Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help ASAP, Compuer running slow, getting errors

Started by Coxor , Jul 07 2010 09:47 AM

  • Please log in to reply

#1
Coxor
Posted 07 July 2010 - 09:47 AM

Coxor

    Member

  • Member
  • PipPip
  • 39 posts
Hello i just have been noticing recently my computer has been running extra slow, have been getting random errors trying to run programs, and just have been overall a pain and casuing problems with my school effort.

If i can just get some help looking through some logs and help notifying and removing unwanted and dangerous files and programs, and just a good overall cleaning of my PC would be greately appreciated. I have alot of school work to catch up on so would love to get this resolved here soon thank you.

I am running Windows Vista on an HP computer with 4 gigs of ram which you think my PC should be running alot quicker and less problems with the hardware i have put into it. Please just help me with some step by step instructions you have always been a help before and i just need these problems resolves thank you very much.

Edited by Coxor, 07 July 2010 - 09:57 AM.

  • 0

Advertisements

#2
RKinner
Posted 07 July 2010 - 11:02 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Do as much of

http://www.geekstogo...uide-t2852.html

as you can. If a step won't work, skip to the next one. Copy and paste your gmer, mbam, otl, & extras logs into a reply. Do not attach them.

If you lose internet access after running MBAM or if you are not able to get to the downloads:

In IE, Tools, Internet Options, Connections, LAN Settings, then uncheck all boxes and OK. Close IE and restart IE.

In FireFox, Tools, Options, Advanced, Settings, check No Proxy then OK. Close Firefox and restart Firefox.

In Chrome, Wrench, Options, Under the Hood, Change Proxy Settings, uncheck all boxes, OK.

Ron
  • 0

#3
Coxor
Posted 07 July 2010 - 12:25 PM

Coxor

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Ok my malwarebytes log is here and i did remove the infected files...

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

7/7/2010 11:33:49 AM
mbam-log-2010-07-07 (11-33-49).txt

Scan type: Quick scan
Objects scanned: 149369
Time elapsed: 9 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 88
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 6
Files Infected: 16

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{beac7dc8-e106-4c6a-931e-5a42e7362883} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{beac7dc8-e106-4c6a-931e-5a42e7362883} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{beac7dc8-e106-4c6a-931e-5a42e7362883} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{beac7dc8-e106-4c6a-931e-5a42e7362883} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\IEBarProperties (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebSearchService (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.multiplebutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.multiplebutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.urlalertbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.urlalertbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sfkg6wipusp (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files (x86)\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files (x86)\Gamevance\ars.cfg (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Gamevance\gvtl.dll (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Gamevance\icon.ico (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\CHROME.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.lnk (Adware.PLayMP3z) -> Quarantined and deleted successfully.
C:\Users\Public\Desktop\Streaming Music - MediaPass.lnk (Adware.Trace) -> Quarantined and deleted successfully.
C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.




Now the GMER scanned but did not leave me with anything in a log it was all blank so i do not kno where to go from there....


Here is the OTL LOG



OTL logfile created on: 7/7/2010 1:08:57 PM - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\Cody Thorn\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 219.95 Gb Total Space | 141.79 Gb Free Space | 64.47% Space Free | Partition Type: NTFS
Drive D: | 12.93 Gb Total Space | 1.77 Gb Free Space | 13.66% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3.72 Gb Total Space | 1.24 Gb Free Space | 33.38% Space Free | Partition Type: FAT32

Computer Name: CODYTHORN-PC
Current User Name: Cody Thorn
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/07 12:07:33 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Cody Thorn\Desktop\OTL.exe
PRC - [2010/06/22 09:44:30 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2010/06/22 09:44:23 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2010/06/22 09:44:19 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/06/22 09:44:19 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/06/22 09:44:17 | 002,331,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe
PRC - [2010/06/22 09:44:13 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgam.exe
PRC - [2010/06/17 10:02:34 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/06/17 01:24:52 | 000,040,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/04/14 11:59:20 | 000,335,872 | ---- | M] () -- C:\Windows\SysWOW64\VService.exe
PRC - [2010/04/08 10:43:22 | 000,049,152 | ---- | M] () -- C:\Windows\SysWOW64\XYNTService.exe
PRC - [2009/02/26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/02/09 05:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) -- c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/09/05 11:25:56 | 000,455,968 | ---- | M] () -- C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
PRC - [2007/06/29 18:54:16 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2007/04/18 10:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (SafeList) ==========

MOD - [2010/07/07 12:07:33 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Cody Thorn\Desktop\OTL.exe
MOD - [2008/01/20 21:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\XYNTService.exe -- (VAgnt Helper Service)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/18 10:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2010/06/22 09:44:23 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/06/22 09:44:19 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/06/22 09:44:17 | 002,331,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/04/08 10:43:22 | 000,049,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XYNTService.exe -- (VAgnt Helper Service)
SRV - [2010/03/18 14:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008/11/24 00:02:23 | 001,838,592 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager)
SRV - [2008/10/25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/09/05 12:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/02/09 05:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/09/05 11:25:56 | 000,455,968 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe -- (psqlWGE)
SRV - [2007/06/29 18:54:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2007/05/31 11:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 11:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010/06/22 09:44:29 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2010/06/22 09:44:20 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\AVGIDSva.sys -- (AVGIDSErHrvta)
DRV:64bit: - [2010/06/22 09:44:17 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2010/06/01 08:04:39 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2010/03/05 09:54:41 | 000,056,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (AvgRkx64)
DRV:64bit: - [2010/02/20 16:27:17 | 000,029,976 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/28 02:07:04 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/08/06 00:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/04/11 00:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/04/11 00:42:21 | 000,140,288 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\RMCAST.sys -- (RMCAST) RMCAST (Pgm)
DRV:64bit: - [2008/02/12 10:50:14 | 000,286,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWBS3.sys -- (CAXHWBS3)
DRV:64bit: - [2008/02/12 10:48:10 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/02/12 10:47:08 | 001,481,216 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DP.sys -- (HSF_DP)
DRV:64bit: - [2007/10/18 10:37:10 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2006/11/16 18:26:44 | 000,019,248 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\PdiPorts.sys -- (PdiPorts)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006/06/19 09:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2010/06/22 09:44:20 | 000,132,688 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista64\AVGIDSDriver.sys -- (AVGIDSDrivervta)
DRV - [2010/06/22 09:44:20 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista64\AVGIDSFilter.sys -- (AVGIDSFiltervta)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...ion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...ion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files (x86)\4shared.com\tb4sha.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 BF 5E 53 E7 0A CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MyWebSearch\bar\1.bin File not found
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/05/26 12:58:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}: C:\Users\Cody Thorn\AppData\Roaming\Mozilla\FireFox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}

