysWow64\AudioEng.dll
2012-11-06 05:00:06324344----a-w-C:\windows\SysWow64\AudioSes.dll
2012-11-06 04:54:132205696----a-w-C:\windows\SysWow64\PrintConfig.dll
2012-11-06 04:48:271150160----a-w-C:\windows\SysWow64\ole32.dll
2012-11-06 04:19:59470016----a-w-C:\windows\System32\wlanmsm.dll
2012-11-06 04:18:5884992----a-w-C:\windows\SysWow64\fdWCN.dll
2012-11-06 04:17:58110080----a-w-C:\windows\System32\dafWCN.dll
2012-11-06 04:17:42785920----a-w-C:\windows\System32\audiosrv.dll
2012-11-06 04:17:41169472----a-w-C:\windows\System32\AudioEndpointBuilder.dll
2012-11-06 04:17:352146816----a-w-C:\windows\System32\actxprxy.dll
2012-11-06 04:17:32212992----a-w-C:\windows\System32\bthprops.cpl
.
============= FINISH: 13:29:09.80 ===============
Attach
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 12/11/2012 11:33:03 PM
System Uptime: 1/21/2013 8:59:20 AM (5 hours ago)
.
Motherboard: Intel | | PLCSF8
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz | U3E1 | 1200/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 921 GiB total, 746.457 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP6: 12/31/2012 12:04:05 PM - Installed iTunes
RP7: 1/7/2013 1:11:20 PM - Scheduled Checkpoint
RP8: 1/10/2013 11:16:09 AM - Installed AVG 2013
RP9: 1/10/2013 11:16:33 AM - Installed AVG 2013
RP10: 1/11/2013 9:57:47 AM - Restore Operation
RP11: 1/17/2013 5:25:57 PM - Windows Update
RP12: 1/21/2013 9:38:39 AM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
Adobe Reader X (10.1.5) MUI
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
Atheros Bluetooth Filter Driver Package
Atheros Driver Installation Program
Audacity 2.0.2
avast! Free Antivirus
Bejeweled 3
Bonjour
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
ESET Online Scanner v3
Evernote v. 4.5.7
FL Studio 10
Freemake Audio Converter version 1.1.0
Google Chrome
Google Update Helper
IL Download Manager
Intel AppUp(SM) center
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel® Trusted Connect Service Client
iTunes
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft Office
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Norton Internet Security
Norton PC Checkup
OpenOffice.org 3.4.1
Plants vs. Zombies - Game of the Year
Premium Sound HD
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
reFX Nexus VSTi RTAS v2.2.0
Splashtop Remote Client
Splashtop Streamer
Synaptics Pointing Device Driver
TOSHIBA Desktop Assist
TOSHIBA eco Utility
TOSHIBA Function Key
TOSHIBA HDD Accelerator
Toshiba Password Utility
TOSHIBA PC Health Monitor
TOSHIBA Recovery Media Creator
TOSHIBA Resolution+ Plug-in for Windows Media Player
TOSHIBA Service Station
TOSHIBA System Driver
TOSHIBA System Settings
TOSHIBA VIDEO PLAYER
Update Installer for WildTangent Games App
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.5
WildTangent Games
WildTangent Games App (Toshiba Games)
WinRAR 4.20 (64-bit)
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
1/21/2013 12:32:09 AM, Error: disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0.
1/20/2013 11:46:09 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x0000000000000028, 0x0000000000000002, 0x0000000000000000, 0xfffff8800436ad7c). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 012013-36906-01.
1/19/2013 8:44:08 AM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.3. The computer with the IP address 192.168.0.4 did not allow the name to be claimed by this computer.
1/18/2013 8:12:35 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0x0000000000000028, 0x0000000000000002, 0x0000000000000000, 0xfffff88004c02d7c). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 011813-19734-01.
1/18/2013 5:57:48 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer BRAD-HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{228993F8-0499-4926-9E4D-670E124268C5}. The master browser is stopping or an election is being forced.
1/14/2013 5:28:53 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.6. The computer with the IP address 192.168.0.4 did not allow the name to be claimed by this computer.
.
==== End Of File ===========================