Recently, I noticed my system moving slower than usual and one day, I disconnected my internet cable and noticed a shadow screen on my desktop, it flashed. I didn't have any other programs open on my computer other than the Firefox browser. I think there is spyware operating somewhere on my pc. I'd like to find out for certain and remove it from this system.
I've downloaded the OTL and here are the 2 logs:
OTL logfile created on: 3/4/2013 10:41:10 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Marina Lee\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
501.98 Mb Total Physical Memory | 72.30 Mb Available Physical Memory | 14.40% Memory free
1.20 Gb Paging File | 0.70 Gb Available in Paging File | 58.26% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.54 Gb Total Space | 89.20 Gb Free Space | 79.97% Space Free | Partition Type: NTFS
Computer Name: MARINA | User Name: Marina Lee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/04 22:38:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marina Lee\My Documents\Downloads\OTL.exe
PRC - [2013/03/04 19:41:04 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/03/01 14:29:10 | 002,557,544 | ---- | M] () -- C:\Program Files\SpywareBlaster\spywareblaster.exe
PRC - [2013/02/26 22:35:58 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/12/06 03:09:30 | 000,344,064 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
PRC - [2006/01/05 14:02:24 | 000,352,256 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe
PRC - [2005/12/20 11:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2005/12/16 00:21:00 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2005/12/05 11:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005/11/30 12:25:22 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
PRC - [2005/11/28 10:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005/11/28 10:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005/11/17 15:44:38 | 000,798,720 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
PRC - [2005/10/06 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/08/16 11:23:12 | 000,188,416 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
PRC - [2005/07/12 17:14:42 | 000,040,960 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2005/05/31 20:59:58 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2005/04/26 16:13:20 | 000,122,880 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2005/03/11 15:03:16 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe
PRC - [2005/01/17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004/12/30 00:32:20 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2004/08/28 00:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004/08/28 00:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2004/08/18 03:37:44 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2003/08/29 18:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 10:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
========== Modules (No Company Name) ==========
MOD - [2013/03/01 14:29:10 | 002,557,544 | ---- | M] () -- C:\Program Files\SpywareBlaster\spywareblaster.exe
MOD - [2013/02/26 22:35:16 | 003,067,288 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/02/26 21:13:40 | 014,718,320 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll
MOD - [2013/01/01 22:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/02/04 09:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/01/28 19:34:48 | 000,417,792 | ---- | M] () -- C:\Program Files\SpywareBlaster\SQLite3SB.dll
MOD - [2008/04/13 16:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 16:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/01/04 18:14:36 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TouchPad_ONOFF.dll
MOD - [2005/11/28 10:59:16 | 000,876,544 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2005/11/28 10:59:16 | 000,208,965 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2005/11/28 10:59:16 | 000,053,322 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2005/11/23 14:55:38 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\TCtrlIO.dll
MOD - [2005/11/03 10:37:58 | 000,970,862 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2005/07/12 17:14:42 | 000,040,960 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
MOD - [2004/07/20 17:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
MOD - [2003/08/29 18:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
MOD - [2003/08/29 10:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
MOD - [2003/08/02 22:20:57 | 000,126,976 | R--- | M] () -- C:\Program Files\SpywareGuard\spywareguard.dll
MOD - [2002/03/03 04:40:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2013/03/04 19:41:04 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/02/26 22:35:56 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/26 21:13:42 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2005/12/20 11:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2005/07/12 17:14:42 | 000,040,960 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2005/01/17 16:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/28 00:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/03/04 18:51:11 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1515345D-35DF-4268-B342-28322F6D7366}\MpKsl6f743b82.sys -- (MpKsl6f743b82)
DRV - [2008/04/13 10:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007/05/04 16:53:08 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2007/02/27 14:31:28 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/02/16 01:56:07 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\windows\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/12/09 16:48:40 | 004,123,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2005/12/04 09:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51)
DRV - [2005/11/30 11:01:02 | 000,043,392 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/11/30 10:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/11/28 11:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/11/15 09:00:22 | 001,122,656 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/10/20 14:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2005/10/06 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/10/06 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/10/06 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/10/06 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/10/06 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/10/06 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/10/06 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/09/09 14:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/24 15:20:28 | 000,009,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (tbiosdrv)
DRV - [2005/06/02 03:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/01/12 00:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10N.sys -- (KR10N)
DRV - [2004/08/10 04:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 04:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2003/09/19 01:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/01/29 14:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/10 12:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6FC77167-110F-4354-A9B1-A0B39B285B02}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6FC77167-110F-4354-A9B1-A0B39B285B02}: "URL" = http://www.google.co...ie7&rlz=1I7TSHA
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.british-weekly.com/"
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.07074039
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1D4EF0C1-3830-48E5-8381-85A6C3AE7D6F}: C:\Documents and Settings\Marina Lee\Local Settings\Application Data\{1D4EF0C1-3830-48E5-8381-85A6C3AE7D6F} [2009/01/27 18:31:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/03 11:23:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/26 22:34:56 | 000,000,000 | ---D | M]
[2008/09/14 09:06:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marina Lee\Application Data\Mozilla\Extensions
[2012/10/22 17:00:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Marina Lee\Application Data\Mozilla\Firefox\Profiles\hf3radxz.default\extensions
[2011/04/22 17:36:24 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Marina Lee\Application Data\Mozilla\Firefox\Profiles\hf3radxz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(2)
[2011/04/22 17:34:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Marina Lee\Application Data\Mozilla\Firefox\Profiles\hf3radxz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2007/07/07 13:15:55 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Marina Lee\Application Data\Mozilla\Firefox\Profiles\hf3radxz.default\searchplugins\siteadvisor.xml
[2013/02/26 22:34:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/26 22:34:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/02/26 22:34:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/02/26 22:34:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/02/26 22:35:59 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2006/01/18 11:50:00 | 000,319,488 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npsnapfish.dll
[2012/09/16 15:13:01 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/02/26 22:35:13 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2004/08/10 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run File not found
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TDispVol] C:\windows\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [THotkey] C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\windows\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Marina Lee\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\Marina Lee\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] https in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]https in Trusted sites)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1343108606762 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9088424A-184D-4ABE-91A1-0CC17073E94E}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Marina Lee\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marina Lee\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/02/15 07:38:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/03/04 22:27:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Marina Lee\Recent
[2013/03/01 23:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Licenses
[2013/02/26 22:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/25 18:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marina Lee\Local Settings\Application Data\Sun
[2007/05/04 17:44:22 | 000,092,064 | ---- | C] (MCCI) -- C:\Documents and Settings\Marina Lee\mqdmmdm.sys
[2007/05/04 17:44:22 | 000,079,328 | ---- | C] (MCCI) -- C:\Documents and Settings\Marina Lee\mqdmserd.sys
[2007/05/04 17:44:22 | 000,066,656 | ---- | C] (MCCI) -- C:\Documents and Settings\Marina Lee\mqdmbus.sys
[2007/05/04 17:44:22 | 000,009,232 | ---- | C] (MCCI) -- C:\Documents and Settings\Marina Lee\mqdmmdfl.sys
[2007/05/04 17:44:22 | 000,006,208 | ---- | C] (MCCI) -- C:\Documents and Settings\Marina Lee\mqdmcmnt.sys
[2007/05/04 17:44:22 | 000,005,936 | ---- | C] (MCCI) -- C:\Documents and Settings\Marina Lee\mqdmwhnt.sys
[2007/05/04 17:44:22 | 000,004,048 | ---- | C] (MCCI) -- C:\Documents and Settings\Marina Lee\mqdmcr.sys
[2007/05/04 16:53:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Marina Lee\usbsermptxp.sys
[2007/05/04 16:53:08 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Marina Lee\usbsermpt.sys
[8 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\windows\System32\drivers\*.tmp files -> C:\windows\System32\drivers\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/03/04 22:13:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/03/04 19:32:00 | 000,000,472 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job
[2013/03/04 19:00:19 | 000,000,384 | -H-- | M] () -- C:\windows\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/03/04 18:52:00 | 000,001,158 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2013/03/04 18:49:34 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2013/03/04 18:49:27 | 526,438,400 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/02 11:56:12 | 000,132,344 | ---- | M] () -- C:\Documents and Settings\Marina Lee\My Documents\mobileworldcongressBBC-Click.one
[2013/02/20 18:37:42 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2013/02/13 22:05:11 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/02/12 11:56:48 | 000,190,592 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/02/12 11:25:02 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[8 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\windows\System32\drivers\*.tmp files -> C:\windows\System32\drivers\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/03/03 15:42:02 | 000,001,477 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Media Center (2).lnk
[2013/03/02 11:56:10 | 000,132,344 | ---- | C] () -- C:\Documents and Settings\Marina Lee\My Documents\mobileworldcongressBBC-Click.one
[2013/02/12 11:34:10 | 000,000,384 | -H-- | C] () -- C:\windows\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/02/20 16:21:11 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll
[2011/06/19 18:54:45 | 000,000,272 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Application Data\.backup.dm
[2009/11/08 23:43:05 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/04 17:44:22 | 000,009,913 | ---- | C] () -- C:\Documents and Settings\Marina Lee\MCCI_MDM.INF
[2007/05/04 17:44:22 | 000,006,989 | ---- | C] () -- C:\Documents and Settings\Marina Lee\MCCI_BUS.INF
[2007/05/04 17:44:22 | 000,004,477 | ---- | C] () -- C:\Documents and Settings\Marina Lee\MCCI_SDM.INF
[2007/05/04 17:44:21 | 000,015,698 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Copy of oem29.PNF
[2007/05/04 17:44:21 | 000,014,014 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Copy of oem21.PNF
[2007/05/04 17:44:21 | 000,012,836 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Copy of oem22.PNF
[2007/05/04 17:44:21 | 000,012,698 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Copy of oem23.PNF
[2007/05/04 17:44:21 | 000,012,364 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Copy of oem28.PNF
[2007/05/04 17:44:21 | 000,009,232 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Copy of oem29.inf
[2007/05/04 17:44:21 | 000,006,947 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178329461-(null)
[2007/05/04 17:44:21 | 000,006,009 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Copy of oem23.inf
[2007/05/04 17:44:21 | 000,005,877 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Copy of oem22.inf
[2007/05/04 17:44:21 | 000,005,813 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Copy of oem28.inf
[2007/05/04 17:43:51 | 000,009,232 | ---- | C] () -- C:\Documents and Settings\Marina Lee\USB_MOT_BRIT.INF
[2007/05/04 17:43:51 | 000,005,960 | ---- | C] () -- C:\Documents and Settings\Marina Lee\USB_MOT_A1000.INF
[2007/05/04 17:43:50 | 000,014,302 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178329430-oem21.PNF
[2007/05/04 17:43:50 | 000,012,836 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178329430-oem22.PNF
[2007/05/04 17:43:50 | 000,012,482 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178329430-oem23.PNF
[2007/05/04 17:43:50 | 000,007,194 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178329430-oem21.inf
[2007/05/04 17:43:50 | 000,005,877 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178329430-oem22.inf
[2007/05/04 17:43:50 | 000,005,798 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178329430-oem23.inf
[2007/05/04 17:16:16 | 000,014,302 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178327776-oem21.PNF
[2007/05/04 17:16:16 | 000,012,836 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178327776-oem22.PNF
[2007/05/04 17:16:16 | 000,012,482 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178327776-oem23.PNF
[2007/05/04 17:16:16 | 000,007,194 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178327776-oem21.inf
[2007/05/04 17:16:16 | 000,005,877 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178327776-oem22.inf
[2007/05/04 17:16:16 | 000,005,798 | ---- | C] () -- C:\Documents and Settings\Marina Lee\1178327776-oem23.inf
[2007/05/04 16:53:08 | 000,007,201 | ---- | C] () -- C:\Documents and Settings\Marina Lee\USBMOT2000.INF
[2007/05/04 16:53:08 | 000,006,141 | ---- | C] () -- C:\Documents and Settings\Marina Lee\USBMOT2000XP.INF
[2007/05/04 16:53:08 | 000,005,880 | ---- | C] () -- C:\Documents and Settings\Marina Lee\USB_CMCS_2000.INF
[2007/01/20 10:20:58 | 000,000,023 | ---- | C] () -- C:\Documents and Settings\Marina Lee\presets.ini
[2006/08/28 10:39:56 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Marina Lee\Local Settings\Application Data\fusioncache.dat
========== ZeroAccess Check ==========
[2006/02/15 07:35:53 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 16:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 04:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 16:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009/07/18 23:14:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest Software
[2013/03/03 11:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2013/03/01 23:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Licenses
[2013/03/04 22:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/06/14 11:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2012/08/11 12:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marina Lee\Application Data\Amazon
[2012/12/12 00:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marina Lee\Application Data\Ambient Design
[2010/09/05 08:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marina Lee\Application Data\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2012/09/24 20:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marina Lee\Application Data\com.amazon.music.uploader
[2006/08/28 15:22:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marina Lee\Application Data\InterVideo
[2007/09/06 17:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marina Lee\Application Data\Snapfish
[2006/02/16 01:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marina Lee\Application Data\toshiba
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
< End of report >
OTL Extras logfile created on: 3/4/2013 10:41:10 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Marina Lee\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
501.98 Mb Total Physical Memory | 72.30 Mb Available Physical Memory | 14.40% Memory free
1.20 Gb Paging File | 0.70 Gb Available in Paging File | 58.26% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.54 Gb Total Space | 89.20 Gb Free Space | 79.97% Space Free | Partition Type: NTFS
Computer Name: MARINA | User Name: Marina Lee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrade Engine
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\IVP\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader -- (America Online, Inc.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1B7F436A-E4A6-DAB1-5AC3-1BACE19391CC}" = Amazon Music Importer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}" = Motorola Driver Installation
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility
"{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.4
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"CCleaner" = CCleaner
"com.amazon.music.uploader" = Amazon Music Importer
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.1
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 19.0 (x86 en-US)" = Mozilla Firefox 19.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"oggcodecs" = oggcodecs 0.71.0946
"PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
"Power Saver" = TOSHIBA Power Saver
"ProInst" = Intel® PROSet/Wireless Software
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer Basic
"SpywareBlaster_is1" = SpywareBlaster 5.0
"SpywareGuard_is1" = SpywareGuard v2.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"TOSHIBA TV Tuner" = TOSHIBA TV Tuner 4.0.12.73
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Internet Mail" = Yahoo! Internet Mail
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12/24/2012 11:15:23 PM | Computer Name = MARINA | Source = Application Hang | ID = 1001
Description = Fault bucket 03939373.
Error - 12/24/2012 11:15:32 PM | Computer Name = MARINA | Source = Application Hang | ID = 1001
Description = Fault bucket 03939373.
Error - 12/24/2012 11:15:33 PM | Computer Name = MARINA | Source = Application Hang | ID = 1001
Description = Fault bucket 03939373.
Error - 2/2/2013 4:49:51 PM | Computer Name = MARINA | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 18.0.1.4764, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 2/2/2013 4:50:21 PM | Computer Name = MARINA | Source = Application Hang | ID = 1001
Description = Fault bucket -930932650.
Error - 2/4/2013 10:15:48 PM | Computer Name = MARINA | Source = ESENT | ID = 489
Description = wuauclt (700) An attempt to open the file "C:\windows\SoftwareDistribution\DataStore\Logs\edb.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).
Error - 2/4/2013 10:15:48 PM | Computer Name = MARINA | Source = ESENT | ID = 455
Description = wuaueng.dll (700) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred
while opening logfile C:\windows\SoftwareDistribution\DataStore\Logs\edb.log.
Error - 2/4/2013 10:15:51 PM | Computer Name = MARINA | Source = ESENT | ID = 485
Description = wuauclt (700) An attempt to delete the file "C:\windows\SoftwareDistribution\DataStore\Logs\edbtmp.log"
failed with system error 32 (0x00000020): "The process cannot access the file because
it is being used by another process. ". The delete file operation will fail with
error -1032 (0xfffffbf8).
Error - 2/24/2013 6:29:36 PM | Computer Name = MARINA | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved
Error - 3/3/2013 12:38:10 AM | Computer Name = MARINA | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 onenote.exe, P2 12.0.6606.1000, P3
ntdll.dll, P4 5.1.2600.6055, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
[ System Events ]
Error - 3/2/2013 2:44:22 AM | Computer Name = MARINA | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.145.391.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 3/2/2013 2:44:22 AM | Computer Name = MARINA | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.145.391.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094
Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.9203.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved
Error - 3/2/2013 2:44:22 AM | Computer Name = MARINA | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.145.391.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094
Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.9203.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved
Error - 3/2/2013 2:29:06 PM | Computer Name = MARINA | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.145.391.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 3/2/2013 2:29:06 PM | Computer Name = MARINA | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.145.391.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094
Signature
Type: %%800 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.9203.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved
Error - 3/2/2013 2:29:06 PM | Computer Name = MARINA | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.145.391.0 Update Source: %%851 Update Stage:
%%852 Source Path: http://go.microsoft....5D-99752CCA7094
Signature
Type: %%801 Update Type: %%803 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version:
Previous Engine Version: 1.1.9203.0 Error code: 0x80072ee7 Error description: The
server name or address could not be resolved
Error - 3/2/2013 2:38:02 PM | Computer Name = MARINA | Source = Dhcp | ID = 1002
Description = The IP address lease 142.136.142.159 for the Network Card with network
address 00A0D14D714C has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 3/2/2013 2:38:33 PM | Computer Name = MARINA | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.100.10 for the Network Card with network
address 00A0D14D714C has been denied by the DHCP server 76.85.238.52 (The DHCP Server
sent a DHCPNACK message).
Error - 3/4/2013 11:02:09 PM | Computer Name = MARINA | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.145.937.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error
code: 0x80240022 Error description: The program can't check for definition updates.
Error - 3/4/2013 11:02:09 PM | Computer Name = MARINA | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.145.937.0 Update Source: %%859 Update Stage:
%%853 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9203.0 Error
code: 0x80240022 Error description: The program can't check for definition updates.
< End of report >
Thank you very much.