Step 1 the first is the OTL.txt & second will be the Extras.txt
OTL logfile created on: 3/14/2011 5:18:02 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\tanya\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.31 Gb Total Space | 263.38 Gb Free Space | 91.99% Space Free | Partition Type: NTFS
Computer Name: TANYA-PC | User Name: tanya | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/03/14 05:16:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\tanya\Downloads\OTL.scr
PRC - [2010/08/01 22:08:21 | 000,285,296 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/08/01 22:04:05 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/05/23 01:39:05 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe
PRC - [2010/03/18 15:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 15:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/02/24 04:54:48 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2010/01/28 20:34:01 | 000,103,792 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe
PRC - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
========== Modules (SafeList) ========== MOD - [2011/03/14 05:16:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\tanya\Downloads\OTL.scr
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2010/02/25 22:00:32 | 000,252,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:
64bit: - [2010/02/23 20:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:
64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:
64bit: - [2009/11/06 01:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:
64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:
64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/08/01 22:08:50 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2010/05/23 01:39:05 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe -- (NIS)
SRV - [2010/04/03 19:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 15:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/03/18 15:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/01/28 20:34:01 | 000,103,792 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/08/24 18:49:41 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2009/08/13 14:09:08 | 000,297,344 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe -- (taisregispinger)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2011/03/13 14:28:34 | 000,173,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:
64bit: - [2010/07/21 16:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:
64bit: - [2010/07/21 16:59:28 | 000,023,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:
64bit: - [2010/07/01 17:52:18 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:
64bit: - [2010/05/23 20:41:39 | 000,038,248 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1200000.080\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:
64bit: - [2010/05/23 20:41:38 | 000,701,800 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1200000.080\srtsp64.sys -- (SRTSP)
DRV:
64bit: - [2010/05/18 21:35:26 | 000,815,664 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1200000.080\SymEFA64.sys -- (SymEFA)
DRV:
64bit: - [2010/05/18 21:35:14 | 000,450,096 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1200000.080\SymDS64.sys -- (SymDS)
DRV:
64bit: - [2010/05/16 21:07:44 | 000,168,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1200000.080\Ironx64.sys -- (SymIRON)
DRV:
64bit: - [2010/05/10 22:03:35 | 000,380,464 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1200000.080\symnets.sys -- (SymNetS)
DRV:
64bit: - [2010/03/24 16:55:56 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2010/03/10 21:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2010/02/22 21:03:42 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:
64bit: - [2010/02/20 11:24:34 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2010/02/12 18:49:16 | 000,877,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192Ce.sys -- (rtl8192Ce)
DRV:
64bit: - [2010/02/10 18:01:58 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:
64bit: - [2010/02/09 00:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:
64bit: - [2009/09/17 16:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:
64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:
64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:
64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/22 20:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:
64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:
64bit: - [2009/06/15 16:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
DRV:
64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:
64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:
64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:
64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:
64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010/05/28 05:00:00 | 001,773,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100528.021\EX64.SYS -- (NAVEX15)
DRV - [2010/05/28 05:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/05/28 05:00:00 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/28 05:00:00 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100528.021\ENG64.SYS -- (NAVENG)
DRV - [2010/05/18 20:53:52 | 000,942,640 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20100522.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010/05/17 21:10:25 | 000,463,408 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20100518.002\IDSVia64.sys -- (IDSVia64)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.co...=TSND&bmod=TSNDIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co...=TSND&bmod=TSND IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.co...=TSND&bmod=TSNDIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://start.toshiba.com/g/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://start.toshiba.com/g/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co...=TSND&bmod=TSNDIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\ [2011/03/13 14:29:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn\ [2011/03/13 14:28:47 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:
64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:
64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\CoIEPlg.dll (Symantec Corporation)
O4:
64bit: - HKLM..\Run: [] File not found
O4:
64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe (Toshiba)
O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:
64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:
64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2011/03/14 00:34:42 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Roaming\Malwarebytes
[2011/03/14 00:34:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2011/03/14 00:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/14 00:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/14 00:34:35 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2011/03/14 00:34:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/03/13 21:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse
[2011/03/13 21:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2011/03/13 17:28:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/03/13 16:58:25 | 000,815,664 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1200000.080\SymEFA64.sys
[2011/03/13 16:58:25 | 000,701,800 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1200000.080\srtsp64.sys
[2011/03/13 16:58:25 | 000,450,096 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1200000.080\SymDS64.sys
[2011/03/13 16:58:25 | 000,380,464 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1200000.080\symnets.sys
[2011/03/13 16:58:25 | 000,168,496 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1200000.080\Ironx64.sys
[2011/03/13 16:58:25 | 000,038,248 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1200000.080\srtspx64.sys
[2011/03/13 16:58:11 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64
[2011/03/13 16:58:11 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1200000.080
[2011/03/13 16:58:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2011/03/13 16:58:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2011/03/13 16:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Blio
[2011/03/13 16:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetZero
[2011/03/13 16:55:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Laptop Checkup
[2011/03/13 16:55:49 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NortonPCCheckupx64
[2011/03/13 16:55:49 | 000,000,000 | ---D | C] -- C:\Program Files\Norton PC Checkup
[2011/03/13 16:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton PC Checkup
[2011/03/13 16:55:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/03/13 16:55:49 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NortonPCCheckupx64\0200030.0C6
[2011/03/13 16:55:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/03/13 16:55:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2011/03/13 16:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Online Backup
[2011/03/13 16:55:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toshiba Online Backup
[2011/03/13 16:55:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/03/13 16:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com
[2011/03/13 16:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TOSHIBA Corporation
[2011/03/13 16:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Intuit
[2011/03/13 16:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intuit
[2011/03/13 16:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2011/03/13 16:51:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TOSHIBA Games
[2011/03/13 16:50:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ulead Systems
[2011/03/13 16:50:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once
[2011/03/13 16:50:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2011/03/13 16:41:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek WLAN Driver
[2011/03/13 16:41:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2011/03/13 16:40:27 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Atheros_L1e
[2011/03/13 16:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011/03/13 16:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011/03/13 16:34:15 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2011/03/13 16:33:58 | 000,000,000 | ---D | C] -- C:\Intel
[2011/03/13 16:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2011/03/13 14:54:38 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Local\Diagnostics
[2011/03/13 14:50:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011/03/13 14:28:34 | 000,173,616 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/03/13 14:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/03/13 14:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/03/13 14:26:41 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Local\TOSHIBA_Corporation
[2011/03/13 14:26:41 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Roaming\Toshiba
[2011/03/13 14:20:41 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Roaming\Macromedia
[2011/03/13 14:20:34 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Roaming\Adobe
[2011/03/13 14:20:19 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Roaming\Google
[2011/03/13 14:20:19 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Local\Google
[2011/03/13 14:19:29 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Local\Toshiba
[2011/03/13 14:18:54 | 000,000,000 | R--D | C] -- C:\Users\tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/03/13 14:18:54 | 000,000,000 | R--D | C] -- C:\Users\tanya\Searches
[2011/03/13 14:18:54 | 000,000,000 | R--D | C] -- C:\Users\tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/03/13 14:18:54 | 000,000,000 | -H-D | C] -- C:\Users\tanya\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/03/13 14:18:46 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Roaming\Identities
[2011/03/13 14:18:44 | 000,000,000 | R--D | C] -- C:\Users\tanya\Contacts
[2011/03/13 14:18:43 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Local\VirtualStore
[2011/03/13 14:17:49 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Roaming\WinBatch
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\AppData\Local\Temporary Internet Files
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\Templates
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\Start Menu
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\SendTo
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\Recent
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\PrintHood
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\NetHood
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\Documents\My Videos
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\Documents\My Pictures
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\Documents\My Music
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\My Documents
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\Local Settings
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\AppData\Local\History
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\Cookies
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\Application Data
[2011/03/13 14:17:28 | 000,000,000 | -HSD | C] -- C:\Users\tanya\AppData\Local\Application Data
[2011/03/13 14:17:27 | 000,000,000 | --SD | C] -- C:\Users\tanya\AppData\Roaming\Microsoft
[2011/03/13 14:17:27 | 000,000,000 | R--D | C] -- C:\Users\tanya\Videos
[2011/03/13 14:17:27 | 000,000,000 | R--D | C] -- C:\Users\tanya\Saved Games
[2011/03/13 14:17:27 | 000,000,000 | R--D | C] -- C:\Users\tanya\Pictures
[2011/03/13 14:17:27 | 000,000,000 | R--D | C] -- C:\Users\tanya\Music
[2011/03/13 14:17:27 | 000,000,000 | R--D | C] -- C:\Users\tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/03/13 14:17:27 | 000,000,000 | R--D | C] -- C:\Users\tanya\Links
[2011/03/13 14:17:27 | 000,000,000 | R--D | C] -- C:\Users\tanya\Favorites
[2011/03/13 14:17:27 | 000,000,000 | R--D | C] -- C:\Users\tanya\Downloads
[2011/03/13 14:17:27 | 000,000,000 | R--D | C] -- C:\Users\tanya\My Documents
[2011/03/13 14:17:27 | 000,000,000 | R--D | C] -- C:\Users\tanya\Desktop
[2011/03/13 14:17:27 | 000,000,000 | R--D | C] -- C:\Users\tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/03/13 14:17:27 | 000,000,000 | -H-D | C] -- C:\Users\tanya\AppData
[2011/03/13 14:17:27 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Local\Temp
[2011/03/13 14:17:27 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Local\Microsoft
[2011/03/13 14:17:27 | 000,000,000 | ---D | C] -- C:\Users\tanya\AppData\Roaming\Media Center Programs
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/03/14 05:13:01 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/14 05:11:50 | 001,241,468 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\Cat.DB
[2011/03/14 05:08:07 | 000,015,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/14 05:08:07 | 000,015,568 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/14 05:05:53 | 000,713,888 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011/03/14 05:05:53 | 000,615,360 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011/03/14 05:05:53 | 000,103,702 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011/03/14 05:00:33 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/14 05:00:10 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/03/14 05:00:04 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/14 00:34:38 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/13 23:50:28 | 000,276,216 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2011/03/13 21:21:18 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2011/03/13 21:21:14 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2011/03/13 17:12:56 | 000,039,252 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2011/03/13 17:12:56 | 000,039,252 | ---- | M] () -- C:\windows\SysNative\license.rtf
[2011/03/13 16:40:14 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011/03/13 16:35:34 | 000,015,792 | ---- | M] () -- C:\windows\SysNative\results.xml
[2011/03/13 14:28:34 | 000,173,616 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011/03/13 14:28:34 | 000,007,440 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/03/13 14:28:34 | 000,000,854 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/03/13 14:20:14 | 000,001,452 | ---- | M] () -- C:\Users\tanya\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/13 14:20:12 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2011/03/13 14:18:20 | 000,000,013 | RHS- | M] () -- C:\windows\SysNative\drivers\fbd.sys
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/03/14 00:34:38 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/13 21:21:18 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2011/03/13 21:21:14 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2011/03/13 16:58:19 | 000,003,375 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\SymEFA.inf
[2011/03/13 16:58:19 | 000,002,792 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\SymDS.inf
[2011/03/13 16:58:19 | 000,001,446 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\SymNet.inf
[2011/03/13 16:58:19 | 000,001,438 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\srtsp64.inf
[2011/03/13 16:58:19 | 000,001,422 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\srtspx64.inf
[2011/03/13 16:58:19 | 000,000,772 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\Iron.inf
[2011/03/13 16:58:11 | 000,007,414 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\srtspx64.cat
[2011/03/13 16:58:11 | 000,007,412 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\SymEFA64.cat
[2011/03/13 16:58:11 | 000,007,410 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\srtsp64.cat
[2011/03/13 16:58:11 | 000,007,406 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\SymDS64.cat
[2011/03/13 16:58:11 | 000,007,402 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\iron.cat
[2011/03/13 16:58:11 | 000,007,368 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\symnet64.cat
[2011/03/13 16:58:11 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\isolate.ini
[2011/03/13 16:55:49 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NortonPCCheckupx64\0200030.0C6\isolate.ini
[2011/03/13 16:55:22 | 000,001,726 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com - Shopping.lnk
[2011/03/13 16:55:14 | 000,001,785 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks Financial Center.lnk
[2011/03/13 16:40:14 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2011/03/13 16:35:34 | 000,015,792 | ---- | C] () -- C:\windows\SysNative\results.xml
[2011/03/13 16:28:39 | 3062,255,616 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/13 14:28:39 | 001,241,468 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1200000.080\Cat.DB
[2011/03/13 14:28:34 | 000,007,440 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011/03/13 14:28:34 | 000,000,854 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2011/03/13 14:20:14 | 000,001,452 | ---- | C] () -- C:\Users\tanya\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/13 14:20:12 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2011/03/13 14:18:55 | 000,001,458 | ---- | C] () -- C:\Users\tanya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/03/13 14:18:20 | 000,000,013 | RHS- | C] () -- C:\windows\SysNative\drivers\fbd.sys
[2011/03/13 14:17:28 | 000,000,290 | ---- | C] () -- C:\Users\tanya\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/03/13 14:17:27 | 000,000,272 | ---- | C] () -- C:\Users\tanya\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/02/20 11:22:24 | 000,870,560 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin
[2010/02/20 11:22:24 | 000,127,868 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin
[2010/02/20 11:22:24 | 000,104,636 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin
[2010/02/20 10:27:36 | 000,208,896 | ---- | C] () -- C:\windows\SysWow64\iglhsip32.dll
[2010/02/20 10:27:36 | 000,143,360 | ---- | C] () -- C:\windows\SysWow64\iglhcp32.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
========== LOP Check ========== [2011/03/13 14:26:41 | 000,000,000 | ---D | M] -- C:\Users\tanya\AppData\Roaming\Toshiba
[2011/03/13 14:17:49 | 000,000,000 | ---D | M] -- C:\Users\tanya\AppData\Roaming\WinBatch
[2009/07/14 01:08:49 | 000,005,352 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: SVCHOST.EXE >[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< %systemroot%\*. /mp /s >< End of report >
Extras
OTL Extras logfile created on: 3/14/2011 5:18:02 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\tanya\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.31 Gb Total Space | 263.38 Gb Free Space | 91.99% Space Free | Partition Type: NTFS
Computer Name: TANYA-PC | User Name: tanya | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 17
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}" = Amazon Links
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3B843B38-04B1-4CE6-8888-586273E0F289}" = Quickbooks Financial Center
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BB51B753-9A0C-4D1D-B3EF-A1B936F55796}" = Toshiba Book Place
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}" = Toshiba App Place
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Google Chrome" = Google Chrome
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}" = TOSHIBA Hardware Setup
"InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}" = TOSHIBA Supervisor Password
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"NIS" = Norton Internet Security
"NortonPCCheckup" = Toshiba Laptop Checkup
"TOSHIBA Game Console" = WildTangent ORB Game Console
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT088682" = Bejeweled 2 Deluxe
"WT088696" = Chuzzle Deluxe
"WT088702" = Plants vs. Zombies
"WT088703" = Build-a-lot 2
"WT088710" = Zuma's Revenge
"WT088739" = FATE
"WT088750" = Jewel Quest - Heritage
"WT088759" = Polar Bowler
"WT088760" = Virtual Villagers 4 - The Tree of Life
"WT088761" = Wheel of Fortune 2
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 3/13/2011 5:06:38 PM | Computer Name = WIN-02V6L56LH68 | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 3/13/2011 5:06:38 PM | Computer Name = WIN-02V6L56LH68 | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 3/13/2011 5:09:08 PM | Computer Name = tanya-PC | Source = Google Update | ID = 20
Description =
Error - 3/13/2011 5:13:05 PM | Computer Name = tanya-PC | Source = Google Update | ID = 20
Description =
Error - 3/14/2011 12:28:45 AM | Computer Name = tanya-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.7600.16385 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 974 Start
Time: 01cbe1fb47acc588 Termination Time: 15 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id: 885df55d-4df3-11e0-aa3d-60eb692188e8
< End of report >
The next one might take me a little time, new to this.