comcastantispy.exe *32

[bluefishbeagle]

"comcastantispy.exe *32" is using CPU time when no other programs are running. It is causing shutdown problems. This process has not be observed previously.
*************************************

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Ed at 12:06:37 on 2012-07-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4077.2029 [GMT -5:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\BrmfRsmg.exe
C:\Windows\system32\BrmfRsmg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\Windows\SysWOW64\WebUpdateSvc4.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Apoint\Apoint.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\ProgramData\OfficeGuardian\reminder\SacReminder.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Brother\DSmobileSCAN II\DSmobileSCAN.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\SFT\GuardedID\GIDD.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\System32\alg.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\SFT\GuardedID\x64\GIDD.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Windows\System32\vds.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.weathertap.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\IPS\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Constant Guard Protection Suite (COM): {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
BHO: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Norton Safe Web Lite BHO: {f0da78e9-6b60-42fb-bc26-ef2cfb8c8ff3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll
TB: Norton Safe Web Lite: {30ceeea2-3742-40e4-85dd-812bf1cbb83d} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SacReminder] C:\ProgramData\OfficeGuardian\reminder\SacReminder.exe
uRun: [ComcastAntispyClient] "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide
uRun: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s
mRun: [<NO NAME>]
mRun: [AT&T Communication Manager] "C:\Program Files (x86)\AT&T\Communication Manager\ATTCM.exe" -a
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [NPSStartup]
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\Ed\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DSMOBI~1.LNK - C:\Program Files (x86)\Brother\DSmobileSCAN II\DSmobileSCAN.exe
StartupFolder: C:\Users\Ed\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Ed\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
Trusted Zone: microsoft.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} - hxxp://u3.sandisk.com/download/apps/LPInstaller.CAB
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 67.142.160.8 67.142.160.9
TCP: Interfaces\{3740CE70-4A49-4D7C-A4A8-95506E6328B3} : DhcpNameServer = 192.168.42.129
TCP: Interfaces\{4ADD4B33-0FF5-43E5-894E-1E2368E5DE0B} : DhcpNameServer = 192.168.1.1 67.142.160.8 67.142.160.9
TCP: Interfaces\{4ADD4B33-0FF5-43E5-894E-1E2368E5DE0B}\16962707F62747 : DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{4ADD4B33-0FF5-43E5-894E-1E2368E5DE0B}\24C657566496378624561676C656 : DhcpNameServer = 10.0.1.1
TCP: Interfaces\{4ADD4B33-0FF5-43E5-894E-1E2368E5DE0B}\3497072756373794E6E6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{4ADD4B33-0FF5-43E5-894E-1E2368E5DE0B}\A41636B637F6E60214962707F62747 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{4ADD4B33-0FF5-43E5-894E-1E2368E5DE0B}\D424259353D2531353 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{4ADD4B33-0FF5-43E5-894E-1E2368E5DE0B}\E4237302241636B65707 : DhcpNameServer = 192.168.254.254 192.168.254.254
TCP: Interfaces\{4E4A25CF-A78F-4755-A9A7-B9F66DFEA231} : DhcpNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{7AC1F1F2-E629-4CC6-B7F4-AC19530056BF} : DhcpNameServer = 209.183.35.23 209.183.33.23
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - C:\Program Files (x86)\SFT\GuardedID\gidi.exe /v
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Constant Guard Protection Suite (COM): {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
BHO-X64: Constant Guard Protection Suite (COM) - No File
BHO-X64: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - No File
BHO-X64: Updater For XFIN_PORTAL - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Norton Safe Web Lite BHO: {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll
BHO-X64: Norton Safe Web Lite BHO - No File
TB-X64: Norton Safe Web Lite: {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
mRun-x64: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s
mRun-x64: [(Default)]
mRun-x64: [AT&T Communication Manager] "C:\Program Files (x86)\AT&T\Communication Manager\ATTCM.exe" -a
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [NPSStartup]
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ed\AppData\Roaming\Mozilla\Firefox\Profiles\io3835rv.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=109935&tt=2912_4&babsrc=HP_ss&mntrId=d2c0c4f100000000000018f46adb7aa9
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109935&tt=2912_4&babsrc=KW_ss&mntrId=d2c0c4f100000000000018f46adb7aa9&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109935&tt=2912_4
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - d2c0c4f100000000000018f46adb7aa9
FF - user.js: extensions.BabylonToolbar_i.hardId - d2c0c4f100000000000018f46adb7aa9
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15540
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.174:03:39
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120711.002\BHDrvx64.sys [2012-7-12 1161376]
R1 ccSet_NST;Norton Safe Web Lite Settings Manager;C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys --> C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [?]
R1 GIDv2;GIDv2;C:\Windows\system32\drivers\GIDv2.sys --> C:\Windows\system32\drivers\GIDv2.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120719.002\IDSviA64.sys [2012-7-20 509088]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0502020.003\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0502020.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AntiSpywareService;Comcast AntiSpyware;C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [2009-6-17 616408]
R2 brmfrsmg;Brother Resource manager service;C:\Windows\system32\BrmfRsmg.exe -service --> C:\Windows\system32\BrmfRsmg.exe -service [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-19 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-16 655944]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccsvchst.exe [2012-7-16 130008]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-6-1 367456]
R2 regi;regi;\??\C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?]
R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]
R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-10-19 259192]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-7-16 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-11-8 104960]
R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-11-8 575856]
R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-6-17 851824]
R2 WebUpdate4;Web Update Wizard Service V4;C:\Windows\SysWOW64\WebUpdateSvc4.exe [2008-9-15 262360]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 easytether;easytether;C:\Windows\system32\DRIVERS\easytthr.sys --> C:\Windows\system32\DRIVERS\easytthr.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-5-31 138912]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\nusb3xhc.sys --> C:\Windows\system32\drivers\nusb3xhc.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-6-7 304496]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-10-19 44736]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-8 136176]
S2 IDVaultSvc;CGPS Service;"C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe" --> C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [?]
S2 NSL;Norton Safe Web Lite;"C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1 --> C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-17 250056]
S3 ATTRcAppSvc;AT&T RcAppSvc;C:\Program Files (x86)\AT&T\Communication Manager\RcAppSvc.exe [2009-10-9 121416]
S3 brfilt;Brother MFC Filter Driver;C:\Windows\system32\Drivers\Brfilt.sys --> C:\Windows\system32\Drivers\Brfilt.sys [?]
S3 BrUsbScn;Brother MFC USB Scanner driver;C:\Windows\system32\Drivers\BrUsbScn.sys --> C:\Windows\system32\Drivers\BrUsbScn.sys [?]
S3 CAATT;AT&T Con App Svc;C:\Program Files (x86)\AT&T\Communication Manager\ConAppsSvc.exe [2009-10-9 125512]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-8 136176]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 JeppDrive;JeppDrive Service;C:\Windows\system32\Drivers\JeppDrive.sys --> C:\Windows\system32\Drivers\JeppDrive.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;\??\C:\Windows\system32\PCTINDIS5X64.SYS --> C:\Windows\system32\PCTINDIS5X64.SYS [?]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-21 108400]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-21 67952]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);C:\Windows\system32\DRIVERS\sscebus.sys --> C:\Windows\system32\DRIVERS\sscebus.sys [?]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;C:\Windows\system32\DRIVERS\sscemdfl.sys --> C:\Windows\system32\DRIVERS\sscemdfl.sys [?]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;C:\Windows\system32\DRIVERS\sscemdm.sys --> C:\Windows\system32\DRIVERS\sscemdm.sys [?]
S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);C:\Windows\system32\DRIVERS\swnc8ua3.sys --> C:\Windows\system32\DRIVERS\swnc8ua3.sys [?]
S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);C:\Windows\system32\DRIVERS\swumxa3.sys --> C:\Windows\system32\DRIVERS\swumxa3.sys [?]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.Sys [2012-5-10 16448]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-6-9 537456]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-6-9 384880]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-6-9 101232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-07-20 14:15:36 -------- d-----w- C:\Users\Ed\AppData\Roaming\Tific
2012-07-19 09:03:17 -------- d-----w- C:\Program Files (x86)\Easy Media Player
2012-07-17 20:51:00 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-17 20:51:00 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-17 01:14:24 912504 ----a-w- C:\Windows\System32\drivers\N360x64\0502020.003\symefa64.sys
2012-07-17 01:14:24 450680 ----a-w- C:\Windows\System32\drivers\N360x64\0502020.003\symds64.sys
2012-07-17 01:14:24 40568 ----a-w- C:\Windows\System32\drivers\N360x64\0502020.003\srtspx64.sys
2012-07-17 01:14:24 386168 ----a-w- C:\Windows\System32\drivers\N360x64\0502020.003\symnets.sys
2012-07-17 01:14:23 744568 ----a-w- C:\Windows\System32\drivers\N360x64\0502020.003\srtsp64.sys
2012-07-17 01:14:23 171128 ----a-r- C:\Windows\System32\drivers\N360x64\0502020.003\ironx64.sys
2012-07-17 01:14:04 -------- d-----w- C:\Windows\System32\drivers\N360x64\0502020.003
2012-07-16 14:04:07 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-07-16 13:38:45 -------- d-----w- C:\Users\Ed\AppData\Roaming\Malwarebytes
2012-07-16 13:38:28 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-07-16 13:38:28 -------- d-----w- C:\ProgramData\Malwarebytes
2012-07-16 13:38:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-14 20:11:36 -------- d-----w- C:\Program Files (x86)\Garmin
2012-07-14 20:11:24 212992 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll
2012-07-14 19:55:17 303616 ----a-w- C:\Windows\IsUninst.exe
2012-07-13 15:46:17 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-10 15:44:01 -------- d-----w- C:\Users\Ed\AppData\Local\Apple
2012-06-29 02:16:58 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-06-29 02:16:58 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-06-28 23:35:05 -------- d-----w- C:\Users\Ed\AppData\Local\Adobe
2012-06-26 13:46:18 -------- d-----w- C:\Users\Ed\AppData\Local\Macromedia
2012-06-25 21:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
2012-06-22 03:07:19 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-22 03:06:59 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-22 03:06:49 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-22 03:06:49 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-07-09 01:10:12 952 --sha-w- C:\ProgramData\KGyGaAvL.sys
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
.
============= FINISH: 12:08:42.41 ===============

[shelf life]

hi bluefishbeagle,

Your post is a few days old. If you still need help with the problem simply reply back.

[bluefishbeagle]

Yes I thank you!. Also have remnants of Babylon tool bar.

[shelf life]

ok. I assume the comcastantispy.exe must be something you installed that was provided by your ISP. Have you removed anything like that using a uninstaller in the add/remove programs panel, I guess not because here it is:

C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe

.
You wont miss it- you have Spybot and Malwarebytes.
Run the uninstaller from the add/remove programs panel and reboot your machine.
Also have you removed the babylon toolbar via add/remove programs also?

[bluefishbeagle]

Comcast is my ISP provider and Norton anti virus is provided free of charge, which I installed and have been using for over a year. However I never installed a program called comcastantispy, and it does not show up as an installed program so there's no way for me to remove it. Even as we speak it is using 13% of my CPU resources. I'd like to remove it completely. I was assuming it was spyware disguised as coming from Comcast but I'm not sure.

The Babylon tool bar was installed during a download that I thought was from Adobe. I did remove it via the control panel however I seem to have remnants of the program roaming about my system.

I've had a rash of spyward/adware that Malwarebytes and Spybot have removed (some could not be removed) after the previously mentioned download.

I'd like to clean up my system and most definately get rid of comcastantispy.

thanks

[bluefishbeagle]

I was able to remove comcastantispy. It is a program that was installed a comcast toolbar. As with most toolbars it was added because I forgot to uncheck the box allowing it's installation when I installed Norton from Comcast. (I hate it when they do that!!!).

I'm running scans now to see if babylon toolbar problems still exist. If my system seems clean from your end please let me know. Thanks.

[shelf life]

So how did the scans come out? I do see babylon toolbar leftovers.

[bluefishbeagle]

Scans were OK a few tracking cookies etc. Should I be concerned about the babylon toolbar leftovers?

[shelf life]

babylon toolbar leftovers

If you ran the uninstaller from the add/remove programs panel this may be good enough. Most uninstallers leave left overs behind. Are you still seeing it in your browser or anything?

[bluefishbeagle]

No, my browser is clear and I'm not having any issues. Thank you very much for your time. You all are the greatest !!!!