[InActive K] Most of menu folders say 'empty' after attempting to fix virus.

[fergy007]

Hey guys,
I had a nasty malware/virus a few months ago that took over my system and tried to convince me I had to download a specific removal tool to get rid of it.  I forgot the name of the removal tool...something like PC Scan or PC Cleaner or something like that.  Anyway, I went online thinking I'd just read some forums on it and get rid of it that way.  I basically leaned just enough to be really dangerous and attempted to clean my computer.  I got rid of the registery entry for this malware which had hidden like EVERY file and program on my system. I managed to get most of my files back and I can use the Command line to get to the most frequently used programs.  But my shortcuts in the start menu are mostly empty.  I think I made a mistake and deleted things before I was supposed to...and so now I'm afraid those shortcuts are just lost.  

I'd like to get your advice on what I should do next.  I'm willing to reinstall windows if need be...I just don't want to lose any of my personal files in that process.  

Thanks...and here are my dds screens:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Lindsay at 13:39:05 on 2012-07-14
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.3824.1989 [GMT -5:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\windows\Explorer.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\ThpSrv.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\TECO\Teco.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\StikyNot.exe
C:\Users\Lindsay\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\svchost.exe -k HPService
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Lindsay\Downloads\HijackThis.exe
C:\windows\SysWOW64\NOTEPAD.EXE
C:\windows\system32\taskeng.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.myheritage.com
uDefault_Page_URL = hxxp://www.google.com/ig?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://search.myheritage.com
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital

Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: CtxIEInterceptorBHO Class: {2c4631ff-5cc8-4ebc-a0df-34c92291759e} - C:\Program Files

(x86)\Citrix\ICA Client\IEInterceptor.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton

360\Engine\5.2.2.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files

(x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files

(x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program

Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google

\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype

\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files

(x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:

\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files

(x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files

(x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital

Imaging\Smart Web Printing\hpswp_BHO.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine

\5.2.2.3\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google

Toolbar\GoogleToolbar_32.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital

Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\Lindsay\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [SanDiskSecureAccess_Manager.exe] C:\Users\Lindsay\AppData\Roaming\SanDisk

\SanDiskSecureAccess_Manager.exe
mRun: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe"

autorun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station

\ToshibaServiceStation.exe" /hide:60
mRun: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin

\ACDaemon.exe
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
StartupFolder: C:\Users\Lindsay\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup

\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\Lindsay\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup

\WARNER~1.LNK - C:\Program Files (x86)\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy

Manager.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files

(x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files

(x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files

(x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files

(x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files

(x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files

(x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-

windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-

windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-

windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{750DA742-C862-49F8-BC0E-49A0CB87C98F} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{750DA742-C862-49F8-BC0E-49A0CB87C98F}\2656C6B696E6534376 : DhcpNameServer =

192.168.2.1
TCP: Interfaces\{750DA742-C862-49F8-BC0E-49A0CB87C98F}\354756078656E63775962756C6563737 :

DhcpNameServer = 150.199.1.29
TCP: Interfaces\{750DA742-C862-49F8-BC0E-49A0CB87C98F}\3547574656E64775966496 : DhcpNameServer =

150.199.1.29
TCP: Interfaces\{750DA742-C862-49F8-BC0E-49A0CB87C98F}\453757E616D696 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{750DA742-C862-49F8-BC0E-49A0CB87C98F}\74F64602F46602751627 : DhcpNameServer =

192.168.2.1
TCP: Interfaces\{750DA742-C862-49F8-BC0E-49A0CB87C98F}\96D6F6E61626F61647 : DhcpNameServer =

216.106.1.2 216.106.1.3
TCP: Interfaces\{94A242C8-4C65-4C2B-8E20-66036401F414} : DhcpNameServer = 99.66.174.70
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA

Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program

Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program

Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files

(x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client

\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files

\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype

\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo

Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital

Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64:     HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: CtxIEInterceptorBHO Class: {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files

(x86)\Citrix\ICA Client\IEInterceptor.dll
BHO-X64:     CtxIEInterceptorBHO - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton

360\Engine\5.2.2.3\coIEPlg.dll
BHO-X64:     Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files

(x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL
BHO-X64:     Symantec Intrusion Prevention - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files

(x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program

Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files

(x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype

\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64:     SkypeIEPluginBHO - No File
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files

(x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:

\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO-X64:     URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files

(x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files

(x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP

\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64:     HP Smart BHO Class - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton

360\Engine\5.2.2.3\coIEPlg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google