[2010/07/05 20:28:14 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\Mozilla\Extensions
[2009/03/29 09:49:30 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\Mozilla\Extensions\[email protected]

O1 HOSTS File: ([2010/04/28 03:14:05 | 000,002,057 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.complaintsboard.com
O1 - Hosts: 127.0.0.1 complaintsboard.com
O1 - Hosts: 127.0.0.1 www.bobbear.co.uk
O1 - Hosts: 127.0.0.1 bobbear.co.uk
O1 - Hosts: 127.0.0.1 www.bobbear.com
O1 - Hosts: 127.0.0.1 bobbear.com
O1 - Hosts: 127.0.0.1 www.419legal.org
O1 - Hosts: 127.0.0.1 419legal.org
O1 - Hosts: 127.0.0.1 www.scam.com
O1 - Hosts: 127.0.0.1 scam.com
O1 - Hosts: 127.0.0.1 www.anti-scam.org
O1 - Hosts: 127.0.0.1 anti-scam.org
O1 - Hosts: 127.0.0.1 www.consumerfraudreporting.org
O1 - Hosts: 127.0.0.1 consumerfraudreporting.org
O1 - Hosts: 127.0.0.1 www.ripoffreport.com
O1 - Hosts: 127.0.0.1 ripoffreport.com
O1 - Hosts: 127.0.0.1 www.tjshome.com
O1 - Hosts: 127.0.0.1 tjshome.com
O1 - Hosts: 127.0.0.1 www.scamfraudalert.wordpress.com
O1 - Hosts: 127.0.0.1 scamfraudalert.wordpress.com
O1 - Hosts: 127.0.0.1 www.fraudwatchers.org
O1 - Hosts: 127.0.0.1 fraudwatchers.org
O1 - Hosts: 127.0.0.1 www.scamfraudalert.com
O1 - Hosts: 22 more lines...
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files (x86)\4shared.com\tb4sha.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN\Toolbar\3.0.0983.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files (x86)\MSN\Toolbar\3.0.0983.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (4shared.com Toolbar) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - C:\Program Files (x86)\4shared.com\tb4sha.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Tango) - {8FC1F936-45AD-441A-A8AC-D73C3C2744ED} - C:\Windows\SysWow64\5478.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [WPCUMI] C:\Windows\SysNative\WpcUmi.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [PeachtreePrefetcher.exe] C:\Program Files (x86)\Sage Software\Peachtree\PeachtreePrefetcher.exe (Sage Software, Inc.)
O4 - HKCU..\Run: [DW6] File not found
O4 - HKCU..\Run: [GabPath] C:\Users\Cody Thorn\AppData\Roaming\GabPath\gabpath.exe File not found
O4 - HKLM..\RunOnce: [NSSInstallation] C:\Windows\SysWOW64\Adobe\Shockwave 11\nssstub.exe (Symantec Corporation)
O4 - Startup: C:\Users\Cody Thorn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...ctDetection.cab (GMNRev Class)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo2.walgre...eensActivia.cab (Snapfish Activia)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.s...abs/tgctlsr.cab (Symantec Script Runner Class)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} http://h20264.www2.h...osticsVista.cab (HPDDClientExec Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.micro...gWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CB97291A-6603-466A-AA11-80C2EB74CB10} https://install.cox....InstallAx10.ocx (CoxSelfInstallAx10 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\clouds.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\clouds.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{39c6c45d-b9d9-11dd-8437-00226805fd45}\Shell\AutoRun\command - "" = wdsync.exe
O33 - MountPoints2\{5e4a0a3f-0e8d-11df-8331-00226805fd45}\Shell - "" = AutoRun
O33 - MountPoints2\{5e4a0a3f-0e8d-11df-8331-00226805fd45}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: aux - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.uyvy - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvyu - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.at3 - C:\Windows\SysWow64\atrac3.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.divx - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.hfyu - C:\Windows\SysWow64\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.vp60 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.vp62 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.wmv3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.xvid - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/07/07 12:29:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/07/07 12:29:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/07/07 12:07:31 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Cody Thorn\Desktop\OTL.exe
[2010/07/07 11:31:02 | 009,070,816 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Cody Thorn\Desktop\SUPERAntiSpyware.exe
[2010/07/05 19:39:11 | 000,000,000 | ---D | C] -- C:\crystalreportviewers12(1)
[2010/07/05 19:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business Objects(846)
[2010/07/05 19:35:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pervasive Software(891)
[2010/07/05 19:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sage Software(892)
[2010/07/05 15:38:05 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Documents\My muvees
[2010/07/05 15:38:03 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\muvee Technologies
[2010/07/05 15:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/07/05 15:17:16 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Local\Microsoft Corporation
[2010/07/05 14:24:21 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Documents\My Scans
[2010/06/24 04:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Morphyre
[2010/06/23 02:11:24 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\GabPath
[2010/06/22 09:44:28 | 000,013,048 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/06/17 11:32:18 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Local\TVU Networks
[2010/06/17 11:32:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2010/06/17 10:52:20 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\Speak-A-Message
[2010/06/17 10:51:02 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\Inventivio
[2010/06/17 08:51:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
[2010/06/15 08:40:24 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Desktop\VA FORMS
[2010/06/13 19:36:45 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Desktop\COBRA HEALTH INSURANCE
[2010/06/12 22:15:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyAshampoo
[2010/06/12 20:53:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Weather Channel FW
[2010/06/12 20:53:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2010/06/12 20:53:15 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Local\The Weather Channel
[2010/06/12 20:41:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4shared.com
[2010/06/12 01:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Motive
[2010/06/12 01:31:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATT-SST
[2010/05/28 05:23:24 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Documents\Sydney
[2010/05/28 05:22:46 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Desktop\IWCC
[2010/05/28 05:15:36 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Documents\My Print Creations
[2010/05/28 05:06:21 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Documents\TAX RETURNS
[2010/05/28 05:05:48 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Documents\Credit
[2010/05/28 05:02:30 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Desktop\Unemployment-Benefits
[2010/05/28 05:00:55 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Desktop\2010 Budgets
[2010/05/28 05:00:03 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Desktop\2010 RESUME
[2010/05/28 04:46:20 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\W Photo Studio
[2010/05/28 04:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Walgreens
[2010/05/28 04:42:43 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\Walgreens
[2010/05/28 04:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Walgreens
[2010/05/28 04:40:55 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\W Photo Studio Viewer
[2010/05/27 08:59:24 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Local\ArcSoft
[2010/05/27 08:59:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\ArcSoft
[2010/05/27 08:58:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2010/05/27 08:58:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2010/05/27 08:58:02 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\ArcSoft
[2010/05/27 07:37:47 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Local\EssentialFax
[2010/05/27 07:15:19 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\Vbuzzer Messenger
[2010/05/27 07:15:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vbuzzer
[2010/05/26 02:07:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bar_Notebooks
[2010/05/26 01:10:38 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\HTML Executable
[2010/05/26 01:08:37 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Local\Conduit
[2010/05/26 01:08:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010/05/26 00:28:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USA
[2010/05/25 23:53:04 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\skypePM
[2010/05/25 23:45:25 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\Skype
[2010/05/25 23:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/05/25 23:22:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KTS InfoTech
[2010/05/25 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\fmdata
[2010/05/25 22:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iFreeBudget
[2010/05/25 22:36:52 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\SmartDraw
[2010/05/25 22:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartDraw 2009
[2010/05/25 22:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Legal_Forms
[2010/05/23 07:13:27 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\Documents\ResumeMaker
[2010/05/23 07:13:27 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\Individual Software
[2010/05/23 07:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ResumeMaker
[2010/05/23 07:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Individual Software
[2010/05/23 06:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2010/05/23 06:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2010/05/23 06:55:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations
[2010/05/22 22:38:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010/05/22 22:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010/05/15 02:53:18 | 000,557,568 | ---- | C] (Ikysasoft s.r.l. uninominale) -- C:\Windows\SysWow64\B4FM.dll
[2010/05/15 02:53:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Burn4Free
[2010/05/15 02:44:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD43 Plug-in
[2010/05/15 02:33:23 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\AVS4YOU
[2010/05/15 02:31:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2010/05/15 02:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010/05/15 02:31:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2010/05/15 02:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/05/14 22:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/05/13 18:46:44 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\Peachtree
[2010/05/13 18:44:53 | 000,066,560 | ---- | C] (Smithware, Inc.) -- C:\Windows\SysWow64\s2dtconv.dll
[2010/05/13 18:44:53 | 000,024,576 | ---- | C] (Smithware, Inc.) -- C:\Windows\SysWow64\Sbtrvd32.dll
[2010/05/13 18:44:43 | 002,134,016 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\Windows\SysWow64\cdintf251.dll
[2010/05/13 18:43:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Peach
[2010/05/13 18:41:34 | 000,000,000 | ---D | C] -- C:\crystalreportviewers12
[2010/05/13 18:41:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business Objects
[2010/05/13 18:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Pervasive Software
[2010/05/13 18:39:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pervasive Software
[2010/05/13 18:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sage Software
[2010/05/13 18:28:37 | 000,000,000 | ---D | C] -- C:\Windows\PeachInst
[2010/05/12 03:04:39 | 000,000,000 | ---D | C] -- C:\1d6e790cd1b1fe0407b3b38e2224
[2010/05/02 11:31:14 | 000,000,000 | ---D | C] -- C:\Users\Cody Thorn\AppData\Roaming\Uniblue
[2010/05/02 11:31:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2010/04/28 07:00:45 | 000,000,000 | ---D | C] -- C:\New Folder
[2010/04/28 04:11:34 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/04/28 03:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/04/22 22:21:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/04/22 22:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/04/22 22:18:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple

========== Files - Modified Within 90 Days ==========

[2010/07/07 13:15:19 | 005,767,168 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat
[2010/07/07 13:12:49 | 000,705,130 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/07/07 13:12:49 | 000,605,200 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/07/07 13:12:49 | 000,104,498 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/07/07 13:11:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{06B2388F-7AB4-4DB7-8BE8-54226B4F519A}.job
[2010/07/07 13:09:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Install.job
[2010/07/07 13:05:48 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/07 13:05:48 | 000,000,439 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2010/07/07 13:05:35 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2010/07/07 13:05:22 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/07 13:05:22 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/07 13:05:17 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/07 13:05:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/07 13:05:04 | 4157,792,256 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/07 13:04:12 | 000,524,288 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{e04e21c3-8885-11df-bdbf-00226805fd45}.TMContainer00000000000000000001.regtrans-ms
[2010/07/07 13:04:12 | 000,065,536 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{e04e21c3-8885-11df-bdbf-00226805fd45}.TM.blf
[2010/07/07 13:03:51 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/07/07 13:03:47 | 002,208,422 | -H-- | M] () -- C:\Users\Cody Thorn\AppData\Local\IconCache.db
[2010/07/07 12:59:16 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/07 12:07:33 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Cody Thorn\Desktop\OTL.exe
[2010/07/07 11:31:36 | 009,070,816 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Cody Thorn\Desktop\SUPERAntiSpyware.exe
[2010/07/07 10:29:57 | 000,000,805 | ---- | M] () -- C:\Users\Cody Thorn\Desktop\PEPMessages.XML
[2010/07/07 10:07:11 | 000,000,444 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6B40CCD4-DF9D-496B-8244-2705CB151111}.job
[2010/07/07 05:39:22 | 061,711,836 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/07/06 02:04:30 | 000,524,288 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{e04e21c3-8885-11df-bdbf-00226805fd45}.TMContainer00000000000000000002.regtrans-ms
[2010/07/06 02:02:42 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/07/05 20:42:05 | 000,122,304 | ---- | M] () -- C:\Users\Cody Thorn\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/05 20:30:56 | 005,767,168 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat_previous
[2010/07/05 20:30:56 | 000,524,288 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{b2a5c0e9-887e-11df-a2ef-00226805fd45}.TMContainer00000000000000000002.regtrans-ms
[2010/07/05 20:30:56 | 000,524,288 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{b2a5c0e9-887e-11df-a2ef-00226805fd45}.TMContainer00000000000000000001.regtrans-ms
[2010/07/05 20:30:56 | 000,065,536 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{b2a5c0e9-887e-11df-a2ef-00226805fd45}.TM.blf
[2010/07/05 17:36:41 | 000,524,288 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{a7f524c8-68eb-11df-99dc-00226805fd45}.TMContainer00000000000000000001.regtrans-ms
[2010/07/05 17:36:41 | 000,065,536 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{a7f524c8-68eb-11df-99dc-00226805fd45}.TM.blf
[2010/07/04 20:30:11 | 000,009,280 | ---- | M] () -- C:\Users\Cody Thorn\AppData\Roaming\wklnhst.dat
[2010/07/04 09:59:24 | 000,016,896 | ---- | M] () -- C:\Users\Cody Thorn\Desktop\Standard Letter.wps
[2010/06/25 17:38:51 | 000,599,358 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavifw.avm
[2010/06/23 06:28:00 | 000,000,975 | ---- | M] () -- C:\Users\Cody Thorn\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/22 09:44:29 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010/06/22 09:44:28 | 000,013,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/06/22 09:44:20 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSva.sys
[2010/06/22 09:44:17 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010/06/19 07:02:27 | 000,001,143 | ---- | M] () -- C:\Users\Cody Thorn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/06/17 09:28:55 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
[2010/06/12 20:54:00 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\The Weather Channel Desktop .lnk
[2010/06/10 03:31:28 | 000,441,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/06/01 08:04:39 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010/05/28 04:42:50 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\Walgreens W Photo Studio.lnk
[2010/05/27 07:32:17 | 000,524,288 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{a7f524c8-68eb-11df-99dc-00226805fd45}.TMContainer00000000000000000002.regtrans-ms
[2010/05/26 13:00:21 | 000,524,288 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{45e9a584-684b-11df-8a1e-00226805fd45}.TMContainer00000000000000000001.regtrans-ms
[2010/05/26 13:00:21 | 000,065,536 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{45e9a584-684b-11df-8a1e-00226805fd45}.TM.blf
[2010/05/26 02:26:39 | 000,524,288 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{45e9a584-684b-11df-8a1e-00226805fd45}.TMContainer00000000000000000002.regtrans-ms
[2010/05/25 23:53:05 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/05/25 20:34:02 | 000,002,559 | ---- | M] () -- C:\Users\Cody Thorn\Desktop\Calender.ics
[2010/05/25 18:17:26 | 000,524,288 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{ab53107c-de7c-11de-a92b-00226805fd45}.TMContainer00000000000000000001.regtrans-ms
[2010/05/25 18:17:26 | 000,065,536 | -HS- | M] () -- C:\Users\Cody Thorn\ntuser.dat{ab53107c-de7c-11de-a92b-00226805fd45}.TM.blf
[2010/05/23 19:02:39 | 000,022,689 | ---- | M] () -- C:\Users\Cody Thorn\Desktop\mint_com.htm
[2010/05/23 18:22:49 | 000,001,393 | ---- | M] () -- C:\Users\Cody Thorn\Desktop\intuit - Shortcut.lnk
[2010/05/23 07:10:11 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\ResumeMaker Professional.lnk
[2010/05/22 22:54:19 | 000,201,623 | ---- | M] () -- C:\Windows\hpoins40.dat
[2010/05/22 22:46:54 | 000,157,038 | ---- | M] () -- C:\Windows\hphins26.dat
[2010/05/22 22:46:49 | 000,000,275 | ---- | M] () -- C:\Windows\win.ini
[2010/05/22 22:40:12 | 000,002,004 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/05/22 22:39:49 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Windows Live Photo Gallery.lnk
[2010/05/20 07:01:20 | 000,000,632 | RHS- | M] () -- C:\Users\Cody Thorn\ntuser.pol
[2010/05/13 18:46:55 | 000,708,868 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/05/13 18:46:41 | 000,032,754 | ---- | M] () -- C:\Windows\PeachWLog.XML
[2010/05/13 18:45:46 | 000,001,791 | ---- | M] () -- C:\Windows\PCW160.ini
[2010/05/13 18:45:19 | 000,002,001 | ---- | M] () -- C:\Users\Public\Desktop\Peachtree Knowledge Center.lnk
[2010/05/13 18:45:19 | 000,002,001 | ---- | M] () -- C:\Users\Public\Desktop\Peachtree Business Checks and Forms.lnk
[2010/05/13 18:45:19 | 000,001,805 | ---- | M] () -- C:\Users\Cody Thorn\Application Data\Microsoft\Internet Explorer\Quick Launch\Peachtree Complete Accounting 2009.lnk
[2010/05/13 18:45:18 | 000,001,781 | ---- | M] () -- C:\Users\Public\Desktop\Peachtree Complete Accounting 2009.lnk
[2010/05/13 18:39:17 | 000,000,519 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2010/05/13 18:29:33 | 000,066,560 | ---- | M] (Smithware, Inc.) -- C:\Windows\SysWow64\s2dtconv.dll
[2010/05/13 18:29:33 | 000,024,576 | ---- | M] (Smithware, Inc.) -- C:\Windows\SysWow64\Sbtrvd32.dll
[2010/05/13 18:29:33 | 000,007,358 | ---- | M] () -- C:\Windows\support.ICO
[2010/05/13 18:29:33 | 000,007,358 | ---- | M] () -- C:\Windows\forms.ICO
[2010/05/13 18:29:33 | 000,005,222 | ---- | M] () -- C:\Windows\ADOBE.ICO
[2010/05/13 18:29:33 | 000,000,766 | ---- | M] () -- C:\Windows\ACTGPR2.ICO
[2010/05/08 17:59:01 | 000,001,848 | ---- | M] () -- C:\Users\Cody Thorn\Desktop\Install.lnk
[2010/05/07 23:30:00 | 000,034,816 | ---- | M] () -- C:\Users\Cody Thorn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/02 11:34:52 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/28 03:14:05 | 000,002,057 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/04/14 11:59:20 | 000,335,872 | ---- | M] () -- C:\Windows\SysWow64\VService.exe
[2010/04/08 19:17:44 | 000,004,096 | -H-- | M] () -- C:\Users\Cody Thorn\AppData\Local\keyfile3.drm

========== Files Created - No Company Name ==========

[2010/07/07 12:27:11 | 000,293,376 | ---- | C] () -- C:\Users\Cody Thorn\Desktop\gmer.exe
[2010/07/05 20:41:18 | 000,524,288 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{e04e21c3-8885-11df-bdbf-00226805fd45}.TMContainer00000000000000000002.regtrans-ms
[2010/07/05 20:41:18 | 000,524,288 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{e04e21c3-8885-11df-bdbf-00226805fd45}.TMContainer00000000000000000001.regtrans-ms
[2010/07/05 20:41:18 | 000,065,536 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{e04e21c3-8885-11df-bdbf-00226805fd45}.TM.blf
[2010/07/05 17:50:15 | 000,000,805 | ---- | C] () -- C:\Users\Cody Thorn\Desktop\PEPMessages.XML
[2010/07/05 17:38:34 | 000,524,288 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{b2a5c0e9-887e-11df-a2ef-00226805fd45}.TMContainer00000000000000000002.regtrans-ms
[2010/07/05 17:38:34 | 000,524,288 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{b2a5c0e9-887e-11df-a2ef-00226805fd45}.TMContainer00000000000000000001.regtrans-ms
[2010/07/05 17:38:34 | 000,065,536 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{b2a5c0e9-887e-11df-a2ef-00226805fd45}.TM.blf
[2010/06/23 06:38:39 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2010/06/23 06:38:39 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2010/06/23 06:38:39 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2010/06/23 06:38:39 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2010/06/23 06:38:39 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2010/06/23 06:38:39 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2010/06/19 07:02:27 | 000,001,143 | ---- | C] () -- C:\Users\Cody Thorn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/06/17 08:51:22 | 000,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
[2010/06/12 22:22:59 | 000,153,088 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE
[2010/06/12 20:54:00 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\The Weather Channel Desktop .lnk
[2010/05/28 04:42:50 | 000,002,102 | ---- | C] () -- C:\Users\Public\Desktop\Walgreens W Photo Studio.lnk
[2010/05/26 13:01:55 | 000,524,288 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{a7f524c8-68eb-11df-99dc-00226805fd45}.TMContainer00000000000000000002.regtrans-ms
[2010/05/26 13:01:55 | 000,524,288 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{a7f524c8-68eb-11df-99dc-00226805fd45}.TMContainer00000000000000000001.regtrans-ms
[2010/05/26 13:01:55 | 000,065,536 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{a7f524c8-68eb-11df-99dc-00226805fd45}.TM.blf
[2010/05/25 23:53:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/05/25 18:45:50 | 000,002,559 | ---- | C] () -- C:\Users\Cody Thorn\Desktop\Calender.ics
[2010/05/25 18:19:23 | 000,524,288 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{45e9a584-684b-11df-8a1e-00226805fd45}.TMContainer00000000000000000002.regtrans-ms
[2010/05/25 18:19:23 | 000,524,288 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{45e9a584-684b-11df-8a1e-00226805fd45}.TMContainer00000000000000000001.regtrans-ms
[2010/05/25 18:19:23 | 000,065,536 | -HS- | C] () -- C:\Users\Cody Thorn\ntuser.dat{45e9a584-684b-11df-8a1e-00226805fd45}.TM.blf
[2010/05/23 19:02:38 | 000,022,689 | ---- | C] () -- C:\Users\Cody Thorn\Desktop\mint_com.htm
[2010/05/23 18:22:36 | 000,001,393 | ---- | C] () -- C:\Users\Cody Thorn\Desktop\intuit - Shortcut.lnk
[2010/05/23 07:10:11 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\ResumeMaker Professional.lnk
[2010/05/22 22:40:12 | 000,002,004 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/05/22 22:39:49 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\Windows Live Photo Gallery.lnk
[2010/05/22 22:00:09 | 000,201,623 | ---- | C] () -- C:\Windows\hpoins40.dat
[2010/05/20 09:01:21 | 000,000,418 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{06B2388F-7AB4-4DB7-8BE8-54226B4F519A}.job
[2010/05/15 02:44:32 | 000,611,328 | ---- | C] () -- C:\Windows\SysWow64\DVD43.dll
[2010/05/14 22:53:15 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/05/13 18:46:55 | 000,708,868 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/05/13 18:45:19 | 000,002,001 | ---- | C] () -- C:\Users\Public\Desktop\Peachtree Knowledge Center.lnk
[2010/05/13 18:45:19 | 000,002,001 | ---- | C] () -- C:\Users\Public\Desktop\Peachtree Business Checks and Forms.lnk
[2010/05/13 18:45:19 | 000,001,805 | ---- | C] () -- C:\Users\Cody Thorn\Application Data\Microsoft\Internet Explorer\Quick Launch\Peachtree Complete Accounting 2009.lnk
[2010/05/13 18:45:18 | 000,007,358 | ---- | C] () -- C:\Windows\support.ICO
[2010/05/13 18:45:18 | 000,007,358 | ---- | C] () -- C:\Windows\forms.ICO
[2010/05/13 18:45:18 | 000,005,222 | ---- | C] () -- C:\Windows\ADOBE.ICO
[2010/05/13 18:45:18 | 000,001,781 | ---- | C] () -- C:\Users\Public\Desktop\Peachtree Complete Accounting 2009.lnk
[2010/05/13 18:45:18 | 000,000,766 | ---- | C] () -- C:\Windows\ACTGPR2.ICO
[2010/05/13 18:30:31 | 000,032,754 | ---- | C] () -- C:\Windows\PeachWLog.XML
[2010/05/08 17:59:01 | 000,001,848 | ---- | C] () -- C:\Users\Cody Thorn\Desktop\Install.lnk
[2010/05/02 11:34:52 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010/05/02 11:15:50 | 000,157,272 | ---- | C] () -- C:\Windows\hphins26.dat.temp
[2010/05/02 11:15:50 | 000,000,787 | ---- | C] () -- C:\Windows\hphmdl26.dat.temp
[2010/04/28 06:30:05 | 000,018,224 | ---- | C] () -- C:\Windows\SysNative\hpceac06.hpi
[2010/04/14 11:59:20 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\VService.exe
[2010/04/08 19:17:44 | 000,004,096 | -H-- | C] () -- C:\Users\Cody Thorn\AppData\Local\keyfile3.drm
[2010/04/07 10:59:24 | 000,000,402 | ---- | C] () -- C:\Windows\SysWow64\XYNTService.ini
[2009/10/20 14:07:56 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/10/20 14:07:00 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/12/28 11:59:44 | 004,377,500 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2008/12/28 10:51:00 | 000,239,247 | ---- | C] () -- C:\Windows\SysWow64\ff_theora.dll
[2008/12/28 10:50:50 | 000,145,609 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2008/12/28 10:49:08 | 000,560,802 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2008/12/12 11:57:38 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2008/12/09 13:57:26 | 000,183,296 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2008/12/09 13:57:18 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2008/12/09 13:57:02 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2008/12/09 13:56:42 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll
[2008/12/09 13:56:34 | 000,257,024 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2008/12/09 13:56:22 | 000,485,888 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2008/12/08 08:37:04 | 000,884,237 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll
[2008/12/08 08:34:42 | 000,791,742 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008/12/08 07:53:40 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2008/12/08 07:53:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2008/12/04 16:46:08 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008/11/27 11:28:42 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/11/26 14:55:22 | 000,683,520 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll
[2008/11/26 13:49:10 | 000,238,080 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2008/11/23 23:55:53 | 000,000,091 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2008/09/18 12:31:16 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/09/18 12:31:16 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/08/05 17:02:12 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/08/05 16:59:04 | 000,000,416 | ---- | C] () -- C:\Windows\SysWow64\dtu100.dll.manifest
[2008/08/05 16:59:04 | 000,000,416 | ---- | C] () -- C:\Windows\SysWow64\dpl100.dll.manifest
[2008/05/03 15:36:40 | 000,001,791 | ---- | C] () -- C:\Windows\PCW160.ini
[2008/03/29 10:42:22 | 000,245,248 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2008/03/29 10:42:20 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\mmfinfo.dll
[2008/03/29 10:42:14 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2008/03/29 10:42:08 | 000,148,992 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2008/03/29 10:42:04 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2008/03/29 10:42:04 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2008/03/29 10:42:02 | 000,120,832 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2008/03/29 10:42:00 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2008/03/29 10:41:54 | 000,097,280 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2008/03/29 10:41:52 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2008/03/29 10:41:52 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/10/13 04:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini
[2007/07/10 12:10:12 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest

========== LOP Check ==========

[2009/03/16 16:16:48 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\aAvgApi
[2008/11/23 21:47:50 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\DisplayTune
[2010/07/05 20:29:28 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\GabPath
[2010/05/26 01:10:38 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\HTML Executable
[2010/05/27 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\Individual Software
[2010/06/17 10:51:02 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\Inventivio
[2010/07/05 20:29:28 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\LimeWire
[2009/01/28 14:35:38 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\MSNInstaller
[2010/07/05 15:39:18 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\muvee Technologies
[2010/05/13 18:46:44 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\Peachtree
[2010/05/25 22:41:34 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\SmartDraw
[2010/06/17 10:59:52 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\Speak-A-Message
[2008/11/24 02:04:21 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\Template
[2010/05/02 11:31:14 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\Uniblue
[2010/05/27 08:12:20 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\Vbuzzer Messenger
[2010/05/28 04:46:20 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\W Photo Studio
[2010/07/05 20:29:29 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\W Photo Studio Viewer
[2010/05/28 04:42:43 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\Walgreens
[2008/11/23 23:26:43 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\WildTangent
[2008/11/24 22:19:36 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\WinBatch
[2010/02/28 19:50:36 | 000,000,000 | ---D | M] -- C:\Users\Cody Thorn\AppData\Roaming\Windows Live Writer
[2010/07/07 13:09:00 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\Install.job
[2010/07/07 13:03:52 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/07/07 13:16:00 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{06B2388F-7AB4-4DB7-8BE8-54226B4F519A}.job
[2010/07/07 10:07:11 | 000,000,444 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6B40CCD4-DF9D-496B-8244-2705CB151111}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/01/29 21:36:26 | 000,000,078 | ---- | M] () -- C:\AEIusb.log
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/09/18 13:05:30 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2009/10/30 08:30:39 | 000,000,125 | ---- | M] () -- C:\FINIS_IT.TXT
[2010/07/07 13:05:04 | 4157,792,256 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/07 11:22:21 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2002/01/05 04:48:16 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\mfc70.dll
[2002/01/05 04:36:38 | 000,964,608 | ---- | M] (Microsoft Corporation) -- C:\mfc70u.dll
[2010/07/07 13:05:03 | 176,435,199 | -HS- | M] () -- C:\pagefile.sys
[2006/10/06 16:42:22 | 000,002,853 | ---- | M] () -- C:\pdiports64.inf
[2008/11/23 21:45:29 | 000,000,173 | ---- | M] () -- C:\pdisdk.log
[2010/07/05 19:35:46 | 002,350,642 | ---- | M] () -- C:\PSQL_v10_Install.log

< %systemroot%\system32\*.wt >

< %systemroot%\system32\*.ruy >

< %systemroot%\Fonts\*.com >
[2006/11/02 10:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 10:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 10:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/12/04 19:22:29 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 06:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009/03/08 06:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\user32.dll /md5 >
[2009/04/11 01:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/20 21:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2006/11/02 04:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\SysWOW64\ws2help.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >





AND HERE IS THE EXTRAS LOG




OTL Extras logfile created on: 7/7/2010 1:08:57 PM - Run 1
OTL by OldTimer - Version 3.2.7.1 Folder = C:\Users\Cody Thorn\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 219.95 Gb Total Space | 141.79 Gb Free Space | 64.47% Space Free | Partition Type: NTFS
Drive D: | 12.93 Gb Total Space | 1.77 Gb Free Space | 13.66% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3.72 Gb Total Space | 1.24 Gb Free Space | 33.38% Space Free | Partition Type: FAT32

Computer Name: CODYTHORN-PC
Current User Name: Cody Thorn
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 62 DA 0F 7B 8D 75 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{035C5C5B-50B3-4F6F-A671-32AF1881DA94}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{134928CB-82FE-420C-B472-F5314F24A4E2}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{15FA0E84-34AD-46A4-A556-8D4445957612}" = rport=2869 | protocol=6 | dir=out | app=system |
"{1BFD9F32-A2F3-4A5C-930E-23966CEB55FC}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{223D0814-3393-4E3D-BAAF-052E881420A1}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2274BBE6-8659-434F-8085-5D120C317A9C}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{233AAA14-B862-402B-8B1E-28AA7B065CA0}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{286034AA-3895-47C4-A1C7-E697F35BA775}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{28E2CC57-0099-450B-BEA4-B6C3BCF3788F}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{2A868257-FAA0-48B8-8338-ECD7B3D48ACE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2EF537E6-91D8-4ABB-8C0B-F7859E77195D}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4047CF5D-B71B-4FFD-917E-391B64EE3D8B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{88375319-D8CC-4194-9F7E-6AA2503A8BF8}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8FC74211-FAB3-4EB2-BD9F-3E5B9974C136}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B2AF45F4-5883-41B8-9758-41213BC8A4C8}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{BEA67CED-0D95-4F17-B4F4-02CAEBB75A2A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C93745BE-6F01-4EA9-B3CB-9625AE8FFC52}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CBCFD818-8B19-4492-BFAB-DF97AF27F4FB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D7D12904-CC40-4F0F-84B4-80C3D4AC05F5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D004A62-B971-48FE-B2BE-C7AAE32AFB6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1784E08C-596B-4EE7-A3EE-0DD2C302E2D4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1D732CAA-D03B-4CD3-B198-1C8C1A18CEC1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{229077C2-B541-4CEB-9D5B-BBC4C7A0C967}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{23A5C4E4-DA26-4950-9D4C-B19D0E6A4E37}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{291F6B68-7D8B-4322-BE99-25C2B7C0F769}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{30136027-C503-4339-AE5B-28B320F95F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{332B3FBA-9A67-446F-A132-238F4F0306F7}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{3BF82B35-D811-4D82-BF7F-3E794AFB2193}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{40A56AFD-4FAB-44F0-8674-C5DC213D49CC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{40DD34B7-C8D8-4020-A96C-BFF11423963C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{43B5DA7F-3EA0-40FE-99BD-3DF0C17ED80C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4F380578-D994-43F6-8461-C18320C1509C}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{5C085C2D-2213-4A7B-82C3-22BCA6BF7473}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5C3D97C5-6368-4B9B-BFB2-F7FA9F568D5C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{5D57B8E0-A814-439A-9110-33B04BC60BEF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{5D58CB79-3D38-45B1-AB6C-D575690716AF}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6030D54D-827D-42FF-B6E8-DAEE03FF075B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{61131A22-8030-46C5-B1CF-2DD8066E481F}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{6796B054-0332-4AD9-A232-E4A5EC7DFB26}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{75478573-C474-4BF1-96A5-80B8430D3F06}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7770AE56-5565-4CB6-B8A3-839B3CFB71E0}" = protocol=17 | dir=in | app=c:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe |
"{7E395B00-E01A-49BF-AB8C-0D76F16DA8F7}" = protocol=58 | dir=in | [email protected],-148 |
"{820D7E8B-91BF-4857-9D7F-6C17D868219F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{8608B2C2-6B60-4BAB-A257-08C12CD21435}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{884DDB79-D485-4132-B7F6-EA4EEABE55C5}" = dir=in | app=c:\program files (x86)\avg\avg9\avgam.exe |
"{8EDAB497-72E1-4753-93C0-2D883DF74EEF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8EEFD03B-99E4-49D2-A45F-F0442F29E985}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{91512AF0-27EF-4931-A629-CE0F530A96C8}" = protocol=6 | dir=in | app=c:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe |
"{91850DC8-E2B5-442F-98EA-8E67CE1D99AF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9316E8FD-6FB2-4767-AED8-48DE24D0A9D0}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{942C7AD9-7E29-4251-88ED-AD1E7754CAC0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C90C6C8-DE50-4D80-B944-192885BF15DA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{9D5C0E71-0CA4-4456-9846-DBFE972FFBA6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9FEAE0ED-F2C1-44E8-847B-F847E74A8C39}" = protocol=6 | dir=in | app=c:\program files (x86)\vbuzzer\vbuzzer.exe |
"{A04CFE08-1B67-4018-9B97-AB4A059C30C7}" = dir=in | app=c:\program files (x86)\avg\avg9\avgdiagex.exe |
"{A4607285-8449-4764-9686-2CC51F8C08DD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{AD717F1E-7D8B-4D19-8060-0CF4888FC531}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{B5858AEC-3972-4E19-8673-BFF5447157EB}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BAB1AE5B-5292-4AFB-8996-A023DA5BFACA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{BBC0C544-AD63-4D83-9CF8-B7AD12540002}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{C02F2A31-D4CC-4A5E-AFDB-0BA4129264D8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C2F74FB6-EFC0-4F11-8922-3D15D40FC235}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{CE001622-BA02-4856-A93C-E83F636F6BD9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D33A3BC7-E6E4-45B9-9B9B-FED85F98DF98}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D42BF1BE-1EB0-427A-95F1-384D311883D0}" = dir=in | app=c:\program files (x86)\avg\avg9\avgupd.exe |
"{D473DEA1-30B4-4541-9237-D33008210857}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{DA534FF0-CF0A-4F13-886F-941993FBBE62}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{DADB091B-8219-41A6-A1E6-9ADFE822DDFE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DCF9BE0B-0118-48A8-B872-F9D57B633DA7}" = dir=in | app=c:\program files (x86)\avg\avg9\avgnsa.exe |
"{DEF74AB8-35D6-4D89-896A-0DD22C8E3FC6}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E537DEE5-E141-4E4E-B721-548E8CB468B4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{E855B461-9F26-42EE-A067-12F91C819FEE}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E94182B4-F31D-42E8-92F5-3D74765034C6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{EF142883-3EFB-45AF-8BE7-FA0B6B0B4665}" = protocol=17 | dir=in | app=c:\program files (x86)\vbuzzer\vbuzzer.exe |
"{EF9A200A-466F-4780-80E2-A1AEA03A4760}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F55E5209-E02A-4693-9601-461E3C964533}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{FA6D18DF-D26A-46C2-BA98-1394E3C63866}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FC471CFF-5A3D-4283-BD88-84ED524DC14C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{FCADFD57-907F-4E81-8E49-322984F2F336}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{FCD6FF5A-5320-429A-A538-E7674C4673CF}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}" = HP Deskjet D1500 Printer Driver Software 10.0 Rel .3
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9FEF1A18-8F26-4F49-A5A4-956C12210624}" = HP Photosmart Plus B209a-m All-In-One Driver Software 13.0 Rel .6
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F7513E19-6224-485E-988D-9BF45BE64B53}" = Windows Live Family Safety
"CNXT_MODEM_PCI_HSF" = PCIe Soft Data Fax Modem with SmartCP
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0A042C19-1F48-4952-B3B6-828E8028A187}" = B209a-m
"{0A3238D7-AB32-4E15-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 Workgroup (32-bit)
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0EC7C406-B592-4686-BAC1-AD29A85EAE6A}" = HP Driver Diagnostics
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{15733AD1-1CEF-459A-9245-0924FC63BDD5}" = HP My Display
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F264191-64FB-4163-813C-70641B24089F}" = HP Print Diagnostic Utility
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{305468A6-DE2D-43ba-A168-2F45A97A89DA}" = DJ_SF_03_D1500_Software_Min
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5BDCCFA2-43E0-45CD-ABE4-B05FA9FF9F2B}" = PC Tutor™ Learn Windows Vista™
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6710FE30-27F7-492B-A660-D31D4A898A43}" = MSN Toolbar
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79E105B2-E97C-4EB0-9B4E-BB92B7E3AEAB}" = Peachtree Accounting 2009
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8B8240B3-891D-4965-AA51-8799622D44FF}" = DJ_SF_03_D1500_ProductContext
"{8BCB844B-0814-4354-A413-1063DB4618E9}" = PeachTree Signature Ready Forms
"{8FC1F936-45AD-441A-A8AC-D73C3C2744ED}" = Tango
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A2016015-8323-4AF8-8B3E-F56239D7D59D}" = HP Demo
"{A4ECF10E-8914-4E29-9E48-8BE2F57558DC}" = ResumeMaker
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.3
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B1421599-A42D-47ef-B512-B9B0317BD599}" = DJ_SF_03_D1500_Software
"{B65759DD-26C6-4EA6-9014-CA798907EBFD}" = PS_AIO_06_B209a-m_SW_Min
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}" = muvee autoProducer 6.1
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBF3C503-946E-45EA-B347-EACC41781989}" = W Photo Studio
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4shared.com Toolbar" = 4shared.com Toolbar
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AVG9Uninstall" = AVG 9.0
"ERUNT_is1" = ERUNT 1.1j
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HijackThis" = HijackThis 2.0.2
"HP Photo Creations" = HP Photo Creations
"InstallShield_{79E105B2-E97C-4EB0-9B4E-BB92B7E3AEAB}" = Peachtree Complete Accounting 2009
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Integration Services" = Sage Software Integration Services
"LimeWire" = LimeWire 5.1.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Morphyre" = Morphyre
"MyAshampoo Toolbar" = MyAshampoo Toolbar
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Picasa2" = Picasa 2
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"sp41119" = sp41119
"ULTIMATER" = Microsoft Office Ultimate 2007 Subscription
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/25/2010 9:00:14 PM | Computer Name = CodyThorn-PC | Source = VSS | ID = 8194
Description =

Error - 5/25/2010 9:33:54 PM | Computer Name = CodyThorn-PC | Source = Application Hang | ID = 1002
Description = The program HPAdvisor.exe version 3.1.9152.3107 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 834 Start Time: 01cafc610f57c4f0 Termination Time: 45

Error - 5/25/2010 11:56:18 PM | Computer Name = CodyThorn-PC | Source = Application Error | ID = 1000
Description = Faulting application iMoneysoft.exe, version 0.0.0.0, time stamp 0x2a425e19,
faulting module kernel32.dll, version 6.0.6002.18005, time stamp 0x49e038c0, exception
code 0x0eedfade, fault offset 0x0001e124, process id 0x1ae0, application start time
0x01cafc87648012e0.

Error - 5/26/2010 1:11:29 AM | Computer Name = CodyThorn-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 5/26/2010 1:41:37 AM | Computer Name = CodyThorn-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

Error - 5/26/2010 3:01:21 AM | Computer Name = CodyThorn-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18904, time stamp
0x4b835fec, faulting module Alert.dll, version 1.0.4.0, time stamp 0x478db045,
exception code 0xc0000005, fault offset 0x000021db, process id 0x1cd4, application
start time 0x01cafca13dac32b0.

Error - 5/26/2010 3:18:00 AM | Computer Name = CodyThorn-PC | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 8.0.6001.18904 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 177c Start Time: 01cafc749108a830 Termination Time: 0

Error - 5/26/2010 3:25:01 AM | Computer Name = CodyThorn-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 5/26/2010 3:25:01 AM | Computer Name = CodyThorn-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 5/26/2010 3:25:01 AM | Computer Name = CodyThorn-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 7/6/2010 12:57:15 PM | Computer Name = CodyThorn-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer HP Photosmart Plus B209a-m
with shared resource name HP Photosmart Plus B209a-m. Error 2114. The printer cannot
be used by others on the network.

Error - 7/6/2010 12:57:15 PM | Computer Name = CodyThorn-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer HP Deskjet D1500 series
with shared resource name HP Deskjet D1500 series. Error 2114. The printer cannot
be used by others on the network.

Error - 7/6/2010 12:58:39 PM | Computer Name = CodyThorn-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/6/2010 1:04:59 PM | Computer Name = CodyThorn-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/6/2010 1:56:28 PM | Computer Name = CodyThorn-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 7/7/2010 4:01:05 AM | Computer Name = CodyThorn-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 7/7/2010 5:17:15 AM | Computer Name = CodyThorn-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume D: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 7/7/2010 1:03:18 PM | Computer Name = CodyThorn-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer Peachtree E-mail Writer
v2 with shared resource name Peachtree E-mail Writer v2. Error 1722. The printer
cannot be used by others on the network.

Error - 7/7/2010 1:08:13 PM | Computer Name = CodyThorn-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 7/7/2010 1:56:52 PM | Computer Name = CodyThorn-PC | Source = Service Control Manager | ID = 7031
Description =


< End of report >





There you go, ill be waiting haha.
  • 0

#4
RKinner
Posted 07 July 2010 - 01:01 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Uninstall the following:

"LimeWire" = LimeWire 5.1.2
"MyAshampoo Toolbar" = MyAshampoo Toolbar
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"4shared.com Toolbar" = 4shared.com Toolbar
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)

Close all programs. Right click on IE or FireFox and select Run As Administrator then go to:

http://www.bitdefend...nline/free.html

and follow the instructions, Copy and Paste the report you get.

Then run OTL again, quick scan and copy and paste the log.

Ron
  • 0

#5
Coxor
Posted 07 July 2010 - 03:25 PM

Coxor

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Sorry some of these files im having a problem uninstalling but i am getting them now.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP