Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware Virus?

Started by Dark Twilight , Apr 14 2011 12:07 PM

  • Please log in to reply

#1
Dark Twilight
Posted 14 April 2011 - 12:07 PM

Dark Twilight

    Member

  • Member
  • PipPip
  • 19 posts
(Transferred from the OS forum since I suspect this is the work of a virus)

Hello, I suspect there may be a virus on my computer but I can not identify it. You see this started a few days ago, my computer suddenly started up in safe mode so I tried a norton 360 scan but it will not allow it, then I did a malware anti-virus scan but due to not being connected to the network it could not update but it still found some viruses so after a restart the viruses were deleted but still went to safe boot. So I tried a restore point to the last time it worked properly and still it booted to safe mode. I did something unorthadox such as going to command prompt and typing 'msconfig' where I forced my computer to boot up normally but this may have not solved my problem can someone confirm if there is a virus and help delete it, Thank you.

OTL & Extra Logs:

OTL Log:

OTL logfile created on: 4/14/2011 12:45:57 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\ALFREDO GARCIA\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.79 Gb Total Space | 182.42 Gb Free Space | 63.39% Space Free | Partition Type: NTFS

Computer Name: ALFREDO-PC | User Name: ALFREDO GARCIA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/14 12:42:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\ALFREDO GARCIA\Desktop\OTL.exe
PRC - [2011/01/02 03:11:58 | 001,116,080 | ---- | M] (iMesh, Inc) -- C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2010/10/27 04:00:02 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2010/04/22 21:11:37 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/03/16 10:23:14 | 000,133,976 | ---- | M] (WeFi) -- C:\Program Files\WeFi\WefiEngSvc.exe
PRC - [2010/03/16 10:23:12 | 000,527,704 | ---- | M] (WeFi) -- C:\Program Files\WeFi\WeFi.exe
PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/09/26 07:00:52 | 000,429,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\OfficeSAS\OfficeSAS.exe
PRC - [2009/09/26 07:00:52 | 000,202,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\OfficeSAS\OfficeSASScheduler.exe
PRC - [2009/09/23 16:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/09/23 16:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/09/05 22:02:22 | 001,772,032 | ---- | M] (Young Smart Software) -- C:\Program Files\Instant Color Picker\icp.exe
PRC - [2009/04/16 20:42:58 | 000,020,544 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
PRC - [2009/04/14 19:57:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe
PRC - [2009/03/30 18:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2009/03/24 13:34:34 | 001,007,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009/03/17 18:36:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/03/17 13:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/03/10 20:50:36 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/03/06 20:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2009/02/19 16:52:38 | 000,057,344 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/16 18:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/01/20 21:23:52 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2007/11/21 19:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006/11/02 04:47:04 | 000,991,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
PRC - [2006/10/05 14:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2005/03/08 23:13:56 | 001,695,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe


========== Modules (SafeList) ==========

MOD - [2011/04/14 12:42:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\ALFREDO GARCIA\Desktop\OTL.exe
MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/31 10:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2010/02/28 23:07:29 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll
MOD - [2010/02/28 23:07:29 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/06/09 22:06:24 | 000,075,256 | ---- | M] (Zatisfi LLC) [Auto | Stopped] -- C:\Program Files\Zatisfi\Update\ZatisfiUpdate.exe -- (gupdate) Zatisfi Update Service (gupdate)
SRV - [2010/03/16 10:23:14 | 000,133,976 | ---- | M] (WeFi) [On_Demand | Running] -- C:\Program Files\WeFi\WefiEngSvc.exe -- (WefiEngSvc)
SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/09/23 16:04:56 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/09/23 16:04:52 | 000,447,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/04/16 20:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
SRV - [2009/04/14 19:57:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009/03/30 18:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009/03/17 13:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/03/06 20:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2009/02/19 16:52:38 | 000,057,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe -- (RSELSVC)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/11/03 18:15:32 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/10/16 19:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/10/16 18:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/21 19:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006/10/05 14:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)


========== Driver Services (SafeList) ==========

DRV - [2011/04/12 22:32:13 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110413.018\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/04/12 22:32:13 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110413.018\NAVENG.SYS -- (NAVENG)
DRV - [2011/03/14 13:58:33 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110412.001\IDSvix86.sys -- (IDSVix86)
DRV - [2011/02/25 16:59:12 | 000,800,376 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110309.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/11/21 00:39:37 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/11/21 00:39:37 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/11/15 22:52:19 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/05/05 23:01:59 | 000,339,504 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 22:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2009/09/23 16:04:56 | 000,021,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2009/09/23 16:04:56 | 000,014,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\drivers\SftVollh.sys -- (sftvol)
DRV - [2009/09/23 16:04:54 | 000,190,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\drivers\sftplaylh.sys -- (sftplay)
DRV - [2009/09/23 16:04:50 | 000,543,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\drivers\SftFSlh.sys -- (sftfs)
DRV - [2009/04/24 16:29:28 | 000,163,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/03/18 13:44:54 | 000,022,272 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009/01/27 21:12:14 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/11/17 09:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2007/12/14 13:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/11/09 16:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/11/28 17:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 16:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2005/03/08 23:15:10 | 000,291,456 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\Windows\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2005/03/08 23:14:44 | 000,024,064 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dvd_2k.sys -- (dvd_2K)
DRV - [2005/03/08 23:05:30 | 000,141,184 | ---- | M] (Windows ® 2000 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\DVDVRRdr_xp.sys -- (DVDVRRdr_xp)
DRV - [2005/03/08 22:54:48 | 000,202,496 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\Windows\System32\drivers\Udfreadr.sys -- (UDFReadr)
DRV - [2005/03/08 22:53:56 | 000,023,808 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mmc_2k.sys -- (mmc_2K)
DRV - [2005/03/08 22:38:32 | 000,117,760 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\Pwd_2k.sys -- (pwd_2k)
DRV - [2003/12/19 04:00:00 | 000,006,656 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cinemsup.sys -- (Cinemsup)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files\TranslatorBar_1\tbTra1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP1.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSHB&bmod=TSHB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14196&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A5 EE A4 86 36 3A CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/?ilc=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 86 87 8F 00 91 44 F2 4E 82 E1 BD 7F 9A 65 8A 08 [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "MyPlayCity Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {39124730-0779-11de-8c30-0800200c9a66}:2
FF - prefs.js..extensions.enabledItems: {C3F23840-B14B-4B61-AAEF-6BCC3621FA63}:1.0
FF - prefs.js..extensions.enabledItems: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {074f7bda-5b14-4740-bac7-4ec4506a232e}:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.3.2
FF - prefs.js..keyword.URL: "http://search.imesh....&systemid=1&q="

FF - user.js..keyword.URL: "http://mp3tubetoolba...02ff&Keywords="
FF - user.js..keyword.enabled: 1

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/04/22 21:13:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\2.bin
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/11/21 00:39:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/11/15 22:53:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011/02/03 18:02:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/24 20:23:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/24 20:23:55 | 000,000,000 | ---D | M]

[2011/01/13 22:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Extensions
[2009/07/09 18:44:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/04/12 22:07:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\extensions
[2011/03/08 21:55:51 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/10/13 23:15:32 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\extensions\{074f7bda-5b14-4740-bac7-4ec4506a232e}
[2011/01/13 13:31:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/09/25 23:25:16 | 000,000,000 | ---D | M] (FFComponent) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\extensions\{39124730-0779-11de-8c30-0800200c9a66}
[2009/09/25 20:30:16 | 000,000,000 | ---D | M] (MyPlayCity Toolbar) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\extensions\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}
[2011/03/08 21:40:37 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/03/26 22:03:01 | 000,000,000 | ---D | M] (myBabylon English Community Toolbar) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
[2011/03/26 22:03:01 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\extensions\[email protected]
[2010/11/30 13:53:32 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\extensions\[email protected]
[2009/12/27 23:07:54 | 000,000,215 | ---- | M] () -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\searchplugins\4.6.6.1.xml
[2011/01/23 16:52:54 | 000,002,396 | ---- | M] () -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\searchplugins\askcom.xml
[2010/12/24 15:33:07 | 000,001,919 | ---- | M] () -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\searchplugins\bing-zugo.xml
[2010/10/14 02:17:43 | 000,001,819 | ---- | M] () -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\searchplugins\bing.xml
[2009/09/01 22:04:36 | 000,000,882 | ---- | M] () -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\searchplugins\conduit.xml
[2010/10/14 02:18:15 | 000,005,406 | ---- | M] () -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\searchplugins\fast-browser-search.xml
[2010/09/02 03:09:28 | 000,002,486 | ---- | M] () -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\searchplugins\iMeshWebSearch.xml
[2010/11/25 11:35:19 | 000,001,215 | ---- | M] () -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\searchplugins\Mp3Tube.xml
[2009/07/18 15:49:55 | 000,000,239 | ---- | M] () -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Mozilla\Firefox\Profiles\s2qm29mo.default\searchplugins\Search.xml
[2011/01/13 22:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/15 19:26:10 | 000,000,000 | ---D | M] (Findbasic) -- C:\Program Files\Mozilla Firefox\extensions\{C3F23840-B14B-4B61-AAEF-6BCC3621FA63}
[2011/01/12 19:07:23 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\IMESH APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION
[2010/11/15 22:53:36 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN
[2010/11/21 00:39:19 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN
[2010/04/22 21:13:01 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2010/08/04 17:17:04 | 000,002,191 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2010/12/03 12:53:28 | 000,003,996 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\drae.xml
[2010/12/03 12:53:28 | 000,000,751 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-es.xml
[2009/10/15 19:26:11 | 000,002,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\findbasic127.xml
[2010/09/02 03:09:28 | 000,002,486 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml
[2010/12/03 12:53:28 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-es.xml
[2010/12/03 12:53:28 | 000,001,102 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-es.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (TranslatorBar 1 Toolbar) - {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files\TranslatorBar_1\tbTra1.dll (Conduit Ltd.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (Shop to Win 2) - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dll (Freecause Inc.)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (ProfileSongToolbarIE) - {367570a9-768f-4371-afc0-5bb758148619} - C:\Program Files\ProfileSong\Profile Song\adxloader.dll ()
O2 - BHO: (MyPlayCity Toolbar) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP1.dll (Conduit Ltd.)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (TranslatorBar 1 Toolbar) - {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files\TranslatorBar_1\tbTra1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Profile Song) - {25278368-52A4-4919-80E0-6F3822D2FE1F} - C:\Program Files\ProfileSong\Profile Song\adxloader.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (MyPlayCity Toolbar) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {A38B9174-F114-422E-B0D2-2F2BBB7F98F7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (TranslatorBar 1 Toolbar) - {00BF7B9C-ACD2-4080-BEA8-B1C41987070F} - C:\Program Files\TranslatorBar_1\tbTra1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MyPlayCity Toolbar) - {4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - C:\Program Files\MyPlayCity\tbMyP1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [cfFncEnabler.exe] C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe (Toshiba Corporation)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe (Sonic Solutions)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ysicp] C:\Program Files\Instant Color Picker\icp.exe (Young Smart Software)
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKCU..\Run: [ares vista] File not found
O4 - HKCU..\Run: [Weather] File not found
O4 - Startup: C:\Users\ALFREDO GARCIA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: att.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: myprepaidrefill.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ALFREDO GARCIA\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\ALFREDO GARCIA\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/10 19:02:20 | 000,237,568 | ---- | M] ( Xpounded) - C:\Auto3D.exe -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{dffa89c7-6cbb-11de-9216-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dffa89c7-6cbb-11de-9216-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/14 12:44:35 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\ALFREDO GARCIA\Desktop\OTL.exe
[2011/04/12 20:04:35 | 000,000,000 | ---D | C] -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Tific
[2011/03/23 22:32:34 | 000,000,000 | ---D | C] -- C:\Users\ALFREDO GARCIA\AppData\Roaming\Opera
[2011/03/23 22:32:34 | 000,000,000 | ---D | C] -- C:\Users\ALFREDO GARCIA\AppData\Local\Opera
[2011/03/23 22:32:29 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2011/03/23 22:32:08 | 000,000,000 | R--D | C] -- C:\Users\ALFREDO GARCIA\Downloads
[2011/03/22 23:06:42 | 009,280,200 | ---- | C] (Opera Software ASA) -- C:\Users\ALFREDO GARCIA\Desktop\Opera_1101_int_Setup.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\ALFREDO GARCIA\Desktop\*.tmp files -> C:\Users\ALFREDO GARCIA\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/14 12:47:23 | 000,651,654 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/14 12:47:23 | 000,121,878 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/14 12:43:53 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\WefiStartup.job
[2011/04/14 12:43:51 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/14 12:43:51 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\ZatisfiUpdateTaskMachineCore.job
[2011/04/14 12:42:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\ALFREDO GARCIA\Desktop\OTL.exe
[2011/04/14 12:32:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/14 12:32:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/14 12:32:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/14 12:32:20 | 3082,801,152 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/14 00:59:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/13 23:37:31 | 000,000,440 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0D04D4C0-B572-4E04-B476-2DD664CB90EC}.job
[2011/04/13 22:11:08 | 000,000,862 | ---- | M] () -- C:\Windows\tasks\ZatisfiUpdateTaskMachineUA.job
[2011/04/12 21:38:03 | 000,001,356 | ---- | M] () -- C:\Users\ALFREDO GARCIA\AppData\Local\d3d9caps.dat
[2011/04/07 20:08:57 | 000,000,304 | ---- | M] () -- C:\Users\ALFREDO GARCIA\Desktop\TI100712V0E © - Shortcut.lnk
[2011/04/05 21:02:19 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/03/23 22:32:33 | 000,001,649 | ---- | M] () -- C:\Users\ALFREDO GARCIA\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/03/23 22:32:33 | 000,001,625 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/03/22 23:07:10 | 009,280,200 | ---- | M] (Opera Software ASA) -- C:\Users\ALFREDO GARCIA\Desktop\Opera_1101_int_Setup.exe
[2011/03/16 20:44:38 | 000,000,000 | -H-- | M] () -- C:\Users\ALFREDO GARCIA\Documents\Default.rdp
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\ALFREDO GARCIA\Desktop\*.tmp files -> C:\Users\ALFREDO GARCIA\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/12 21:53:07 | 3082,801,152 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/07 20:08:57 | 000,000,304 | ---- | C] () -- C:\Users\ALFREDO GARCIA\Desktop\TI100712V0E © - Shortcut.lnk
[2011/03/23 22:32:33 | 000,001,649 | ---- | C] () -- C:\Users\ALFREDO GARCIA\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/03/23 22:32:33 | 000,001,637 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011/03/23 22:32:32 | 000,001,625 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/03/16 20:44:38 | 000,000,000 | -H-- | C] () -- C:\Users\ALFREDO GARCIA\Documents\Default.rdp
[2011/02/17 20:42:43 | 000,077,379 | ---- | C] () -- C:\Windows\hpqins05.dat
[2011/02/03 17:50:25 | 000,186,679 | ---- | C] () -- C:\Windows\hpwins23.dat
[2010/10/13 21:57:40 | 000,000,000 | ---- | C] () -- C:\ProgramData\1990010071
[2010/10/13 21:51:32 | 000,001,185 | ---- | C] () -- C:\ProgramData\1454837755
[2010/10/13 21:44:27 | 000,203,776 | -HS- | C] () -- C:\ProgramData\unrar.exe
[2010/07/30 17:36:50 | 000,001,356 | ---- | C] () -- C:\Users\ALFREDO GARCIA\AppData\Local\d3d9caps.dat
[2010/02/28 23:20:44 | 000,000,000 | ---- | C] () -- C:\Users\ALFREDO GARCIA\AppData\Roaming\wklnhst.dat
[2010/01/28 16:55:47 | 000,157,428 | ---- | C] () -- C:\Windows\hpoins28.dat
[2009/12/10 13:32:54 | 000,010,524 | ---- | C] () -- C:\Windows\ips.INI
[2009/12/10 13:27:29 | 000,000,808 | ---- | C] () -- C:\Users\ALFREDO GARCIA\AppData\Roaming\FrameFun.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/19 18:50:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/07/13 19:05:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/07/11 21:54:33 | 000,065,536 | ---- | C] () -- C:\Users\ALFREDO GARCIA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/10 23:32:16 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\ntiembed.dll
[2009/07/10 23:30:18 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIMPEG2.dll
[2009/07/10 23:30:18 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTICDMK32.dll
[2009/07/09 17:19:54 | 000,000,014 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2009/07/09 17:19:33 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2009/06/16 02:00:36 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009/06/16 01:49:34 | 000,000,916 | ---- | C] () -- C:\Windows\System32\tosmreg.dat
[2009/06/16 01:22:11 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009/06/16 01:20:49 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/05/03 22:25:09 | 000,209,040 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2009/05/03 22:25:09 | 000,204,944 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2009/05/03 22:25:09 | 000,196,752 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2009/05/03 22:25:09 | 000,196,752 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2009/05/03 22:25:09 | 000,192,656 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2009/05/03 22:25:09 | 000,024,720 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2009/05/03 20:55:09 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/05/03 20:55:09 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/03/03 14:17:44 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1670.dll
[2009/03/03 14:06:02 | 000,445,796 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009/03/03 14:06:02 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2009/03/03 14:06:00 | 002,026,604 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008/10/25 04:30:45 | 000,001,847 | ---- | C] () -- C:\Windows\hpwmdl23.dat
[2007/12/12 19:01:47 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,452,136 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,651,654 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,121,878 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/02/28 14:17:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2004/06/09 15:38:01 | 000,184,320 | ---- | C] () -- C:\Windows\System32\JPeg32.dll
[2003/12/19 04:00:00 | 000,013,387 | ---- | C] () -- C:\Windows\System32\CinemSup.sys
[2001/12/26 18:12:30 | 000,065,536 | R--- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 01:46:38 | 000,110,592 | R--- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 18:33:56 | 000,118,784 | R--- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 00:04:36 | 000,118,784 | R--- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >

**********************************************************************************************************************************************************************************************************************************************************************************************
Extra Log

OTL Extras logfile created on: 4/14/2011 12:45:57 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\ALFREDO GARCIA\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.79 Gb Total Space | 182.42 Gb Free Space | 63.39% Space Free | Partition Type: NTFS

Computer Name: ALFREDO-PC | User Name: ALFREDO GARCIA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- %SystemRoot%\System32\winhlp32.exe %1
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1
htafile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0173981D-C28E-4549-86E5-E8A63AE30626}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{130FB749-2C98-479E-A02B-00B02F2BE341}" = lport=139 | protocol=6 | dir=in | app=system |
"{45B60268-976C-42EB-892F-3047979B3D32}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{4C1D0F51-E748-45AE-B9DA-C5E93C755BA0}" = rport=137 | protocol=17 | dir=out | app=system |
"{6240D58E-C76F-4D02-A008-DC3327334079}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{67266A2F-D9DC-4E7A-B4F5-0E38B21C325F}" = rport=445 | protocol=6 | dir=out | app=system |
"{7205E3AB-F27D-4A5C-8FA0-9EDDB95226E3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{82F5F174-2454-45C2-92F5-2AE43A1D50C7}" = lport=138 | protocol=17 | dir=in | app=system |
"{842E7609-5D10-4A79-984E-4F9EACC15DD5}" = lport=445 | protocol=6 | dir=in | app=system |
"{8C76CBFB-08DA-45A9-A558-55B7C7E87584}" = rport=139 | protocol=6 | dir=out | app=system |
"{8EE7BE68-5EC3-4806-B64E-DF037643356B}" = lport=137 | protocol=17 | dir=in | app=system |
"{9301324B-EE06-425A-9872-3FCE742B42E6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C46A860E-3E91-4A57-8691-1C22ACE4901D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{CC2FA3FF-A9A2-4F60-A85E-3E7372862C47}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DBC5E7ED-9240-465E-8B89-A65735589923}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FA4CF68D-771C-4506-82F4-1D9AD4A12F01}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10FD9E45-6E66-4B64-9E7B-E4A8AFB89EF9}" = protocol=58 | dir=out | [email protected],-28546 |
"{13955EDC-0535-41A0-A5C6-86D326655C6D}" = protocol=1 | dir=out | [email protected],-28544 |
"{162CC2B0-0515-4D6F-977B-206836D0D031}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{2475E81B-6785-4BE7-B29A-48B96A371ECD}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{27C615EF-91EA-46E7-B990-DC695A2F16BD}" = protocol=58 | dir=in | [email protected],-28545 |
"{29210D5E-2070-47D5-83D5-3710BD403B46}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{2D2C4FA2-6E55-492A-8EB1-0095AD69FA8D}" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"{38240648-D7A3-4F6A-A288-67048BDE992A}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{3BF88556-6E3E-4175-829F-7AD46FAAEE2C}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{3D78B3EC-5E82-4838-B817-122F599A2359}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{4107E4D5-F2CA-4B09-8864-05D7209FD894}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{507CECE0-A4F0-4DE6-8013-F41E37058FE4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{56C1A6B1-931E-4617-B281-8EA07EAE751B}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{5937E48C-4DBA-42F7-86E1-C9B28CD143A2}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{5C4AAFCE-0473-4301-BE7A-CBE17E4727A5}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5F9B0966-8E64-4303-8E81-D7113360DBDE}" = protocol=17 | dir=in | app=c:\windows\system32\encdump32.exe |
"{6868D356-B93C-46B7-BD52-9FB844B704A1}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{768E2205-96F4-4243-B013-372D3A5657F6}" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"{77BE3E79-6E80-4212-8F05-80BBD9E2F270}" = dir=in | app=c:\windows\explorer.exe |
"{78B5CED4-3F2D-4957-8967-7324AC8D0FFA}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{791ABF1A-9BFD-4DEC-A063-533B6D3D931D}" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"{7ACC6E87-8C12-4adb-91B7-EFC3F2F4705A}" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"{7DA613F1-884C-493C-86FF-A7CFAF5D7A01}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7DBB8ED4-9902-41E8-B526-35FF8FF70AC4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{8207C490-FEC0-4608-AE2A-0C6991D4365E}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{84CDB5D7-6538-4818-88A8-E9DAC8D90C21}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{8AF1C010-2D26-41AE-96E2-3AB0B0C6772D}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{92459C5E-D350-4cba-AA74-C8F989C9336F}" = protocol=17 | dir=out | app=c:\windows\explorer.exe |
"{93B5DB06-38F8-4FF8-92B7-022A077046CD}" = protocol=6 | dir=out | app=system |
"{9826C9B0-00C1-4CB0-A7F2-911EB7A3051D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{9A4E224B-03BE-41AC-9FA7-24F53697A9D6}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{9FB0008B-69B1-47CC-AB2F-BB48D19211F5}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{A02B96CB-A541-4A8D-A71B-9EA1D7C6F09F}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{A14D7A28-D2ED-4DB2-B36C-1C5747843718}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{A7E29A76-53FF-4281-B1D8-4E414F7ABF40}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{B078B2B6-A878-44ff-9BCC-458257924F96}" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"{B1A40E4F-58DB-490f-9D18-55B5194E8BD5}" = protocol=6 | dir=out | app=c:\windows\explorer.exe |
"{B1D77CDF-9968-47BD-9121-6DF143234F0E}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{B8E18C72-D3C0-4BFA-B56D-8AD50268CE2C}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C3E9B20A-B7E2-4aab-9835-3C548937E46F}" = dir=out | app=c:\windows\explorer.exe |
"{C7A9382F-9043-4F2A-B656-EDA2D61DB602}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{CE6E450F-AE6B-4088-8ACE-714BD059E965}" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"{D0864AE5-7037-49F5-B722-DD4292472E99}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D8077343-BB4B-4DD6-94A2-B66A67F91B5C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{E1660E03-81FD-4FE6-962D-B275015531CC}" = protocol=6 | dir=in | app=c:\windows\system32\encdump32.exe |
"{E719CB39-8BF6-4B8A-BA03-6C204E384D09}" = protocol=6 | dir=in | app=c:\windows\system32\encdump32.exe |
"{EA7CD39B-B2DB-4DC0-89BF-9858E350B801}" = protocol=17 | dir=in | app=c:\windows\system32\encdump32.exe |
"{F219228E-1F1F-4B65-B906-7A3CE7AD8174}" = protocol=1 | dir=in | [email protected],-28543 |
"{F3C4FDD1-1F78-44DF-AEB9-45D9EB1E411D}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{F4CF31FA-7157-4FB9-9094-29090EC3F0AD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{F6A4486D-57CE-4F42-BC8A-F60439FEE3B8}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"TCP Query User{5CB6E9F9-27F9-457E-B508-BBE1623F4935}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{D8517B23-3931-47B6-A5C6-3A7F4F5BD80F}C:\program files\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"UDP Query User{1D46DD2F-FF42-4E02-8AA5-FAC6E11D14C2}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{FC88AE73-E397-4E12-BA29-520C2EA2439D}C:\program files\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{20140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 (Beta)
"{20140000-011A-0000-0000-0000000FF1CE}" = Microsoft Office Send-a-Smile
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{21526716-DFD8-4B90-86D9-EF9F47057B3E}" = Toshiba Resources Page
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2301DA07-8DC7-492F-8BC0-0C83BB0C6997}_is1" = Instant Color Picker 2.5.0.32
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25B3400D-D91E-4649-A742-801FD98225E5}" = Profile Song
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel® PROSet/Wireless WiFi Software
"{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}" = BPDSoftware
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4D9C7DA3-D532-432D-A556-5F6CD186B0A5}" = DJ_AIO_03_F4200_ProductContext
"{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare
"{5FFF9453-7B94-462A-B8F7-AC6D8D9EB1B5}" = Netzero Internet Access Installer
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}" = BPDSoftware_Ini
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83892653-9EB8-4192-803E-D987A85CDD23}" = TOSHIBA Agreement Notification Utility
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9129B46A-51F0-431b-9838-DF7272F3204E}" = ProductContext
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = Toshiba Application and Driver Installer
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9DBCE8C7-FE94-4D8F-9FF0-38EF3D8BC99E}" = DJ_AIO_03_F4200_Software
"{9E2EB8B9-A938-47A2-AB22-6EEEDC7DC44D}" = Cropper
"{9EACCBFC-9B2D-4C6B-BEA1-2C331D662C57}" = WeFi for Windows Mobile
"{A208044D-A88B-4ACF-AE95-E4F213E6EDC0}" = TOSHIBA Supervisor Password
"{A38B9174-F114-422E-B0D2-2F2BBB7F98F7}" = Mirar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A99C6296-A311-4D6C-9602-53B4241921D5}" = Roxio Easy Media Creator 7
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}" = HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29B526D-F027-4122-BC7A-D9E5BC86CC40}" = DJ_AIO_03_F4200_Software_Min
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF5A20B4-55F7-49B8-9302-FAC7C459AF3D}" = Skype Launcher
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0387727-C89D-4774-B643-B9333EAA09DE}" = TOSHIBA Hardware Setup
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE13432E-F0C1-4842-A5BA-CC997DA72A70}" = 6500_E709_eDocs
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = Toshiba Quality Application
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F751C062-87DA-4D33-8A12-6E7F1D4C051C}" = Netflix in Windows Media Center
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FA0F0A01-4631-4161-A6C2-948BF694382E}" = HP Officejet 6500 E709 Series
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode)
"AVS Image Converter_is1" = AVS Image Converter 1.1.3.71
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"BearShare" = BearShare
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"Cisco Connect" = Cisco Connect
"Color Cop_is1" = Color Cop 5.4.3
"ColorCastFX for Digital Cameras_is1" = ColorCastFX for Digital Cameras
"FastStone Photo Resizer" = FastStone Photo Resizer 2.7
"FrameFun_is1" = FrameFun 2.0.0.7
"FrostWire" = FrostWire 4.21.3
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"HotPixels Eliminator for Digital Cameras 1.0_is1" = HotPixels Eliminator for Digital Cameras 1.0
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"Imagelys Picture Styles 5.3" = Imagelys Picture Styles 5.3
"Imagelys Picture Styles 5.5" = Imagelys Picture Styles 5.5
"iMesh" = iMesh
"iMesh 1 MediaBar" = MediaBar
"InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{83892653-9EB8-4192-803E-D987A85CDD23}" = TOSHIBA Agreement Notification Utility
"InstallShield_{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker Gold
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Jabber_is1" = Jabber
"Light Artist_is1" = Light Artist 1.5
"LimeWire" = LimeWire 5.5.8
"Lost Treasures of El Dorado_is1" = Lost Treasures of El Dorado
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MyPlayCity Toolbar" = MyPlayCity Toolbar
"N360" = Norton 360 Premier Edition
"NTE QUICKCross v.14 Uninstall" = NTE QUICKCross v.14
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010 (Beta)
"Opera 11.01.1190" = Opera 11.01
"PhotoRazor" = PhotoRazor
"Picasa 3" = Picasa 3
"Pixillion" = Pixillion Image Converter
"Popims Animator" = Popims Animator
"PROR" = Microsoft Office Professional 2007 Trial
"RealPlayer 12.0" = RealPlayer
"Search Toolbar" = Search Toolbar
"Shop for HP Supplies" = Shop for HP Supplies
"Shop to Win 2" = Shop to Win 2
"ST6UNST #1" = Auto3D
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TextStylist_is1" = TextStylist
"TFP for 2009" = TFP for 2009
"TFP for 2010" = TFP for 2010
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"TranslatorBar_1 Toolbar" = TranslatorBar_1 Toolbar
"Web Photo Album_is1" = Web Photo Album 1.1
"WeFi" = WeFi 3.9.3.1
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/14/2011 1:40:37 PM | Computer Name = ALFREDO-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 4/14/2011 1:40:37 PM | Computer Name = ALFREDO-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 4/14/2011 1:40:37 PM | Computer Name = ALFREDO-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 4/14/2011 1:41:28 PM | Computer Name = ALFREDO-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 4/14/2011 1:41:28 PM | Computer Name = ALFREDO-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 4/14/2011 1:41:28 PM | Computer Name = ALFREDO-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 4/14/2011 1:42:19 PM | Computer Name = ALFREDO-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 4/14/2011 1:42:19 PM | Computer Name = ALFREDO-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 4/14/2011 1:42:19 PM | Computer Name = ALFREDO-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 4/14/2011 1:44:26 PM | Computer Name = ALFREDO-PC | Source = Zatisfi Update | ID = 20
Description =

[ Media Center Events ]
Error - 4/25/2010 2:17:40 AM | Computer Name = ALFREDO-PC | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (5520.1128)

Error - 4/25/2010 2:17:40 AM | Computer Name = ALFREDO-PC | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (5520.1129)

Error - 2/22/2011 10:48:02 PM | Computer Name = ALFREDO-PC | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (4660.1128)

Error - 2/22/2011 10:48:02 PM | Computer Name = ALFREDO-PC | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (4660.1129)

Error - 4/1/2011 9:23:21 PM | Computer Name = ALFREDO-PC | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (7188.1128)

Error - 4/1/2011 9:23:21 PM | Computer Name = ALFREDO-PC | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (7188.1129)

Error - 4/7/2011 8:49:56 PM | Computer Name = ALFREDO-PC | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (2680.1128)

Error - 4/7/2011 8:49:56 PM | Computer Name = ALFREDO-PC | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (2680.1129)

Error - 4/7/2011 9:50:09 PM | Computer Name = ALFREDO-PC | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (1000.1128)

Error - 4/7/2011 9:50:09 PM | Computer Name = ALFREDO-PC | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (1000.1129)

[ System Events ]
Error - 4/13/2011 11:03:09 PM | Computer Name = ALFREDO-PC | Source = HTTP | ID = 15016
Description =

Error - 4/13/2011 11:05:48 PM | Computer Name = ALFREDO-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 4/13/2011 11:05:50 PM | Computer Name = ALFREDO-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 4/14/2011 1:32:32 PM | Computer Name = ALFREDO-PC | Source = HTTP | ID = 15016
Description =

Error - 4/14/2011 1:35:01 PM | Computer Name = ALFREDO-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 4/14/2011 1:35:02 PM | Computer Name = ALFREDO-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 4/14/2011 1:39:50 PM | Computer Name = ALFREDO-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 4/14/2011 1:40:42 PM | Computer Name = ALFREDO-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 4/14/2011 1:41:33 PM | Computer Name = ALFREDO-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 4/14/2011 1:43:15 PM | Computer Name = ALFREDO-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP