I have my friends computer and she has somehow downloaded this fake scanner(PC Power Speed)...I told her I knew where to get help so here are the OTL and Extras LOGs:
---------------------------------------------------------
OTL logfile created on: 5/26/2011 12:50:58 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\MTNAIR\Desktop
Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 49.23% Memory free
4.19 Gb Paging File | 3.13 Gb Available in Paging File | 74.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 165.65 Gb Free Space | 71.13% Space Free | Partition Type: NTFS
Computer Name: MTNAIR-PC | User Name: MTNAIR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/05/26 12:50:24 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\MTNAIR\Desktop\OTL.exe
PRC - [2011/05/25 04:17:22 | 000,322,688 | ---- | M] (Crawler.com) -- C:\Program Files\PCPowerSpeed\PCPowerTray.exe
PRC - [2011/04/20 23:46:20 | 000,992,256 | ---- | M] (Inbox.com, Inc.) -- C:\Program Files\RebateInformer\RebateInf.exe
PRC - [2011/01/13 04:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 04:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/14 17:03:58 | 000,984,352 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2010/09/14 15:45:30 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/04/05 09:24:08 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/04 18:48:30 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2009/02/02 22:07:18 | 000,240,544 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10b.exe
PRC - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/06/08 05:35:44 | 000,118,784 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2007/06/08 05:35:44 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2007/06/08 05:35:40 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe
PRC - [2007/04/23 17:19:34 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007/04/23 17:19:34 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007/04/03 10:21:30 | 000,923,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007/02/27 09:50:42 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2006/11/02 05:45:53 | 001,137,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
========== Modules (SafeList) ==========
MOD - [2011/05/26 12:50:24 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\MTNAIR\Desktop\OTL.exe
MOD - [2011/01/13 04:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2006/11/02 05:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/01/13 04:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/14 15:45:30 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/04/04 18:48:29 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/08/08 21:10:46 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/04/23 17:19:34 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
========== Driver Services (SafeList) ==========
DRV - [2011/01/13 04:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 04:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 04:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 04:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/01/13 04:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/03/15 06:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/08/10 21:00:38 | 000,059,904 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUWWAN.sys -- (PTDUWWAN)
DRV - [2008/08/10 21:00:32 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUVsp.sys -- (PTDUVsp)
DRV - [2008/08/10 21:00:30 | 000,041,344 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUMdm.sys -- (PTDUMdm)
DRV - [2008/08/10 21:00:28 | 000,033,024 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUBus.sys -- (PTDUBus)
DRV - [2008/06/02 16:28:50 | 000,222,720 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NWADIenum.sys -- (NWADI)
DRV - [2008/05/09 11:08:40 | 000,174,336 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbser.sys -- (NWUSBPort)
DRV - [2008/05/09 11:08:40 | 000,174,336 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwusbmdm.sys -- (NWUSBModem)
DRV - [2007/09/13 15:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/08/07 15:24:24 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)
DRV - [2007/08/06 16:52:38 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/06/08 05:35:44 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/05/23 10:28:36 | 000,074,240 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007/05/23 10:28:36 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007/05/22 18:41:28 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/04/23 13:29:00 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2006/10/18 11:56:30 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2004/12/12 10:55:22 | 000,017,636 | ---- | M] (SHARP ECR) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ecrdrv.sys -- (ECRDRV)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80051
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox...id=80051&lng=en
IE - HKLM\..\URLSearchHook: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\prxtbPage.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/05/04 17:43:45 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\prxtbPage.dll (Conduit Ltd.)
O2 - BHO: () - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - C:\Program Files\RebateInformer\RebateI.dll (Inbox.com, Inc.)
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\PageRage\YontooIEClient.dll (Yontoo Technology, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\prxtbPage.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PageRage Toolbar) - {9565115D-C7D6-46D3-BD63-B67B481A4368} - C:\Program Files\PageRage\prxtbPage.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PCPowerSpeed] C:\Program Files\PCPowerSpeed\PCPowerTray.exe (Crawler.com)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Pulse Ambassador Update Setup] File not found
O4 - HKCU..\Run: [Pulse Ambassador Update Setup for All Users] C:\ProgramData\{A91C477B-655B-4FEA-8B8E-CC6820970F3A}\setup.exe (Pulse Microsystems Ltd. )
O4 - HKCU..\Run: [RebateInformer] C:\Program Files\RebateInformer\RebateInf.exe (Inbox.com, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([community] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.su...indows-i586.cab (Java Plug-in 1.4.2_19)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_19)
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\rebinfo {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\Program Files\RebateInformer\RebateI.dll (Inbox.com, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{221ac50c-2a2b-11de-8e92-0013a9c02444}\Shell - "" = AutoRun
O33 - MountPoints2\{221ac50c-2a2b-11de-8e92-0013a9c02444}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{321ae67e-8653-11e0-b622-0013a9c02444}\Shell\AutoRun\command - "" = G:\JDLightning\Windows\JDLightning.exe
O33 - MountPoints2\{4be3ba44-d777-11de-b674-0013a9c02444}\Shell - "" = AutoRun
O33 - MountPoints2\{4be3ba44-d777-11de-b674-0013a9c02444}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{b4270ce2-dc60-11df-b057-7a8020000200}\Shell\AutoRun\command - "" = G:\JDLightning\Windows\JDLightning.exe
O33 - MountPoints2\{b7358028-e1ae-11de-99d3-7a8020000200}\Shell - "" = AutoRun
O33 - MountPoints2\{b7358028-e1ae-11de-99d3-7a8020000200}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{ce26bab4-2159-11de-9e68-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ce26bab4-2159-11de-9e68-806e6f6e6963}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\SETUP.EXE
O33 - MountPoints2\I\Shell\configure\command - "" = I:\SETUP.EXE
O33 - MountPoints2\I\Shell\install\command - "" = I:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/05/26 12:50:11 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\MTNAIR\Desktop\OTL.exe
[2011/05/26 12:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/05/26 12:11:23 | 000,000,000 | ---D | C] -- C:\Users\MTNAIR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/05/25 18:16:53 | 000,000,000 | ---D | C] -- C:\Users\MTNAIR\AppData\Roaming\Malwarebytes
[2011/05/25 18:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/25 18:16:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/25 18:16:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/25 18:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/25 18:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/03 21:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
[2011/05/03 21:44:35 | 000,000,000 | ---D | C] -- C:\Program Files\AppGraffiti
[2011/05/03 21:44:32 | 000,000,000 | ---D | C] -- C:\Users\MTNAIR\AppData\Roaming\PCPowerSpeed
[2011/05/03 21:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\PCPowerSpeed
[2011/05/03 21:44:32 | 000,000,000 | ---D | C] -- C:\Program Files\PCPowerSpeed
[2011/05/03 21:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Power Speed
[2011/05/03 21:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RebateInformer
[2011/05/03 21:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\RebateInformer
[2011/05/03 21:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\Inbox.com
[2011/05/03 21:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
[2011/05/03 21:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Inbox Toolbar
========== Files - Modified Within 30 Days ==========
[2011/05/26 12:50:24 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\MTNAIR\Desktop\OTL.exe
[2011/05/26 12:46:09 | 000,009,124 | ---- | M] () -- C:\Users\MTNAIR\Desktop\HJTlogCathys1
[2011/05/26 12:28:15 | 000,002,525 | ---- | M] () -- C:\Users\MTNAIR\Desktop\HiJackThis.lnk
[2011/05/26 12:25:38 | 000,621,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/26 12:25:38 | 000,104,868 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/26 12:19:42 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/26 12:19:42 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/26 12:19:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/26 12:19:34 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/25 18:16:51 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/25 18:09:47 | 081,282,048 | ---- | M] () -- C:\Users\MTNAIR\Outlook.pst
[2011/05/03 21:44:32 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\PC Power Speed.lnk
[2011/05/03 21:44:26 | 000,000,787 | ---- | M] () -- C:\Users\Public\Desktop\RebateInformer.lnk
[2011/05/03 21:44:26 | 000,000,052 | ---- | M] () -- C:\Users\Public\Desktop\RebateGiant.com.url
[2011/04/30 09:49:21 | 000,005,120 | ---- | M] () -- C:\Users\MTNAIR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Files Created - No Company Name ==========
[2011/05/26 12:46:09 | 000,009,124 | ---- | C] () -- C:\Users\MTNAIR\Desktop\HJTlogCathys1
[2011/05/26 12:11:23 | 000,002,525 | ---- | C] () -- C:\Users\MTNAIR\Desktop\HiJackThis.lnk
[2011/05/25 19:03:09 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/25 18:16:51 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/03 21:44:32 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\PC Power Speed.lnk
[2011/05/03 21:44:26 | 000,000,787 | ---- | C] () -- C:\Users\Public\Desktop\RebateInformer.lnk
[2011/05/03 21:44:26 | 000,000,052 | ---- | C] () -- C:\Users\Public\Desktop\RebateGiant.com.url
[2010/12/07 19:50:38 | 000,045,163 | ---- | C] () -- C:\Windows\System32\javaw.exe
[2010/12/07 19:50:38 | 000,045,161 | ---- | C] () -- C:\Windows\System32\java.exe
[2010/05/14 11:15:42 | 000,000,524 | ---- | C] () -- C:\Windows\hpomdl36.dat.temp
[2010/05/12 19:35:02 | 000,186,769 | ---- | C] () -- C:\Windows\hpwins23.dat
[2010/05/12 19:35:02 | 000,001,847 | ---- | C] () -- C:\Windows\hpwmdl23.dat
[2010/05/04 17:28:40 | 000,148,300 | ---- | C] () -- C:\Windows\hpoins36.dat
[2010/05/04 17:28:40 | 000,000,524 | ---- | C] () -- C:\Windows\hpomdl36.dat
[2009/08/07 00:15:44 | 000,000,000 | ---- | C] () -- C:\Windows\EcrLnkTm.INI
[2009/04/05 16:27:24 | 000,000,279 | ---- | C] () -- C:\Users\MTNAIR\AppData\Local\RAExpertHistory.xml
[2009/04/05 16:11:07 | 000,000,391 | ---- | C] () -- C:\Users\MTNAIR\AppData\Local\rahistory.xml
[2009/04/05 15:09:09 | 000,148,958 | ---- | C] () -- C:\Windows\hpoins19.dat
[2009/04/05 15:08:48 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2009/04/04 19:35:56 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2009/04/04 19:14:19 | 000,005,120 | ---- | C] () -- C:\Users\MTNAIR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/04 16:49:52 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2009/04/04 16:49:52 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2009/04/04 16:49:52 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1230.dll
[2009/04/04 16:48:13 | 000,000,680 | ---- | C] () -- C:\Users\MTNAIR\AppData\Local\d3d9caps.dat
[2006/11/02 08:55:52 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:46:27 | 000,387,744 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:34:29 | 000,063,488 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2006/11/02 08:34:23 | 000,080,010 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2006/11/02 08:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,621,552 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,868 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 03:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/09/18 14:37:50 | 000,000,530 | ---- | C] () -- C:\Windows\System32\tx12_ic.ini
[2006/09/18 14:37:48 | 000,667,280 | ---- | C] () -- C:\Windows\System32\tx12.dll
< End of report >
------------------------------------------
and the Extras Log
------------------------------------------
OTL Extras logfile created on: 5/26/2011 12:50:58 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\MTNAIR\Desktop
Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 49.23% Memory free
4.19 Gb Paging File | 3.13 Gb Available in Paging File | 74.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 165.65 Gb Free Space | 71.13% Space Free | Partition Type: NTFS
Computer Name: MTNAIR-PC | User Name: MTNAIR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{94906752-5B69-4D82-A22E-F768A5DA3AE5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04F10723-BFEE-4086-8464-5180989B3260}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{0E4A6DAD-E6E4-4FEC-AF10-1F087E4F8F8C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{2CD63510-1BB0-4E82-A002-E8DA35E4EC23}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{2EC1E1A5-1294-431C-9DB2-9080843BE95D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2F767FD2-DBFB-4776-AC07-122A20E1BD67}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{30BB3382-5BE6-4D95-80E6-C208F35917B1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{313060B0-5194-48CA-BF1C-9D04AD33C21B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{3EAD0462-D8C8-412E-B604-10E74E2AC84E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{440192FE-D0A4-425F-AD39-222433EC4060}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{44FFDD8A-60C1-454D-BD41-C4B28BAB0F8D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4D76E6EA-7896-4D61-BC51-2F46B60F47B0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{5C43A2E4-4A73-41FE-8581-42C54C084C0F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{677DBC38-E96C-4895-B351-B44CE0FC9F6A}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{7096869E-8A7D-4F21-83EE-3DC84113A748}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{830B1268-5307-4D3E-AB2A-DF22132563EB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{8B330A00-3D38-4CB8-83A7-0314A5CF57A7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{975A7CFC-23FE-4FE0-A675-62F16811A367}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A042B87B-98FD-46DF-8D77-83BFB44158EA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{B7D5553B-5775-4959-B3A8-5FA7330B28C7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{CC5D03BF-9611-4565-AE01-B1BEE48CD20B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{CE9275AD-55FF-434D-A371-EA2A41B20DB1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{D0B9CBF3-55FD-4A3F-A0E3-BC8F1A134691}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{EFCB3DB6-48BD-41B6-97D8-29864C223F9C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F0DDE1D8-C2B9-454B-80C0-A509D2C5F54E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{F6616B56-0097-484B-BE1B-7AD443BBEFEA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{FE002C07-5DA5-4106-9A45-20D822385A9E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{FF7071FD-5EAB-4CF0-B183-B7C0CF64539C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0FE6B77F-54CD-45ED-BB64-A99477B0A8F1}" = 5600
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2605461E-AB2E-49F5-8A16-64B7F3595030}" = 5600Trb
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}" = BPDSoftware
"{428A6DA3-FD56-44AE-B602-15DCCD6A7515}" = VAIO AV Mode Launcher
"{459f39ae-fa19-4722-a6cf-b0e80ee2a21f}" = PS_AIO_05_C4600_Software_Min
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1" = RebateInformer
"{54C7CFA4-9DDD-40c7-A58F-AF0E7916848C}" = HPPhotoGadget
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68CC54AC-EFE5-4CE4-81F8-BE0C834E2D86}" = Mobile Broadband Generic Drivers
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}" = BPDSoftware_Ini
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1" = AppGraffiti
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7148F0A8-6813-11D6-A77B-00B0D0142190}" = Java 2 Runtime Environment, SE v1.4.2_19
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73298097-637a-47cd-9a41-0b78288e5562}" = C4600
"{7DCBC3D8-8954-491D-A1B9-8C61C563B004}" = 5600_Help
"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting
"{83C57C58-FDD7-4d86-BFCC-9D31CC4EFA71}" = 6500_E709n
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = PageRage 1.10.01
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9129B46A-51F0-431b-9838-DF7272F3204E}" = ProductContext
"{9603DE6D-4567-4b78-B941-849322373DE2}" = SolutionCenter
"{9A2F0810-3623-4E86-9072-973FBE1679C5}" = QuickBooks Premier: Accountant Edition 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{9FDEF7FC-0D03-4CAE-9DC3-1F436A93BDA4}" = Pulse Ambassador
"{A2132BB7-E6F8-47C0-A92C-90A5396A6850}" = Customer Support Tool A40S
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B0C56FD7-493D-44DD-B007-BBB5117D6E6F}_is1" = PC Power Speed 1.0.0.0
"{C13AF9C7-8E06-4354-B629-DF6192CE4A66}" = PANTECH UM175 Driver
"{C26B06A9-27BB-45B0-9873-9C623EC2BA38}" = iTunes
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC245BDC-9974-4fe0-8A9F-6031C26E2DC7}" = HP Photosmart C4600 All-In-One Driver Software 12.0 Rel .5
"{DE13432E-F0C1-4842-A5BA-CC997DA72A70}" = 6500_E709_eDocs
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E6A715CB-2912-403A-97A1-2A00F65A012E}" = Customer Support Tool A41S
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F185B35D-38E5-4D88-B275-15C8C7FC4357}" = 6500_E709_Help
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FA0F0A01-4631-4161-A6C2-948BF694382E}" = HP Officejet 6500 E709 Series
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast5" = avast! Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"conduitEngine" = Conduit Engine
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"PageRage Toolbar" = PageRage Toolbar
"PowerISO" = PowerISO
"Pulse Ambassador" = Pulse Ambassador
"Shop for HP Supplies" = Shop for HP Supplies
"VZAccess Manager" = VZAccess Manager
"Yahoo! Companion" = Yahoo! Toolbar
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/21/2011 7:14:02 PM | Computer Name = MTNAIR-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks: Premier Accountant
Edition 2009": Trying to process a record 60 : Mountain Airbrush Checking for List
Review edlist without actually being in a write transacti
Error - 5/21/2011 7:18:19 PM | Computer Name = MTNAIR-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks: Premier Accountant
Edition 2009": Error: Verify Template list. Duplicate name encountered. Name:
Work Order Records 12 (24) and 19 (25). To fix, edit this element in the list
and change its name
Error - 5/21/2011 7:38:39 PM | Computer Name = MTNAIR-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks: Premier Accountant
Edition 2009": Trying to process a record 60 : Mountain Airbrush Checking for List
Review edlist without actually being in a write transacti
Error - 5/21/2011 7:42:12 PM | Computer Name = MTNAIR-PC | Source = Application Error | ID = 1000
Description = Faulting application qbw32.exe, version 19.0.4012.705, time stamp
0x4c8fcd8e, faulting module ole32.dll, version 6.0.6000.16386, time stamp 0x4549bd92,
exception code 0xc0000005, fault offset 0x00041022, process id 0x1240, application
start time 0x01cc180a6bebef3b.
Error - 5/24/2011 6:07:13 PM | Computer Name = MTNAIR-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.
Error - 5/24/2011 6:17:14 PM | Computer Name = MTNAIR-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.
Error - 5/25/2011 6:53:43 PM | Computer Name = MTNAIR-PC | Source = EventSystem | ID = 4609
Description =
Error - 5/25/2011 7:05:43 PM | Computer Name = MTNAIR-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.
Error - 5/26/2011 10:58:26 AM | Computer Name = MTNAIR-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.
Error - 5/26/2011 12:22:06 PM | Computer Name = MTNAIR-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.
[ System Events ]
Error - 5/25/2011 6:54:04 PM | Computer Name = MTNAIR-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 5/25/2011 6:54:04 PM | Computer Name = MTNAIR-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 5/25/2011 6:54:04 PM | Computer Name = MTNAIR-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 5/25/2011 6:54:04 PM | Computer Name = MTNAIR-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 5/25/2011 6:54:18 PM | Computer Name = MTNAIR-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 5/25/2011 6:54:19 PM | Computer Name = MTNAIR-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 5/25/2011 6:54:19 PM | Computer Name = MTNAIR-PC | Source = DCOM | ID = 10005
Description =
Error - 5/26/2011 10:57:35 AM | Computer Name = MTNAIR-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 5/26/2011 12:18:02 PM | Computer Name = MTNAIR-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.
Error - 5/26/2011 12:20:50 PM | Computer Name = MTNAIR-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
< End of report >
the Rebate and pagerage BHOs look suspicious to me as well, what do you think?