Norton told me I have a Trojan and that they could fix it for $299

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=40f53dd38fe28d4b9d72d667db35918e
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-08-10 03:57:06
# local_time=2012-08-09 11:57:06 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3589 16777213 100 84 1058614 95129690 0 0
# compatibility_mode=5893 16776574 100 94 32098443 96098385 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=134326
# found=1
# cleaned=1
# scan_time=17437
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dllWin32/Adware.Yontoo.B application (cleaned by deleting - quarantined)00000000000000000000000000000000C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=40f53dd38fe28d4b9d72d667db35918e
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-15 03:04:01
# local_time=2012-08-14 11:04:01 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3589 16777213 100 84 1495474 95566550 0 0
# compatibility_mode=5893 16776574 100 94 32535303 96535245 0 0
# compatibility_mode=8192 67108863 100 0 350843 350843 0 0
# scanned=132570
# found=0
# cleaned=0
# scan_time=9387

Computer is still a little slow. In Task Manager, there are 78 processes. When I check "Show processes from all users," there are 80 processes; the 2 additional ones are svchost.exe at about 16,000 K each. I'm the only one on the network - who are the other users? Also, I keep getting an "ssvagent.exe is trying to make change to your hard drive" message. In IE, babylon was listed as the default search provider, even though I had changed it to google a few days ago. Not sure if any of these are concerns. Please advise.

OTL.Txt Part 1 (had to break it up because it's > 5,000 characters)
========== Files/Folders - Created Within 30 Days ==========

[2012/08/16 14:02:43 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Shinji\Desktop\OTL.exe
[2012/08/14 20:25:53 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Shinji\Desktop\esetsmartinstaller_enu.exe
[2012/08/14 00:12:31 | 000,000,000 | ---D | C] -- C:\windows\TEMP
[2012/08/13 20:02:50 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/13 20:02:37 | 000,000,000 | ---D | C] -- C:\Users\Shinji\AppData\Local\temp
[2012/08/13 19:36:13 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/08/13 19:30:31 | 004,733,169 | R--- | C] (Swearware) -- C:\Users\Shinji\Desktop\ComboFix.exe
[2012/08/11 10:39:50 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\System32\drivers\56258661.sys
[2012/08/11 10:36:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/08/09 19:00:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/08/07 22:50:09 | 000,000,000 | ---D | C] -- C:\Users\Shinji\AppData\Local\CrashDumps
[2012/08/07 22:01:28 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/08/07 22:01:28 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/08/07 22:01:28 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/08/07 21:58:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/07 21:58:15 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2012/08/02 22:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/08/02 22:19:28 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/08/02 22:18:49 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll
[2012/08/02 22:18:49 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2012/08/02 22:18:25 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2012/08/02 22:18:25 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
[2012/08/02 22:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/08/01 23:05:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/08/01 18:31:21 | 000,000,000 | ---D | C] -- C:\Users\Shinji\AppData\Roaming\Malwarebytes
[2012/08/01 18:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/01 18:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/01 18:30:00 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/08/01 18:30:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/08/01 15:58:41 | 000,000,000 | ---D | C] -- C:\Users\Shinji\AppData\Local\LogMeIn Rescue Applet
[2012/08/01 14:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\DefaultTab
[2012/08/01 14:45:36 | 000,000,000 | ---D | C] -- C:\Users\Shinji\AppData\Roaming\DefaultTab
[2012/08/01 14:45:16 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2012/08/01 14:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/08/01 14:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/08/01 14:18:41 | 000,000,000 | ---D | C] -- C:\Users\Shinji\Documents\New folder (2)
[2012/07/23 15:19:29 | 000,000,000 | ---D | C] -- C:\Users\Shinji\Documents\New folder
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/16 14:02:59 | 000,016,304 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/16 14:02:59 | 000,016,304 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/16 14:02:46 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Shinji\Desktop\OTL.exe
[2012/08/16 13:54:50 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/16 13:54:22 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/16 13:54:15 | 1408,045,056 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/15 23:47:14 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/15 23:47:02 | 000,000,860 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1755257046-4205032674-3146734800-1000Core.job
[2012/08/15 23:47:01 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1755257046-4205032674-3146734800-1000UA.job
[2012/08/14 20:25:38 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Shinji\Desktop\esetsmartinstaller_enu.exe
[2012/08/13 19:57:41 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2012/08/13 19:30:27 | 004,733,169 | R--- | M] (Swearware) -- C:\Users\Shinji\Desktop\ComboFix.exe
[2012/08/11 10:40:39 | 000,001,024 | ---- | M] () -- C:\Users\Shinji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_56258661.lnk
[2012/08/08 11:11:11 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\System32\drivers\56258661.sys
[2012/08/02 22:18:12 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2012/08/02 22:18:11 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
[2012/08/01 18:30:08 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/01 15:54:27 | 000,002,431 | ---- | M] () -- C:\Users\Shinji\Desktop\Chrome.lnk
[2012/08/01 14:45:05 | 000,000,319 | ---- | M] () -- C:\user.js
[2012/08/01 14:05:37 | 000,624,178 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/08/01 14:05:37 | 000,106,522 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/08/01 13:52:08 | 000,001,584 | ---- | M] () -- C:\Users\Shinji\Documents\StreetFood9780756642181.acsm
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/11 10:40:38 | 000,001,024 | ---- | C] () -- C:\Users\Shinji\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_56258661.lnk
[2012/08/07 22:01:28 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/08/07 22:01:28 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/08/07 22:01:28 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/08/07 22:01:28 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/08/07 22:01:28 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/08/01 18:30:08 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/01 14:45:03 | 000,000,319 | ---- | C] () -- C:\user.js
[2012/08/01 14:31:04 | 000,001,584 | ---- | C] () -- C:\Users\Shinji\Documents\StreetFood9780756642181.acsm
[2011/01/23 12:18:13 | 000,000,165 | ---- | C] () -- C:\windows\QUICKEN.INI
[2010/12/12 23:41:19 | 000,111,932 | ---- | C] () -- C:\windows\System32\EPPICPrinterDB.dat
[2010/12/12 23:41:19 | 000,031,053 | ---- | C] () -- C:\windows\System32\EPPICPattern131.dat
[2010/12/12 23:41:19 | 000,027,417 | ---- | C] () -- C:\windows\System32\EPPICPattern121.dat
[2010/12/12 23:41:19 | 000,026,154 | ---- | C] () -- C:\windows\System32\EPPICPattern1.dat
[2010/12/12 23:41:19 | 000,024,903 | ---- | C] () -- C:\windows\System32\EPPICPattern3.dat
[2010/12/12 23:41:19 | 000,021,390 | ---- | C] () -- C:\windows\System32\EPPICPattern5.dat
[2010/12/12 23:41:19 | 000,020,148 | ---- | C] () -- C:\windows\System32\EPPICPattern2.dat
[2010/12/12 23:41:19 | 000,011,811 | ---- | C] () -- C:\windows\System32\EPPICPattern4.dat
[2010/12/12 23:41:19 | 000,004,943 | ---- | C] () -- C:\windows\System32\EPPICPattern6.dat
[2010/12/12 23:41:19 | 000,001,146 | ---- | C] () -- C:\windows\System32\EPPICPresetData_DU.dat
[2010/12/12 23:41:19 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_PT.dat
[2010/12/12 23:41:19 | 000,001,139 | ---- | C] () -- C:\windows\System32\EPPICPresetData_BP.dat
[2010/12/12 23:41:19 | 000,001,136 | ---- | C] () -- C:\windows\System32\EPPICPresetData_ES.dat
[2010/12/12 23:41:19 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_FR.dat
[2010/12/12 23:41:19 | 000,001,129 | ---- | C] () -- C:\windows\System32\EPPICPresetData_CF.dat
[2010/12/12 23:41:19 | 000,001,120 | ---- | C] () -- C:\windows\System32\EPPICPresetData_IT.dat
[2010/12/12 23:41:19 | 000,001,107 | ---- | C] () -- C:\windows\System32\EPPICPresetData_GE.dat
[2010/12/12 23:41:19 | 000,001,104 | ---- | C] () -- C:\windows\System32\EPPICPresetData_EN.dat
[2010/12/12 23:41:19 | 000,000,097 | ---- | C] () -- C:\windows\System32\PICSDK.ini
[2010/12/12 23:15:23 | 000,000,013 | RHS- | C] () -- C:\windows\System32\drivers\fbd.sys

========== Custom Scans ==========

< %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5 >

< %AppData%\Local\ >

< %systemroot%\system32\sysprep >

< *.xpi /md5 >

< %systemroot%\Downloaded Program Files\ >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile >
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

OTL.Txt Part 2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Shinji\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/14 00:31:01 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Shinji\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/14 00:31:01 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Shinji\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/14 00:31:01 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Shinji\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/08/14 00:31:01 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Shinji\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/14 00:31:01 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Shinji\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/14 00:31:01 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Shinji\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/14 00:31:01 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Shinji\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/08/14 00:31:01 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >
[2012/08/08 11:11:11 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\windows\system32\drivers\56258661.sys
[2012/06/02 00:40:59 | 000,369,336 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\drivers\cng.sys
[2012/06/02 00:45:04 | 000,067,440 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\drivers\ksecdd.sys
[2012/06/02 00:45:03 | 000,134,000 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\drivers\ksecpkg.sys
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\windows\system32\drivers\mbam.sys

< %systemroot%\System32\config\*.sav >

< %SYSTEMDRIVE%\*.exe /md5 >

< "%WinDir%\$NtUninstallKB*$." /30 >

< %systemdrive%\Program Files\Common Files\ComObjects\*.* /s >

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\Installer\ /s >

< %systemroot%\system32\Cache\ /s >

< %systemroot%\system32\config\systemprofile\Application Data /s >

< %PROGRAMFILES%\*. >
[2011/10/24 21:33:23 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/09/14 18:53:06 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/07/20 00:37:33 | 000,000,000 | ---D | M] -- C:\Program Files\ATI
[2010/07/20 00:38:49 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2011/04/18 13:02:27 | 000,000,000 | ---D | M] -- C:\Program Files\Bing Bar Installer
[2011/11/21 00:33:22 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/09/22 15:28:30 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2010/12/27 23:05:02 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2011/06/01 15:02:20 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2012/08/13 19:48:15 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/08/28 00:07:58 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2011/03/30 22:08:46 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2012/08/01 23:07:58 | 000,000,000 | ---D | M] -- C:\Program Files\DefaultTab
[2011/04/08 20:32:59 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2011/08/01 15:29:52 | 000,000,000 | ---D | M] -- C:\Program Files\Dorling Kindersley
[2011/07/24 14:52:33 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2012/08/09 19:00:11 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2011/01/08 22:02:00 | 000,000,000 | ---D | M] -- C:\Program Files\Free Offers from Freeze.com
[2011/11/17 08:11:47 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/08/01 15:29:52 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2012/06/14 08:17:08 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/08/28 00:12:58 | 000,000,000 | ---D | M] -- C:\Program Files\Intuit
[2012/05/27 01:04:24 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2012/05/27 01:05:26 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2012/08/02 22:18:09 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/09/14 18:53:07 | 000,000,000 | ---D | M] -- C:\Program Files\LeapFrog
[2012/08/01 18:30:11 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/04/09 08:52:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2009/07/14 03:49:30 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/04/08 21:16:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
[2011/07/24 12:25:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/07/20 00:36:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Suite Activation Assistant
[2012/05/19 16:35:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/08/28 00:16:15 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/01/25 22:11:33 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2011/01/25 22:07:48 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2011/09/14 18:53:07 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/12/17 14:36:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2012/08/01 14:44:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2011/01/25 22:11:56 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2011/04/18 13:02:16 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar
[2011/01/25 01:32:40 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2012/01/04 01:04:22 | 000,000,000 | ---D | M] -- C:\Program Files\Norton 360
[2009/08/28 00:17:34 | 000,000,000 | ---D | M] -- C:\Program Files\NortonInstaller
[2012/08/02 22:19:28 | 000,000,000 | ---D | M] -- C:\Program Files\Oracle
[2010/12/12 23:40:43 | 000,000,000 | ---D | M] -- C:\Program Files\Panasonic
[2009/08/28 00:05:37 | 000,000,000 | ---D | M] -- C:\Program Files\PlayReady
[2011/09/14 18:53:07 | 000,000,000 | ---D | M] -- C:\Program Files\Quicken
[2012/05/27 00:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/07/20 00:43:09 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2010/07/20 00:44:33 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek WLAN Driver
[2009/07/14 00:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2012/01/04 01:05:11 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2010/07/20 00:46:17 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2010/07/20 00:42:21 | 000,000,000 | -H-D | M] -- C:\Program Files\Temp
[2010/12/12 23:15:20 | 000,000,000 | ---D | M] -- C:\Program Files\TOSHIBA
[2009/08/28 00:13:36 | 000,000,000 | ---D | M] -- C:\Program Files\TOSHIBA Corporation
[2009/08/28 00:12:50 | 000,000,000 | ---D | M] -- C:\Program Files\TOSHIBA Games
[2011/04/12 21:12:00 | 000,000,000 | ---D | M] -- C:\Program Files\TurboTax
[2009/07/14 00:53:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/01/21 02:03:55 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2011/07/24 14:52:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2012/05/11 18:15:52 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2011/04/20 01:33:03 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2011/07/24 14:52:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011/07/24 14:52:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/07/14 00:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/07/24 14:52:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2011/07/24 14:52:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011/07/24 14:52:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2012/08/02 21:52:13 | 000,000,000 | ---D | M] -- C:\Program Files\Yontoo

< %appdata%\*.* >

< MD5 for: AFD.SYS >
[2011/04/24 22:35:40 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=0DB7A48388D54D154EBEC120461A0FCD -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_d81220b5bf827af7\afd.sys
[2010/11/20 04:40:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=1151FD4FB0216CFED887BFDE29EBD516 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_d9efac7dbcaf385b\afd.sys
[2011/04/24 22:18:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=9EBBBA55060F786F0FCAA3893BFA2806 -- C:\Windows\System32\drivers\afd.sys
[2011/04/24 22:18:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=9EBBBA55060F786F0FCAA3893BFA2806 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys
[2011/04/24 22:27:23 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=C114AB7A1550D42EA1700FFD4179CF5A -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_d864ad9ad8c98d1f\afd.sys
[2011/04/24 23:24:09 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=C427F91A748CD342A2B3F9278D9FD6A5 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_da774a9ad5cea29e\afd.sys
[2009/07/13 19:12:38 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=DDC040FDB01EF1712A6B13E52AFB104C -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_d7be98b5bfc0b4c1\afd.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\erdnt\cache\cryptsvc.dll
[2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\System32\cryptsvc.dll
[2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012/04/24 00:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 00:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2009/07/13 21:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 08:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/04/24 00:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: DNSRSLVR.DLL >
[2010/11/20 08:18:33 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=2FE30D71919C51131405797620E0A714 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_e3e9e6c8e09b7c76\dnsrslvr.dll
[2011/03/03 01:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=33EF4861F19A0736B11314AAD9AE28D0 -- C:\Windows\System32\dnsrslvr.dll
[2011/03/03 01:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=33EF4861F19A0736B11314AAD9AE28D0 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_e3a50618e0cfbec0\dnsrslvr.dll
[2011/03/03 01:29:23 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=B15BE77A2BACF9C3177D27518AFE26A9 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_e1c0a9a6e3a78582\dnsrslvr.dll
[2011/03/03 01:50:46 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=B3A0A4414D8EC1DD28018004CE8DCBEE -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_e28d2873fc92ad7b\dnsrslvr.dll
[2009/07/13 21:15:12 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=D0722E963D3C6145446874241401B209 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_e1b8d300e3acf8dc\dnsrslvr.dll
[2011/03/03 01:12:25 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=F3501CA4E93BF218C71CF9DEECEE838F -- C:\Windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_e431a3c1f9eaaa8f\dnsrslvr.dll

< MD5 for: ES.DLL >
[2012/08/14 00:29:58 | 000,008,728 | ---- | M] () MD5=7AD37261A349BE597C2E4C58B093B63D -- C:\Users\Shinji\AppData\Local\Google\Chrome\Application\21.0.1180.79\Locales\es.dll
[2012/08/07 02:42:39 | 000,008,728 | ---- | M] () MD5=DA1DB7B22439EEFAF1AF12F32164772C -- C:\Users\Shinji\AppData\Local\Google\Chrome\Application\21.0.1180.75\Locales\es.dll
[2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\erdnt\cache\es.dll
[2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\System32\es.dll
[2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_0cc3f540b311359a\es.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: IPNATHLP.DLL >
[2009/07/13 21:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) MD5=D1A079A0DE2EA524513B6930C24527A2 -- C:\Windows\System32\ipnathlp.dll
[2009/07/13 21:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) MD5=D1A079A0DE2EA524513B6930C24527A2 -- C:\Windows\winsxs\x86_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_04a3b4c9aa9fddd8\ipnathlp.dll

< MD5 for: NETBT.SYS >
[2010/11/20 04:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=280122DDCF04B378EDD1AD54D71C1E54 -- C:\Windows\System32\drivers\netbt.sys
[2010/11/20 04:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=280122DDCF04B378EDD1AD54D71C1E54 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_626c324d55864070\netbt.sys
[2009/07/13 19:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=DD52A733BF4CA5AF84562A5E2F963B91 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_603b1e855897bcd6\netbt.sys

< MD5 for: NETMAN.DLL >
[2009/07/13 21:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) MD5=7CCCFCA7510684768DA22092D1FA4DB2 -- C:\Windows\erdnt\cache\netman.dll
[2009/07/13 21:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) MD5=7CCCFCA7510684768DA22092D1FA4DB2 -- C:\Windows\System32\netman.dll
[2009/07/13 21:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) MD5=7CCCFCA7510684768DA22092D1FA4DB2 -- C:\Windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_0f9371b9b32368a4\netman.dll

< MD5 for: QMGR.DLL >
[2009/07/13 21:16:12 | 000,589,312 | ---- | M] (Microsoft Corporation) MD5=53F476476F55A27F580661BDE09C4EC4 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_23671b105ac5a0fd\qmgr.dll
[2010/11/20 08:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\erdnt\cache\qmgr.dll
[2010/11/20 08:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\System32\qmgr.dll
[2010/11/20 08:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_25982ed857b42497\qmgr.dll

< MD5 for: RPCSS.DLL >
[2010/11/20 08:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) MD5=7660F01D3B38ACA1747E397D21D790AF -- C:\Windows\erdnt\cache\rpcss.dll
[2010/11/20 08:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) MD5=7660F01D3B38ACA1747E397D21D790AF -- C:\Windows\System32\rpcss.dll
[2010/11/20 08:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) MD5=7660F01D3B38ACA1747E397D21D790AF -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll
[2009/07/13 21:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) MD5=B82CD39E336973359D7C9BF911E8E84F -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_69a1321f9f3393ad\rpcss.dll

< MD5 for: SERVICES.EXE >
[2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 00:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 01:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 12:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011/04/25 00:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/13 21:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 08:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 12:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012/03/30 06:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 11:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011/09/29 12:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 02:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012/03/30 06:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\erdnt\cache\tcpip.sys
[2012/03/30 06:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012/03/30 06:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/25 00:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 05:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011/06/21 01:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010/06/14 02:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010/06/14 02:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011/06/21 01:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 02:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/03/30 06:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: TDX.SYS >
[2010/11/20 04:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 -- C:\Windows\erdnt\cache\tdx.sys
[2010/11/20 04:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 -- C:\Windows\System32\drivers\tdx.sys
[2010/11/20 04:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=B459575348C20E8121D6039DA063C704 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ec4532373a57c1c2\tdx.sys
[2009/07/13 19:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) MD5=CB39E896A2A83702D1737BFD402B3542 -- C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2009/07/13 21:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) MD5=58DF9D2481A56EDDE167E51B334D44FD -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys
[2010/11/20 08:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys
[2010/11/20 08:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys
[2010/11/20 08:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\erdnt\cache\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 02:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 01:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/07/13 21:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WMISVC.DLL >
[2009/07/13 21:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=F62E510B6AD4C21EB9FE8668ED251826 -- C:\Windows\System32\wbem\WMIsvc.dll
[2009/07/13 21:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=F62E510B6AD4C21EB9FE8668ED251826 -- C:\Windows\winsxs\x86_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7600.16385_none_a08911f35844b3ff\WMIsvc.dll
[2009/07/13 21:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) MD5=F62E510B6AD4C21EB9FE8668ED251826 -- C:\Windows\winsxs\x86_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7601.17514_none_a2ba25bb55333799\WMIsvc.dll

< MD5 for: WSCSVC.DLL >
[2009/07/13 21:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=6F5D49EFE0E7164E03AE773A3FE25340 -- C:\Windows\System32\wscsvc.dll
[2009/07/13 21:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=6F5D49EFE0E7164E03AE773A3FE25340 -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16385_none_1a16b3d6136c6bb2\wscsvc.dll
[2009/07/13 21:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=6F5D49EFE0E7164E03AE773A3FE25340 -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7601.17514_none_1c47c79e105aef4c\wscsvc.dll
[2010/12/21 01:38:24 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=A661A76333057B383A06E65F0073222F -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16723_none_1a559a62133d85fa\wscsvc.dll
[2010/12/21 01:29:14 | 000,073,728 | ---- | M] (Microsoft Corporation) MD5=FC6DB3FF10A271A83A2CAFB340120FC4 -- C:\Windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.20862_none_1ab2f7332c7c7c31\wscsvc.dll

< End of report >

Extras.Txt


OTL Extras logfile created on: 8/16/2012 2:09:37 PM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Shinji\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 34.65% Memory free
3.50 Gb Paging File | 2.08 Gb Available in Paging File | 59.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.33 Gb Total Space | 179.91 Gb Free Space | 80.56% Space Free | Partition Type: NTFS

Computer Name: SHINJI-PC | User Name: Shinji | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{034A10A3-D8AC-4DE2-AB4D-6CA4A21E268F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{10EC38E2-E72D-45EE-88C7-B8E8ED82C565}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{159916ED-BD27-4049-BCBF-09C69B834BFF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{20969656-B142-46A4-B71D-A5D693327570}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38C9414F-32BB-4363-9F63-8C6FF23B2CE1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3BC91621-1D8E-4DF5-8DF4-3DB73EC88D0A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4184636F-D634-4461-BBE0-0F84489EA7F3}" = lport=139 | protocol=6 | dir=in | app=system |
"{4AE56D7E-8C8F-42F2-B37B-E6A9E5FBD539}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{59B58A95-71E1-40CC-AD08-6DB91CAD1008}" = rport=139 | protocol=6 | dir=out | app=system |
"{6CD5713E-D336-41FC-92E8-A018F9E8A4DE}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdater.exe |
"{7155AC61-B188-4F3A-8FA7-E6C360B7F04F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{73DE3C11-99F4-41CC-BCC4-DBE3BC913668}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{79A47543-4A6E-4D35-9960-5F3DEB6093A8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{830BF615-6653-40A7-93F2-A5AB9DCF5C6F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8BC2026C-BBE9-4FF0-8DB8-A60787304574}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{8BCD3919-EE9E-43E3-A9CC-E245EDA4A555}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdateservice.exe |
"{8CF2BD24-1761-4300-A292-7BC47F765D5C}" = rport=445 | protocol=6 | dir=out | app=system |
"{91FD9003-3766-485E-8A7B-35E7CAD4AEB5}" = lport=137 | protocol=17 | dir=in | app=system |
"{A6CB10E0-37FD-4A0C-87E5-1EEE2972E6C1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A8F23AE5-A78B-4032-B6FF-799C739834CF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A9560057-CD01-4187-8150-7B95C6AB1F92}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AB2C89B9-E358-4CA8-94D1-4A8AB114239E}" = lport=445 | protocol=6 | dir=in | app=system |
"{B252D743-3AAD-461C-B3E6-A9CD59E679E8}" = rport=138 | protocol=17 | dir=out | app=system |
"{C1282D80-E801-4BD1-A3DA-B0A37044C1D7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C29733A9-1D43-40A6-BC5F-92362F653AA2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C2DAC132-32C3-40E3-83A6-BF16290EC5CE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DE9E48F3-AC16-47C1-BA6F-97673A43E73E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E3BBE552-AC0C-434F-9214-02584E038099}" = rport=137 | protocol=17 | dir=out | app=system |
"{F12779FA-364E-47D8-A414-306C7EEDF47C}" = lport=138 | protocol=17 | dir=in | app=system |
"{F77ABA8A-AD55-43DD-BB9B-5FAE1B6700E8}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01BC30CB-EEEF-45A2-AE22-6BDA6A572C64}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{029169C1-C46F-4894-B78E-F0546D87FCAA}" = protocol=6 | dir=out | app=system |
"{08550900-029A-4C7E-90E7-4330A8FC9CA9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0A6D105D-5C1C-4E14-B31E-6E84E273AD5A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0AC8A468-2EA0-4E6F-847A-16D60EFBC2BC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F3A9138-3985-4186-9F11-A8162C53AD68}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{12629EF8-5AB0-4752-8151-2520FDFEA6D0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1470485D-14B3-4B30-A56E-FF044E56EFD5}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{1C426E47-6E8E-4568-A469-3BBD69F5FC58}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{2D07CEF8-4D4F-474A-B752-8755D1C12A00}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{598BEE4D-475D-457F-A208-F280DB9A8B7A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{64035E44-58DC-418E-895F-997F6514108E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6ABC96B6-C3FE-4118-8A35-DEAAA1781991}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{79307E06-38CB-41DE-88E6-8994DC5B5FA5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7AB270EC-8509-487B-B4BC-07CB38F07E68}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9335B1C0-D150-46CA-BDC5-7CDF26A42093}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{A0388050-BE47-45CE-A161-DA97424079E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A76E92A0-3DBF-4EBA-8A50-7E9C868734BD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B3B7710B-2A16-4AC0-B0B0-0503E602EE99}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B5AEF1F4-6D35-425E-AC30-B4FC149BAA15}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{B99D3A95-4AF8-437A-88B2-0BA60C967D2E}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{BC4E1471-93FD-4957-8256-74A96DD287A0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{BC9D7507-1232-41F8-A5B0-242E627C85A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE5D1621-3752-4A46-80B0-A99FED27B352}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C51C3077-C097-4F2A-A9C4-B1B427A54197}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C9BA1A14-17BA-4E54-AD44-5D326EFD95B8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CC0E2864-C4FA-4097-819A-B99CFE422A48}" = dir=in | app=c:\program files\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{D525606F-3503-4BC0-85A7-BF6B087C80EB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D85EC5F2-C0AC-4359-84D5-3790EE228345}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E5368E91-98FC-4049-977F-7718AD707E0C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FECEADC3-AD49-426A-8024-5A4FA54F0111}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}" = MyToshiba
"{03DF638A-D61C-4893-B8B9-845900C03163}" = TurboTax 2010 wnyiper
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{0DB8F853-899A-8628-E0D7-29FB190CF848}" = Catalyst Control Center Graphics Full Existing
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{117BCF94-6A1E-6741-39F5-09444381445E}" = CCC Help Italian
"{1211D6B0-B7B5-CB9A-99A2-066473FC35CA}" = CCC Help Swedish
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{14956199-1890-C3D4-F8B8-3C0C6FD82993}" = ccc-core-static
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D210042-41EE-4472-2219-6A900366B9A3}" = CCC Help French
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2ABB6396-785C-E2CB-579E-79BAF98E0527}" = Catalyst Control Center Graphics Previews Vista
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3B843B38-04B1-4CE6-8888-586273E0F289}" = Quickbooks Financial Center
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C6BE429-9C6E-4A02-A085-73FB485D3BBA}" = LeapFrog Tag Plugin
"{3E1B8E31-9692-207B-77B7-A8339AF03795}" = Catalyst Control Center Graphics Full New
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B08CD7C-AE3E-4E64-BD0A-6C0D768B248A}" = Smart Steps 1st Grade
"{4BC83065-F98B-4DB1-B4AE-AA2F1FA9BA2B}" = LeapFrog Connect
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{51C77E17-3337-6409-16A9-A90CA8B9BBF6}" = ccc-utility
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{58630658-9DF7-E873-9F5D-0EAF87D25DAA}" = CCC Help Norwegian
"{594A3C2C-19B3-E02E-359C-B8D134F6B939}" = CCC Help Korean
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{6055830B-40E4-C794-3F04-2D0CD8AF1AAC}" = CCC Help Russian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6DEEA6A7-AC84-4C08-9944-E06E08DF98B4}" = TurboTax 2010 wctiper
"{6E932CA6-FD17-7694-FD7C-14CE25770EA5}" = Catalyst Control Center Graphics Previews Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{739A6E9D-5D7D-8A5D-EC8A-4BD11E5749AA}" = CCC Help Hungarian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8C72927B-7410-131A-E641-B9C505F4973C}" = CCC Help Japanese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{911AB6CA-E04C-1E98-523D-8FCFAB4F456C}" = CCC Help Czech
"{9216C6A7-694A-4437-BD00-BD1CF58E1839}" = CCC Help Spanish
"{92DE68CE-BC3E-7323-EA53-99490C8BD34D}" = Catalyst Control Center Graphics Light
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9668AE11-E05C-8169-F6D8-FBF7B507D7DB}" = CCC Help German
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = Toshiba Application and Driver Installer
"{979587FD-F264-3C71-B0BE-6FC8DA993790}" = CCC Help Thai
"{999307CD-D57D-8C98-27ED-07F384ACFAA1}" = CCC Help Turkish
"{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO
"{9AEAF9CC-390B-49C0-8F7F-14092BF163B6}" = NetZero Launcher
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7594D38-0B7E-BCF7-A938-1AC03A6477FB}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AC7BE07B-14D3-6EB5-814A-EB0A63CBFB47}" = CCC Help Polish
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1CDB3C6-8DD8-4864-8589-BDFBDA033941}" = CCC Help Chinese Traditional
"{B4BB4CF2-F475-FB20-7AFA-F8AED032BFF8}" = ATI Catalyst Install Manager
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BA4DF4C3-196E-4128-969A-00996B5A46F8}" = Canon MP500
"{BDABF8CD-7436-EC6C-DD82-439225E22557}" = CCC Help Finnish
"{C1090432-AD78-4965-A23A-5539744C1821}" = LeapFrog Leapster2 Plugin
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{C5A15C68-0DF3-8A13-352E-E605491D7E3D}" = Catalyst Control Center InstallProxy
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD232781-26CA-4E18-BC70-4343A2F0D583}" = Microsoft IntelliPoint 8.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFAE78A9-A7A4-537E-7CC0-5A794FFBF73F}" = Catalyst Control Center Core Implementation
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D19A1978-2FB2-B39A-5D30-C1EA38F788DD}" = CCC Help Danish
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D8634D93-03DD-01F1-AC7D-EE468AA24F45}" = CCC Help Dutch
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E151E679-4EC8-36F9-A691-C7600688A1CA}" = CCC Help Chinese Standard
"{E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}" = Catalyst Control Center - Branding
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = Toshiba Quality Application
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EBC6193C-ED23-E332-9A9C-D5CB83CDDE2B}" = Catalyst Control Center Localization All
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F544CA20-6810-E275-D288-F0D92CFADE4A}" = CCC Help Greek
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FEED29DD-7BF3-582C-3353-1F2634C2323D}" = CCC Help Portuguese
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"DefaultTab Chrome" = DefaultTab Chrome
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Leapster2Plugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MP Navigator 2.0" = Canon MP Navigator 2.0
"N360" = Norton 360
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"TurboTax 2010" = TurboTax 2010
"UPCShell" = LeapFrog Connect
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.5.0.457
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/11/2012 12:48:47 PM | Computer Name = Shinji-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/11/2012 12:48:47 PM | Computer Name = Shinji-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5448912

Error - 8/11/2012 12:48:47 PM | Computer Name = Shinji-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5448912

Error - 8/13/2012 9:20:46 PM | Computer Name = Shinji-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\LeapFrog\leapfrog
connect\tagusbdrivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/15/2012 11:46:25 PM | Computer Name = Shinji-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/15/2012 11:46:25 PM | Computer Name = Shinji-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 18435699

Error - 8/15/2012 11:46:25 PM | Computer Name = Shinji-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 18435699

Error - 8/15/2012 11:46:35 PM | Computer Name = Shinji-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/15/2012 11:46:35 PM | Computer Name = Shinji-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 18446104

Error - 8/15/2012 11:46:35 PM | Computer Name = Shinji-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 18446104

[ OSession Events ]
Error - 11/20/2011 9:48:57 PM | Computer Name = Shinji-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 511
seconds with 120 seconds of active time. This session ended with a crash.

Error - 12/29/2011 11:34:52 PM | Computer Name = Shinji-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3089
seconds with 1380 seconds of active time. This session ended with a crash.

Error - 1/4/2012 12:17:54 AM | Computer Name = Shinji-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5640
seconds with 1860 seconds of active time. This session ended with a crash.

Error - 4/15/2012 9:18:04 AM | Computer Name = Shinji-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1902
seconds with 1020 seconds of active time. This session ended with a crash.

Error - 5/17/2012 10:39:24 PM | Computer Name = Shinji-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1965
seconds with 1260 seconds of active time. This session ended with a crash.

Error - 6/1/2012 3:07:48 PM | Computer Name = Shinji-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2278
seconds with 1860 seconds of active time. This session ended with a crash.

Error - 6/1/2012 3:21:56 PM | Computer Name = Shinji-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 829
seconds with 540 seconds of active time. This session ended with a crash.

Error - 7/4/2012 1:34:45 PM | Computer Name = Shinji-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6795
seconds with 5220 seconds of active time. This session ended with a crash.

Error - 7/24/2012 12:43:19 AM | Computer Name = Shinji-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3938
seconds with 60 seconds of active time. This session ended with a crash.

Error - 7/31/2012 1:08:25 AM | Computer Name = Shinji-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12190
seconds with 4080 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8/15/2012 6:19:26 PM | Computer Name = Shinji-PC | Source = DCOM | ID = 10000
Description =

Error - 8/15/2012 11:46:20 PM | Computer Name = Shinji-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 8/15/2012 11:47:20 PM | Computer Name = Shinji-PC | Source = DCOM | ID = 10010
Description =

Error - 8/16/2012 1:54:21 PM | Computer Name = Shinji-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 8/16/2012 1:54:21 PM | Computer Name = Shinji-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 8/16/2012 1:57:14 PM | Computer Name = Shinji-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 8/16/2012 1:58:10 PM | Computer Name = Shinji-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Peer
Networking Identity Manager service to connect.

Error - 8/16/2012 1:58:10 PM | Computer Name = Shinji-PC | Source = Service Control Manager | ID = 7000
Description = The Peer Networking Identity Manager service failed to start due to
the following error: %%1053

Error - 8/16/2012 1:58:10 PM | Computer Name = Shinji-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Networking Grouping service depends on the Peer Networking
Identity Manager service which failed to start because of the following error:
%%1053

Error - 8/16/2012 1:58:10 PM | Computer Name = Shinji-PC | Source = Service Control Manager | ID = 7001
Description = The Peer Name Resolution Protocol service depends on the Peer Networking
Identity Manager service which failed to start because of the following error:
%%1053


< End of report >

Attaching file as it's too large to copy/paste.

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2CB9F3EE-DF62-4FE5-8CAB-92C8985B96FC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CB9F3EE-DF62-4FE5-8CAB-92C8985B96FC}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Shinji
->Temp folder emptied: 12771048 bytes
->Temporary Internet Files folder emptied: 8981162 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 33869758 bytes
->Flash cache emptied: 506 bytes

%systemdrive% .tmp files removed: 14648 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1914 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 53.00 mb


OTL by OldTimer - Version 3.2.57.0 log created on 08182012_103802

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Web pages still take a while (1 min or so) to load but otherwise things appear to be fine. I have a couple of remaining questions:

- Do you think my computer is clean, based on the log files I've posted thus far?
- Which of the applications should I keep or delete (e.g., OTL, ComboFix)?
- Is Norton 360 sufficient protection or should I download/use additional programs?
- I have a flash drive that I've been using (not since we started our dialogue) but I'm concerned about potential infections there as well - how or with what program should I scan the flash drive?

Thank you so much for your time and consideration.

The file's too big so I've attached it here. Thanks.

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-21 07:18:21
-----------------------------
07:18:21.853 OS Version: Windows 6.1.7601 Service Pack 1
07:18:21.853 Number of processors: 1 586 0x301
07:18:22.070 ComputerName: SHINJI-PC UserName: Shinji
07:19:36.259 Initialize success
07:19:58.120 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
07:19:58.123 Disk 0 Vendor: Hitachi_HTS545025B9A300 PB2OC64G Size: 238475MB BusType: 11
07:19:58.150 Disk 0 MBR read successfully
07:19:58.154 Disk 0 MBR scan
07:19:58.157 Disk 0 Windows VISTA default MBR code
07:19:58.195 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
07:19:58.213 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 228693 MB offset 3074048
07:19:58.245 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 8281 MB offset 471437312
07:19:58.252 Disk 0 scanning sectors +488396800
07:19:58.318 Disk 0 scanning C:\windows\system32\drivers
07:20:06.603 Service scanning
07:20:41.305 Modules scanning
07:20:59.997 Disk 0 trace - called modules:
07:21:00.023 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
07:21:00.387 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86257ac8]
07:21:00.403 3 CLASSPNP.SYS[88e4c59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x8624b030]
07:21:00.416 Scan finished successfully
07:22:40.680 Disk 0 MBR has been saved successfully to "C:\Users\Shinji\Desktop\MBR.dat"
07:22:40.691 The log file has been saved successfully to "C:\Users\Shinji\Desktop\aswMBR.txt"

Thanks. I will take care of this when I get home. I have a Kindle that had been connected via USB prior to these issues coming up. Any chance that could be infected as well?

Tried to download Flash Disinfector but it won't run when I double-click the icon. Forum on bleepingcomputer states that it won't work with Windows 7 (which is what I have).