Toolbar\GoogleToolbar_32.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe"

autorun
mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station

\ToshibaServiceStation.exe" /hide:60
mRun-x64: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service

\Bin\ACDaemon.exe
mRun-x64: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
AppInit_DLLs-X64: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Lindsay\AppData\Roaming\Mozilla\Firefox\Profiles\fvrjpuca.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Lindsay\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS --> C:

\windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\system32\drivers

\N360x64\0502020.003\SYMEFA64.SYS --> C:\windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS [?]
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\system32\DRIVERS\thpdrv.sys --> C:\windows

\system32\DRIVERS\thpdrv.sys [?]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\system32\DRIVERS\Thpevm.SYS --> C:

\windows\system32\DRIVERS\Thpevm.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-

85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120711.002_c87\BHDrvx64.sys [2012-7-11 1161376]
R1 ctxusbm;Citrix USB Monitor Driver;C:\windows\system32\DRIVERS\ctxusbm.sys --> C:\windows

\system32\DRIVERS\ctxusbm.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-

85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120713.001\IDSviA64.sys [2012-7-14 509088]
R1 SymIRON;Symantec Iron Driver;C:\windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS --> C:

\windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\system32\Drivers

\N360x64\0502020.003\SYMNETS.SYS --> C:\windows\system32\Drivers\N360x64\0502020.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows

\system32\DRIVERS\vwififlt.sys [?]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe [2012-6-11 130008]
R2 risdpcie;risdpcie;C:\windows\system32\DRIVERS\risdpe64.sys --> C:\windows\system32\DRIVERS

\risdpe64.sys [?]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\TECO

\TecoService.exe [2010-4-23 259440]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows

\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files

(x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-10 2320920]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\windows\system32\DRIVERS

\e1k62x64.sys --> C:\windows\system32\DRIVERS\e1k62x64.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared

\EENGINE\EraserUtilRebootDrv.sys [2012-5-31 138912]
R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:

\windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\windows\system32\DRIVERS\Impcd.sys --> C:\windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows

\system32\DRIVERS\IntcDAud.sys [?]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows

\system32\DRIVERS\NETw5s64.sys --> C:\windows\system32\DRIVERS\NETw5s64.sys [?]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows

\system32\DRIVERS\pgeffect.sys [?]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-7-10

51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\Toshiba\TOSHIBA HDD

SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2010-5-10 836016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:

\windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\windows\system32\DRIVERS\WDKMD.sys --> C:\windows\system32\DRIVERS

\WDKMD.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows

\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows

\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[2010-8-15 135664]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[2010-8-15 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service

\maintenanceservice.exe [2012-5-10 129976]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5

340240]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\nusb3hub.sys --> C:

\windows\system32\DRIVERS\nusb3hub.sys [?]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\nusb3xhc.sys

--> C:\windows\system32\DRIVERS\nusb3xhc.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared

\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:

\windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh

\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-07-13 08:05:23   3147264   ----a-w-   C:\windows\System32\win32k.sys
2012-07-13 04:22:43   9013136   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition

Updates\{225D20B7-84AF-451F-8D83-0D594E28ED8A}\mpengine.dll
2012-07-13 04:13:45   2622464   ----a-w-   C:\windows\System32\wucltux.dll
2012-07-13 04:13:34   99840   ----a-w-   C:\windows\System32\wudriver.dll
2012-07-13 04:13:15   36864   ----a-w-   C:\windows\System32\wuapp.exe
2012-07-13 04:13:15   186752   ----a-w-   C:\windows\System32\wuwebv.dll
2012-07-13 03:47:07   --------   d-----w-   C:\b63756dc38a353eccb38c20f6e6b7e
2012-06-27 18:41:26   --------   d-----w-   C:\Users\Lindsay\AppData\Roaming\SanDisk

SecureAccess
.
==================== Find3M  ====================
.
2012-06-06 05:50:50   2003968   ----a-w-   C:\windows\System32\msxml6.dll
2012-06-06 05:50:50   1880064   ----a-w-   C:\windows\System32\msxml3.dll
2012-06-06 05:09:46   1389568   ----a-w-   C:\windows\SysWow64\msxml6.dll
2012-06-06 05:09:46   1236992   ----a-w-   C:\windows\SysWow64\msxml3.dll
2012-06-02 05:38:26   95088   ----a-w-   C:\windows\System32\drivers\ksecdd.sys
2012-06-02 05:38:24   152432   ----a-w-   C:\windows\System32\drivers\ksecpkg.sys
2012-06-02 05:37:45   459216   ----a-w-   C:\windows\System32\drivers\cng.sys
2012-06-02 05:27:02   340992   ----a-w-   C:\windows\System32\schannel.dll
2012-06-02 05:27:00   307200   ----a-w-   C:\windows\System32\ncrypt.dll
2012-06-02 04:48:39   22016   ----a-w-   C:\windows\SysWow64\secur32.dll
2012-06-02 04:48:35   225280   ----a-w-   C:\windows\SysWow64\schannel.dll
2012-06-02 04:47:31   219136   ----a-w-   C:\windows\SysWow64\ncrypt.dll
2012-06-02 04:42:51   96768   ----a-w-   C:\windows\SysWow64\sspicli.dll
2012-05-31 17:25:12   279656   ------w-   C:\windows\System32\MpSigStub.exe
2012-05-15 03:56:59   1197568   ----a-w-   C:\windows\System32\wininet.dll
2012-05-15 03:08:48   981504   ----a-w-   C:\windows\SysWow64\wininet.dll
2012-05-04 10:52:22   5505392   ----a-w-   C:\windows\System32\ntoskrnl.exe
2012-05-04 10:08:16   3958128   ----a-w-   C:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:08:15   3902320   ----a-w-   C:\windows\SysWow64\ntoskrnl.exe
2012-05-02 05:32:43   208896   ----a-w-   C:\windows\System32\profsvc.dll
2012-04-28 03:50:40   204800   ----a-w-   C:\windows\System32\drivers\rdpwd.sys
2012-04-26 05:34:38   76288   ----a-w-   C:\windows\System32\rdpwsx.dll
2012-04-26 05:34:37   149504   ----a-w-   C:\windows\System32\rdpcorekmts.dll
2012-04-26 05:28:32   9216   ----a-w-   C:\windows\System32\rdrmemptylst.exe
2012-04-24 05:59:45   182272   ----a-w-   C:\windows\System32\cryptsvc.dll
2012-04-24 05:59:45   1460224   ----a-w-   C:\windows\System32\crypt32.dll
2012-04-24 05:59:45   140288   ----a-w-   C:\windows\System32\cryptnet.dll
2012-04-24 04:47:04   139264   ----a-w-   C:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:47:04   103936   ----a-w-   C:\windows\SysWow64\cryptnet.dll
2012-04-24 04:47:03   1156608   ----a-w-   C:\windows\SysWow64\crypt32.dll
2012-04-20 06:22:18   57856   ----a-w-   C:\windows\System32\licmgr10.dll
2012-04-20 05:05:47   44544   ----a-w-   C:\windows\SysWow64\licmgr10.dll
2012-04-20 05:00:31   482816   ----a-w-   C:\windows\System32\html.iec
2012-04-20 04:15:04   1638912   ----a-w-   C:\windows\System32\mshtml.tlb
2012-04-20 03:58:07   386048   ----a-w-   C:\windows\SysWow64\html.iec
2012-04-20 03:24:18   1638912   ----a-w-   C:\windows\SysWow64\mshtml.tlb
.
============= FINISH: 13:40:00.84 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 8/15/2010 1:44:37 AM
System Uptime: 7/14/2012 10:15:39 AM (3 hours ago)
.
Motherboard: TOSHIBA |  | Portable PC
Processor: Intel(R) Core(TM) i3 CPU       M 350  @ 2.27GHz

| rBGA1288 Socket | 1586/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 455 GiB total, 317.616 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Photosmart 5510 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer:
Name: Photosmart 5510 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart 5510 series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Photosmart 5510 series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E710n-z
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer: HP
Name: Officejet 6500 E710n-z
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: HP LaserJet P2015 Series
Device ID: ROOT\MULTIFUNCTION\0003
Manufacturer: Hewlett-Packard
Name: HP LaserJet P2015 Series
PNP Device ID: ROOT\MULTIFUNCTION\0003
Service:
.
==== System Restore Points ===================
.
RP171: 6/26/2012 4:52:49 PM - Windows Update
RP172: 7/1/2012 1:04:55 PM - Windows Update
RP173: 7/6/2012 10:28:38 PM - Windows Update
RP174: 7/11/2012 12:02:30 AM - Windows Update
RP175: 7/11/2012 8:33:43 AM - Windows Update
RP176: 7/12/2012 10:59:23 PM - Restore Operation
RP177: 7/12/2012 11:12:51 PM - Windows Update
RP178: 7/12/2012 11:22:15 PM - Windows Update
RP179: 7/13/2012 3:00:22 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.3
AIO_CDA_ProductContext
AIO_CDA_Software
AIO_Scan
Amazon Kindle
Amazon MP3 Downloader 1.0.10
Amazon Unbox Video
Apple Application Support
Apple Software Update
ArcSoft MediaImpression for Kodak
Audacity 1.3.14 (Unicode)
AVG PC Tuneup 2011
Best Buy Software Installer
BufferChm
C4100
c4100_Help
Citrix Authentication Manager
Citrix Receiver
Citrix Receiver (HDX Flash Redirection)
Citrix Receiver Inside
Citrix Receiver(Aero)
Citrix Receiver(DV)
Citrix Receiver(USB)
Compatibility Pack for the 2007 Office system
Copy
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-

Bit Edition
Destinations
DeviceDiscovery
DocProc
Fax
ffdshow [rev 2527] [2008-12-19]
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
MarketResearch
Mesh Runtime
Messenger Companion
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows

Live Messenger 32-bit
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86

9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86

9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86

9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86

9.0.30729.6161
Microsoft Works
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NEC Electronics USB 3.0 Host Controller Driver
Norton 360
Online Plug-in
OpenOffice.org 3.2
OverDrive Media Console
PL-2303 USB-to-Serial
QuickTime
Realtek High Definition Audio Driver
RICOH R5U230 Media Driver ver.2.08.03.04
SanDiskSecureAccess_Manager.exe
Scan
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client

Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit

Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32

-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-

Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-

Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-

Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-

Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-

Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185)

32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010

(KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981)

32-Bit Edition
Self-service Plug-in
Skype Click to Call
Skype™ 5.8
SmartWebPrinting
SolutionCenter
Stanza
Status
Toolbox
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Quality Application
TOSHIBA ReelTime
TOSHIBA Security Assist
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 4 Client Profile

(KB2468871)
Update for Microsoft .NET Framework 4 Client Profile

(KB2473228)
Update for Microsoft .NET Framework 4 Client Profile

(KB2533523)
Update for Microsoft .NET Framework 4 Client Profile

(KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit

Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit

Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit

Edition
Update for Microsoft Outlook Social Connector 2010

(KB2553406) 32-Bit Edition
Vegas Pro 11.0
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
Vivitar Experience Image Manager
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
7/9/2012 12:03:23 AM, Error: Microsoft-Windows-WER-

SystemErrorReporting [1001]  - The computer has rebooted

from a bugcheck.  The bugcheck was: 0x000000fe

(0x0000000000000008, 0x0000000000000006,

0x0000000000000005, 0xfffffa8006eec160). A dump was saved

in: C:\windows\MEMORY.DMP. Report Id: 070912-30888-01.
7/7/2012 4:56:08 PM, Error: Microsoft-Windows-WER-

SystemErrorReporting [1001]  - The computer has rebooted

from a bugcheck.  The bugcheck was: 0x000000fe

(0x0000000000000008, 0x0000000000000006,

0x0000000000000005, 0xfffffa800906c160). A dump was saved

in: C:\windows\MEMORY.DMP. Report Id: 070712-34507-01.
7/14/2012 8:42:11 AM, Error: Service Control Manager [7009]

 - A timeout was reached (30000 milliseconds) while waiting

for the Amazon Unbox Video Service service to connect.
7/12/2012 11:08:43 PM, Error: Service Control Manager

[7024]  - The HomeGroup Listener service terminated with

service-specific error %%-2147023143.
7/12/2012 11:07:37 PM, Error: Service Control Manager

[7026]  - The following boot-start or system-start driver

(s) failed to load:  BHDrvx64 SRTSP
7/12/2012 11:06:27 PM, Error: Service Control Manager

[7024]  - The Windows Firewall service terminated with

service-specific error Access is denied..
7/12/2012 11:05:46 PM, Error: SRTSP [5]  - Error loading

Symantec real time Anti-Virus driver.
7/12/2012 11:05:46 PM, Error: SRTSP [4]  - Error loading

virus definitions.
7/12/2012 11:00:23 PM, Error: Microsoft-Windows-WLAN-

AutoConfig [10003]  - WLAN Extensibility Module has stopped

unexpectedly. Module Path: C:\windows\System32\IWMSSvc.dll
7/11/2012 3:30:06 PM, Error: Microsoft-Windows-WER-

SystemErrorReporting [1001]  - The computer has rebooted

from a bugcheck.  The bugcheck was: 0x000000fe

(0x0000000000000008, 0x0000000000000006,

0x0000000000000005, 0xfffffa8006fd6160). A dump was saved

in: C:\windows\MEMORY.DMP. Report Id: 071112-25693-01.
7/11/2012 12:05:03 PM, Error: Microsoft-Windows-WER-

SystemErrorReporting [1001]  - The computer has rebooted

from a bugcheck.  The bugcheck was: 0x000000fe

(0x0000000000000008, 0x0000000000000006,

0x0000000000000005, 0xfffffa80090a6160). A dump was saved

in: C:\windows\MEMORY.DMP. Report Id: 071112-35193-01.
7/10/2012 4:41:34 PM, Error: Microsoft-Windows-WER-

SystemErrorReporting [1001]  - The computer has rebooted

from a bugcheck.  The bugcheck was: 0x000000fe

(0x0000000000000008, 0x0000000000000006,

0x0000000000000005, 0xfffffa8009188160). A dump was saved

in: C:\windows\MEMORY.DMP. Report Id: 071012-28142-01.
7/10/2012 4:05:17 PM, Error: Microsoft-Windows-WER-

SystemErrorReporting [1001]  - The computer has rebooted

from a bugcheck.  The bugcheck was: 0x000000fe

(0x0000000000000008, 0x0000000000000006,

0x0000000000000005, 0xfffffa8006ec0160). A dump was saved

in: C:\windows\MEMORY.DMP. Report Id: 071012-29608-01.
.
==== End Of File ===========================

[kevinf80]

Hello fergy007 and welcome to SpywareHammer,

I'm kevinf80 and I will be helping with any malware issues you may have with your system.

• Please be aware that some of the logs I may ask for can be very complex and can take a long time to decipher. I am a volunteer here with a job and family so I ask that you be patient when waiting for replies.
• Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.
• Either print or Save to Notepad all instructions and please follow them carefully, if there's something you don't understand or that will not work please let me know and we will go through it together.
• Malware is often buggy and can be very unstable, with that in mind it is advisable to backup any important data before we begin. Go Here and follow the instructions specific for your operating system.
  
• If you do not reply within 72 hours the thread will be closed, if you need more time let me know. Likewise if I do not respond within 48 hours feel free to PM me.
• If you have any P2P applications installed such as BitTorrent, uTorrent, Limewire etc etc, please uninstall them before we begin.
• If you are using Cracked or Illegal software your thread will be locked and all help will cease.

I don`t see any obvious malware in the logs, is the only issue the missing shortcuts?

Run the following:

download the following program to your desktop:

Unhide tool

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.
Please be patient as this may take several minutes to run, it will scan and fix all Hard drives on your system. You will see a new window with the drive being processed, typically C:\  as below:



Changing as the next drive is processed as below, (if required):



You will get a success alert at the end.



A log file will be saved in the same place as the tool was saved, post that in your reply...

Kevin

[fergy007]

Thank you Kevinf80 for such a quick response!

I've downloaded the unhide program and ran it.  Here is the log file results:

Unhide by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Unhide.exe can be found at this

link:
  http://www.bleepingcomputer.com/forums/topic405109.html

Program started at: 07/14/2012 03:24:29 PM
Windows Version: Windows 7

Please be patient while your files are made visible again.

Processing the C:\ drive
Finished processing the C:\ drive. 181072 files processed.

Restoring the Start Menu.
 * 10 Shortcuts and Desktop items were restored.


Searching for Windows Registry changes made by FakeHDD

rogues.
 - Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion

\policies\Explorer
 - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion

\policies\Explorer
 - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion

\policies\System
 - Checking HKCU\Software\Microsoft\Windows\CurrentVersion

\Explorer\Advanced
  * Start_ShowRun was set to 0! It was set back to 1!
  * Start_ShowSearch was set to 0! It was set back to 1!
  * Start_ShowRecentDocs was set to 0! It was set back to

2!
  * Start_ShowNetConn was set to 0! It was set back to 1!
  * Start_ShowNetPlaces was set to 0! It was set back to 1!

Restarting Explorer.exe in order to apply changes.

Program finished at: 07/14/2012 03:27:22 PM
Execution time: 0 hours(s), 2 minute(s), and 52 seconds(s)





Also, I've attached a screen shot of what my start menu folders look like (with the 'empty' problem shown).  Notice that not very many programs are available in the accessories folder either.:

[kevinf80]

Go here http://www.sevenforums.com/tutorials/135246-start-menu-all-programs-windows-7-restore-default-shortcuts.html to restore the start menu defaults....

What else is missing?

[kevinf80]

Due to the lack of feedback this topic is closed. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!