My computer is running very slowly, I can't seem to figure out why.

Any help would be appreciated.


Here is my Hijackthis Log


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:09:37 AM, on 6/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe
C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe
C:\WINDOWS\soundman.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Brownie\BrstsWnd.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brownie\brpjp04a.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\CardScan\cs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify...=us&.src=ym
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [PDUiP6000DMon] C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe
O4 - HKLM\..\Run: [PDUiP6000DTskbr] C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun
O4 - HKLM\..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\System32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Printing Migration] rundll32.exe C:\WINDOWS\System32\spool\migrate.dll,ProcessWin9xNetworkPrinters (User 'Default user')
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickBooks 2002 Delivery Agent.lnk = C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\QBDAgent2002.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsc...76/mcinsctl.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Canon PIXMA iP6000D Memory Card Manager (PDUiP6000DMemCrdMgr) - CANON INC. - C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe

--
End of file - 7941 bytes


Thank you.

Hello ectexas,
Welcome to What the Tech.
My name is OCD, I will be helping you with your log today.

Please be advised, as I am still in training, all my replies to you will be checked for accuracy by one of our experts to ensure that I am giving you the best possible advise.
This may cause a delay, but I will do my best to keep it as short as possible.

I am checking over your HijackThis log now, I will post back shortly with instructions.

Hello ectexas,

• You may want to print out these instructions for reference prior to proceeding.
• This solution is specifically tailored for this particular problem, please do not attempt to use this solution on another computer.
• If you have any questions, or are uncertain about any steps please ask 'before' proceeding.

- - - - - Next - - - - -

You log currently shows that you have two (2) Anti-Virus programs installed, Symantec AntiVirus and VIPRE® Antivirus + Antispyware. It is important that only one (1) Anti-Virus program
is running at any one time. The choice is yours but you must remove one of these programs before we proceed. This process can be done via Add/Remove Programs in your Control Panel.

- - - - - Next - - - - -

If you choose to remove Symantec AntiVirus, please use the Norton Removal Tool (directions below)

Download the Norton Removal Tool from ftp://ftp.symantec.com/public/english_us_...emoval_Tool.exe and save it to your desktop.

Next Double click on Norton_Removal_Tool.exe to run the tool.

Follow the on-screen instructions.
Your computer may be restarted more than once, and you may be asked to repeat some steps after the computer restarts.

- - - - - Next - - - - -

If removing VIPRE® Antivirus + Antispyware use the directions below

Please go to Start Menu > Control Panel > Add/ Remove Programs
Scroll Down and locate one the following program:

• VIPRE® Antivirus + Antispyware
  

Select the program, then select remove.

Exit the Control Panel when finished.

- - - - - Next - - - - -

Please download ATF Cleaner by Atribune.
Download - http://www.nutnworks.com/downloads/ATF_Cleaner.exe

• Double-click ATF-Cleaner.exe to run the program.
• Under Main choose: Select All
• Click the Empty Selected button.

If you use Firefox browser

• Click Firefox at the top and choose: Select All
• Click the Empty Selected button.
• NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

• Click Opera at the top and choose: Select All
• Click the Empty Selected button.
• NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

- - - - - Next - - - - -

Please download Malwarebytes' Anti-Malware from here or here

Double Click mbam-setup.exe to install the application.

• Make sure a check mark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.< < Don't forget this!
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
  (The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.)
  
• Copy and Paste the entire report in your next reply.

- - - - - Next - - - - -

• Download OTL to your desktop.
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Check the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
  Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
  You may need two posts to fit them both in.

- - - - - Next - - - - -

Reboot, on your next post please provide the following:

• MBAM log
• OTL logs OTL.Txt and Extras.Txt
• Tell me how your computer is running at the moment.
• What firewall do you have installed and running?

Here is the mbam log

Malwarebytes' Anti-Malware 1.38
Database version: 2355
Windows 5.1.2600 Service Pack 3

6/30/2009 9:59:48 AM
mbam-log-2009-06-30 (09-59-48).txt

Scan type: Quick Scan
Objects scanned: 116808
Time elapsed: 12 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Here is the OTL log

OTL logfile created on: 6/30/2009 10:14:07 AM - Run 1
OTL by OldTimer - Version 3.0.5.3 Folder = C:\A Files\computer fix
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.49 Mb Total Physical Memory | 527.69 Mb Available Physical Memory | 51.56% Memory free
1.65 Gb Paging File | 1.35 Gb Available in Paging File | 81.71% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 34.43 Gb Free Space | 46.20% Space Free | Partition Type: NTFS
Drive D: | 501.61 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 149.05 Gb Total Space | 134.98 Gb Free Space | 90.56% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
Drive H: | 111.79 Gb Total Space | 18.27 Gb Free Space | 16.34% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive M: | 232.88 Gb Total Space | 34.63 Gb Free Space | 14.87% Space Free | Partition Type: NTFS

Computer Name: COREL
Current User Name: Test
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe (CANON INC.)
PRC - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe (Sunbelt Software)
PRC - C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe (CANON INC.)
PRC - C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe (CANON INC.)
PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
PRC - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Brownie\BrstsWnd.exe (brother)
PRC - C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe (Sunbelt Software)
PRC - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Brownie\brpjp04a.exe (brother)
PRC - C:\Program Files\Secunia\PSI\psi.exe (Secunia)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\A Files\computer fix\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV - (AcrSch2Svc [Auto | Running]) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (Net Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\System32\HPZinw12.dll (Hewlett-Packard)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
SRV - (PDUiP6000DMemCrdMgr [Auto | Running]) -- C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe (CANON INC.)
SRV - (Pml Driver HPZ12 [Auto | Running]) -- C:\WINDOWS\System32\HPZipm12.dll (Hewlett-Packard)
SRV - (SBAMSvc [Auto | Running]) -- C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe (Sunbelt Software)
SRV - (UMWdf [Auto | Running]) -- C:\WINDOWS\System32\wdfmgr.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (ALCXSENS [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (ALCXWDM [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS (Avance Logic, Inc.)
DRV - (ASPI32 [Auto | Running]) -- C:\WINDOWS\System32\drivers\Aspi32.sys (Adaptec)
DRV - (CorexCardScan [System | Stopped]) -- C:\WINDOWS\System32\drivers\slcorex.sys (CYPRESS Corporation)
DRV - (DgiVecp [Auto | Running]) -- C:\WINDOWS\System32\Drivers\DgiVecp.sys (DeviceGuys, Inc.)
DRV - (FETND5BV [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys (VIA Technologies, Inc. )
DRV - (FETNDIS [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\fetnd5.sys (VIA Technologies, Inc. )
DRV - (FileDisk [System | Running]) -- C:\WINDOWS\System32\drivers\FILEDISK.SYS (iolo technologies, LLC (based on original work by Bo Brantén))
DRV - (G400 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\G400m.sys (Matrox Graphics Inc.)
DRV - (HCF_MSFT [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys (Conexant)
DRV - (HidBatt [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (HPZid412 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys (HP)
DRV - (HPZipr12 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys (HP)
DRV - (HPZius12 [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys (HP)
DRV - (IFP800 [Boot | Running]) -- C:\WINDOWS\system32\drivers\ifp800.sys (iRiver, Inc.)
DRV - (MASPINT [Auto | Running]) -- C:\WINDOWS\System32\drivers\MASPINT.SYS (MicroStaff Co.,Ltd.)
DRV - (NtApm [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\NtApm.sys (Microsoft Corporation)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (OlCamudp [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\olcamudp.sys (OLYMPUS Optical Co.,Ltd.)
DRV - (PAR1284 [Auto | Running]) -- C:\WINDOWS\System32\Drivers\PAR1284.SYS (Warp Nine Engineering)
DRV - (pfc [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\pfc.sys (Padus, Inc.)
DRV - (PPNT [Auto | Running]) -- C:\WINDOWS\System32\Drivers\PPNT.SYS (Corex Technologies Corp.)
DRV - (PSI [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\psi_mf.sys (Secunia)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (sbaphd [System | Running]) -- C:\WINDOWS\System32\drivers\sbaphd.sys (Sunbelt Software)
DRV - (sbapifs [Auto | Running]) -- C:\WINDOWS\System32\drivers\sbapifs.sys (Sunbelt Software)
DRV - (SBRE [On_Demand | Stopped]) -- C:\WINDOWS\System32\drivers\SBREdrv.sys (Sunbelt Software)
DRV - (sbtis [System | Running]) -- C:\WINDOWS\System32\drivers\sbtis.sys (Sunbelt Software)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Sentinel [Auto | Running]) -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS ()
DRV - (snapman [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (Sparrow [Boot | Running]) -- C:\WINDOWS\System32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (TechStyler [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\oyots.sys ()
DRV - (tifsfilter [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\tifsfilt.sys (Acronis)
DRV - (timounter [Boot | Running]) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (TPkd [Boot | Running]) -- C:\WINDOWS\System32\drivers\TPkd.sys (PACE Anti-Piracy, Inc.)
DRV - (UDNT [Auto | Stopped]) -- C:\WINDOWS\System32\drivers\UDNT.SYS ()
DRV - (WINFLASH [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\WINFLASH.sys ()

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify...=us&.src=ym
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/05/25 13:33:50 | 00,000,000 | ---D | M]


O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PDUiP6000DMon] C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe (CANON INC.)
O4 - HKLM..\Run: [PDUiP6000DTskbr] C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe (CANON INC.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Samsung Common SM] C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe File not found
O4 - HKLM..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe (Sunbelt Software)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks 2002 Delivery Agent.lnk = C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\qbdagent2002.exe ()
O4 - Startup: C:\Documents and Settings\Test\Start Menu\Programs\Startup\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://bin.mcafee.com/molbin/shared/mcinsc...76/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab (System Requirements Lab Class)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab (HouseCall Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/...39014.342025463 (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab (Symantec RuFSI Registry Information Class)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} http://officeupdate.microsoft.com/Template...nloads/outc.cab (Microsoft Office Tools on the Web Control)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\SYSTEM\dajava.cab (Reg Error: Key error.)
O16 - DPF: Internet Explorer Classes for Java file://C:\WINDOWS\SYSTEM\iejava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.13.46.12 64.13.115.12 192.168.1.1 64.13.46.12 64.13.115.12
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2000/02/02 10:12:56 | 00,000,249 | -HS- | M] () - C:\AUTOEXEC.BAK -- [ NTFS ]
O32 - AutoRun File - [2002/07/03 14:03:00 | 00,000,149 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [1999/06/25 16:28:38 | 00,000,437 | -HS- | M] () - C:\AUTOEXEC.DOS -- [ NTFS ]
O32 - AutoRun File - [2000/10/10 16:55:58 | 00,000,134 | -HS- | M] () - C:\AUTOEXEC.OLD -- [ NTFS ]
O32 - AutoRun File - [1999/11/24 15:28:32 | 00,000,531 | ---- | M] () - C:\AUTOEXEC.SYD -- [ NTFS ]
O32 - AutoRun File - [1999/06/25 16:43:02 | 00,000,437 | ---- | M] () - C:\AUTOEXEC.VIA -- [ NTFS ]
O32 - AutoRun File - [2008/04/25 09:42:47 | 00,000,045 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2009/06/30 09:30:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/06/25 11:09:26 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/06/25 11:09:14 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Test\Desktop\HJTInstall.exe
[2009/06/22 17:35:40 | 00,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/06/22 15:34:46 | 00,000,778 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TweakNow RegCleaner.lnk
[2009/06/22 15:34:32 | 00,000,000 | ---D | C] -- C:\Program Files\TweakNow RegCleaner
[2009/06/22 15:34:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Test\Application Data\TweakNow RegCleaner
[2009/06/17 16:56:10 | 00,236,544 | ---- | C] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\Carfsw20.dll
[2009/06/17 16:56:10 | 00,230,400 | ---- | C] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\Carclw60.dll
[2009/06/17 16:56:08 | 01,706,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2009/06/17 16:56:08 | 00,274,432 | ---- | C] () -- C:\WINDOWS\System32\Carcla40.dll
[2009/06/17 16:56:08 | 00,069,632 | ---- | C] (The Software Company, Inc.) -- C:\WINDOWS\System32\ActiveAddress.dll
[2009/06/17 16:56:08 | 00,053,035 | ---- | C] () -- C:\WINDOWS\System32\ActiveAddress.ref
[2009/06/17 16:56:07 | 01,318,912 | ---- | C] (Chilkat Software, Inc.) -- C:\WINDOWS\System32\ChilkatXml.dll
[2009/06/17 16:56:07 | 00,733,184 | ---- | C] (Chilkat Software, Inc.) -- C:\WINDOWS\System32\ChilkatUtil.dll
[2009/06/17 16:56:07 | 00,607,528 | ---- | C] (DL Technology Ltd) -- C:\WINDOWS\System32\axbarcode.ocx
[2009/06/17 16:56:06 | 01,236,992 | ---- | C] (Chilkat Software, Inc.) -- C:\WINDOWS\System32\ChilkatHttp.dll
[2009/06/17 16:56:06 | 00,978,944 | ---- | C] (Chilkat Software, Inc.) -- C:\WINDOWS\System32\ChilkatCert.dll
[2009/06/17 16:56:05 | 01,155,072 | ---- | C] (Chilkat Software, Inc.) -- C:\WINDOWS\System32\ChilkatCrypt2.dll
[2009/06/17 16:56:05 | 00,774,144 | ---- | C] (Chilkat Software, Inc.) -- C:\WINDOWS\System32\HtmlToXml.dll
[2009/06/17 16:56:05 | 00,573,440 | ---- | C] (Chilkat Software, Inc.) -- C:\WINDOWS\System32\CkString.dll
[2009/06/17 16:44:32 | 00,002,489 | ---- | C] () -- C:\Documents and Settings\Test\Desktop\FastManager.lnk
[2009/06/17 16:44:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\fast register
[2009/06/17 13:46:24 | 00,069,936 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\sbapifs.sys
[2009/06/17 13:45:01 | 00,013,360 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\sbaphd.sys
[2009/06/10 06:00:54 | 00,068,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\sbbd.exe
[2009/06/03 08:32:04 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\compbatt.sys
[2009/06/03 08:32:04 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2009/06/03 08:32:00 | 00,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbatt.sys
[2009/06/03 08:32:00 | 00,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2009/06/03 08:32:00 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2009/06/03 08:32:00 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2009/06/01 14:30:31 | 00,001,738 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2009/06/01 14:16:41 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2009/06/01 14:16:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/06/01 14:02:36 | 00,000,000 | ---D | C] -- C:\OpenOffice.org 2.4 (en-US) Installation Files
[2009/06/01 13:24:58 | 00,000,729 | ---- | C] () -- C:\Documents and Settings\Test\Start Menu\Programs\Startup\Secunia PSI.lnk
[2009/06/01 13:22:55 | 00,000,000 | ---D | C] -- C:\Program Files\Secunia
[2009/01/22 13:33:41 | 00,000,145 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2009/01/22 13:33:41 | 00,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009/01/22 13:33:20 | 00,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2009/01/22 13:33:19 | 00,009,853 | ---- | C] () -- C:\WINDOWS\HL-2140.INI
[2009/01/22 13:33:13 | 00,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/01/22 13:31:53 | 00,000,331 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2008/01/18 16:53:55 | 00,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2007/09/10 14:21:29 | 00,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/10/22 12:22:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 12:22:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 12:22:00 | 00,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 12:22:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 12:22:00 | 00,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/05/15 12:34:33 | 00,002,568 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/10/19 17:52:58 | 00,000,281 | ---- | C] () -- C:\WINDOWS\System32\Trbininterface.ini
[2005/10/19 17:52:58 | 00,000,281 | ---- | C] () -- C:\WINDOWS\System32\bininterface.ini
[2004/12/27 07:23:32 | 00,003,266 | R--- | C] () -- C:\WINDOWS\System32\drivers\WinFlash.sys
[2004/12/09 12:42:55 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2004/12/09 12:25:38 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS69.DLL
[2004/10/04 11:53:42 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/09/24 16:41:58 | 00,007,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\oyots.sys
[2004/09/17 18:37:42 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/06/17 14:02:07 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2004/05/04 14:09:22 | 00,071,749 | ---- | C] () -- C:\WINDOWS\HCExtOutput.dll
[2004/05/04 14:09:22 | 00,000,823 | ---- | C] () -- C:\WINDOWS\TSC.INI
[2004/05/04 14:08:35 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini
[2004/05/03 17:19:11 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2004/05/03 17:19:09 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2004/04/13 14:08:44 | 00,000,047 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2003/11/14 14:27:28 | 00,000,291 | ---- | C] () -- C:\WINDOWS\MSFSETUP.INI
[2002/12/20 17:18:00 | 00,076,260 | ---- | C] () -- C:\WINDOWS\System32\drivers\UDNT.SYS
[2002/12/19 12:34:28 | 00,073,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS
[2002/12/19 12:34:28 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL
[2002/12/19 12:34:28 | 00,017,920 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL
[2002/12/18 19:41:58 | 00,000,397 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2002/12/18 19:33:30 | 00,012,327 | ---- | C] () -- C:\WINDOWS\IOS.INI
[2002/12/18 19:33:30 | 00,002,324 | ---- | C] () -- C:\WINDOWS\VISTA32D.INI
[2002/12/18 19:33:30 | 00,002,193 | ---- | C] () -- C:\WINDOWS\SIGNWZ32.INI
[2002/12/18 19:33:30 | 00,001,878 | ---- | C] () -- C:\WINDOWS\WINZIP32.INI
[2002/12/18 19:33:30 | 00,001,406 | ---- | C] () -- C:\WINDOWS\PAGEIMG.INI
[2002/12/18 19:33:30 | 00,001,324 | ---- | C] () -- C:\WINDOWS\VTWAIN.INI
[2002/12/18 19:33:30 | 00,001,276 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/12/18 19:33:30 | 00,000,941 | ---- | C] () -- C:\WINDOWS\MEDIAPAQ.INI
[2002/12/18 19:33:30 | 00,000,856 | ---- | C] () -- C:\WINDOWS\PCAuth.ini
[2002/12/18 19:33:30 | 00,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI
[2002/12/18 19:33:30 | 00,000,639 | ---- | C] () -- C:\WINDOWS\UCM_16.INI
[2002/12/18 19:33:30 | 00,000,383 | ---- | C] () -- C:\WINDOWS\HPFSCHED.INI
[2002/12/18 19:33:30 | 00,000,307 | ---- | C] () -- C:\WINDOWS\ROMCAT.INI
[2002/12/18 19:33:30 | 00,000,298 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2002/12/18 19:33:30 | 00,000,254 | ---- | C] () -- C:\WINDOWS\CTDelLau.INI
[2002/12/18 19:33:30 | 00,000,252 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2002/12/18 19:33:30 | 00,000,240 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI
[2002/12/18 19:33:30 | 00,000,232 | ---- | C] () -- C:\WINDOWS\NETSCAPE.INI
[2002/12/18 19:33:30 | 00,000,231 | ---- | C] () -- C:\WINDOWS\Ac3api.ini
[2002/12/18 19:33:30 | 00,000,227 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2002/12/18 19:33:30 | 00,000,189 | ---- | C] () -- C:\WINDOWS\CTSYN.INI
[2002/12/18 19:33:30 | 00,000,187 | ---- | C] () -- C:\WINDOWS\VATWAIN.INI
[2002/12/18 19:33:30 | 00,000,082 | ---- | C] () -- C:\WINDOWS\GBAFORM1.INI
[2002/12/18 19:33:30 | 00,000,075 | ---- | C] () -- C:\WINDOWS\CTNET.INI
[2002/12/18 19:33:30 | 00,000,071 | ---- | C] () -- C:\WINDOWS\4DISCBIB.INI
[2002/12/18 19:33:30 | 00,000,062 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2002/12/18 19:33:30 | 00,000,057 | ---- | C] () -- C:\WINDOWS\SHAREMEM.INI
[2002/12/18 19:33:30 | 00,000,050 | ---- | C] () -- C:\WINDOWS\WINFILE.INI
[2002/12/18 19:33:30 | 00,000,038 | ---- | C] () -- C:\WINDOWS\BACKDOOR.INI
[2002/12/18 19:33:30 | 00,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2002/12/18 19:33:30 | 00,000,034 | ---- | C] () -- C:\WINDOWS\SOL.INI
[2002/12/18 19:33:30 | 00,000,028 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2002/12/18 19:33:30 | 00,000,026 | ---- | C] () -- C:\WINDOWS\SPSETUP.INI
[2002/12/18 19:33:30 | 00,000,026 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI
[2002/12/18 19:33:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ZDDBVIEW.INI
[2002/12/18 19:33:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ZDBUI32.INI
[2002/12/18 19:33:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SWPM32.INI
[2002/12/18 19:33:30 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSINFO32.INI
[2002/12/18 19:33:29 | 00,007,885 | ---- | C] () -- C:\WINDOWS\NETDET.INI
[2002/12/18 19:33:29 | 00,005,068 | ---- | C] () -- C:\WINDOWS\DELETEFI.INI
[2002/12/18 19:33:29 | 00,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI
[2002/12/18 19:33:29 | 00,000,865 | ---- | C] () -- C:\WINDOWS\DOSREP.INI
[2002/12/18 19:33:29 | 00,000,299 | ---- | C] () -- C:\WINDOWS\PRELUDE.INI
[2002/12/18 19:33:29 | 00,000,226 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[2002/12/18 19:33:29 | 00,000,175 | ---- | C] () -- C:\WINDOWS\WINMINE.INI
[2002/12/18 19:33:29 | 00,000,153 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2002/12/18 19:33:29 | 00,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2002/12/18 19:33:29 | 00,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2002/12/18 19:33:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\PROGMAN.INI
[2002/11/01 17:17:50 | 00,000,256 | ---- | C] () -- C:\WINDOWS\AUCFG.INI
[2002/07/04 16:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\TMUPDATE.INI
[2002/07/01 15:53:20 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\icmfilter.dll
[2001/12/14 14:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2001/08/23 13:00:00 | 00,002,931 | ---- | C] () -- C:\WINDOWS\WIN.INI
[2001/08/23 13:00:00 | 00,000,635 | ---- | C] () -- C:\WINDOWS\SYSTEM.INI
[2001/07/07 04:00:00 | 00,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2001/04/03 17:56:48 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\HPFPNP.DLL
[2001/03/05 18:23:34 | 00,036,352 | ---- | C] () -- C:\WINDOWS\UTHUNK32.DLL
[2000/05/26 18:08:44 | 00,047,104 | ---- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL
[2000/02/07 14:15:45 | 00,150,016 | ---- | C] () -- C:\WINDOWS\crlasp95.dll
[2000/02/02 16:04:54 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[2000/02/02 16:04:48 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1999/11/22 09:45:29 | 00,210,944 | ---- | C] () -- C:\WINDOWS\MSVCRT10.DLL
[1999/11/22 09:45:29 | 00,056,832 | ---- | C] () -- C:\WINDOWS\UCM_16.DLL
[1999/11/22 09:45:29 | 00,049,152 | ---- | C] () -- C:\WINDOWS\UCM_32.DLL
[1999/11/22 09:45:28 | 00,433,680 | ---- | C] () -- C:\WINDOWS\VSTASCAN.DLL
[1999/11/22 09:45:28 | 00,131,264 | ---- | C] () -- C:\WINDOWS\KCME0.DLL
[1999/11/22 09:45:28 | 00,098,236 | ---- | C] () -- C:\WINDOWS\KCME1.DLL
[1999/11/22 09:45:28 | 00,097,914 | ---- | C] () -- C:\WINDOWS\32KCME0.DLL
[1999/11/22 09:45:28 | 00,096,256 | ---- | C] () -- C:\WINDOWS\KPAPI.DLL
[1999/11/22 09:45:28 | 00,093,184 | ---- | C] () -- C:\WINDOWS\KPAPI32.DLL
[1999/11/22 09:45:28 | 00,070,548 | ---- | C] () -- C:\WINDOWS\KPMON.DLL
[1999/11/22 09:45:28 | 00,050,176 | ---- | C] () -- C:\WINDOWS\KPCP.DLL
[1999/11/22 09:45:28 | 00,017,920 | ---- | C] () -- C:\WINDOWS\VS32.DLL
[1999/11/22 09:45:28 | 00,017,920 | ---- | C] () -- C:\WINDOWS\KCMS_SYS.DLL
[1999/11/22 09:45:28 | 00,011,280 | ---- | C] () -- C:\WINDOWS\VS16.DLL
[1999/11/22 09:45:27 | 00,234,512 | ---- | C] () -- C:\WINDOWS\UDEPP16.DLL
[1999/11/22 09:45:26 | 00,023,552 | ---- | C] () -- C:\WINDOWS\VSCLI32.DLL
[1999/11/22 09:45:26 | 00,019,456 | ---- | C] () -- C:\WINDOWS\UMAX_CLI.DLL
[1999/11/18 14:27:16 | 00,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[1999/11/18 14:21:34 | 00,112,688 | ---- | C] () -- C:\WINDOWS\System32\SHW32.DLL
[1999/11/12 12:29:43 | 00,017,408 | ---- | C] () -- C:\WINDOWS\UnInstall.dll
[1999/07/23 14:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini
[1999/07/23 11:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll
[1999/01/22 19:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1980/01/01 01:00:00 | 00,222,390 | ---- | C] () -- C:\WINDOWS\IO.SYS
[1980/01/01 01:00:00 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\MEMBG.DLL
[1980/01/01 01:00:00 | 00,000,007 | ---- | C] () -- C:\WINDOWS\MSDOS.SYS

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[12 C:\WINDOWS\*.tmp files]
[2009/06/30 09:35:01 | 00,000,331 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2009/06/30 09:34:49 | 00,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/06/30 09:34:29 | 00,011,954 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2009/06/30 09:34:07 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/30 09:34:05 | 00,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2009/06/30 08:49:28 | 00,002,568 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/06/30 08:49:20 | 00,002,549 | ---- | M] () -- C:\Documents and Settings\Test\Desktop\CorelDRAW X3.lnk
[2009/06/30 08:23:28 | 00,002,489 | ---- | M] () -- C:\Documents and Settings\Test\Desktop\FastManager.lnk
[2009/06/25 11:49:03 | 00,000,281 | ---- | M] () -- C:\WINDOWS\System32\Trbininterface.ini
[2009/06/25 11:49:03 | 00,000,281 | ---- | M] () -- C:\WINDOWS\System32\bininterface.ini
[2009/06/25 11:09:18 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Test\Desktop\HJTInstall.exe
[2009/06/22 17:35:40 | 00,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/06/22 17:26:45 | 00,001,738 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2009/06/22 15:34:46 | 00,000,778 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TweakNow RegCleaner.lnk
[2009/06/19 08:06:27 | 03,686,454 | ---- | M] () -- C:\WINDOWS\wallpaper.bmp
[2009/06/18 15:52:23 | 80,530,6368 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/06/17 17:50:02 | 00,002,931 | ---- | M] () -- C:\WINDOWS\WIN.INI
[2009/06/17 17:50:02 | 00,001,878 | ---- | M] () -- C:\WINDOWS\WINZIP32.INI
[2009/06/17 11:27:56 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/17 11:27:44 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/16 16:48:46 | 04,319,458 | -H-- | M] () -- C:\Documents and Settings\Test\Local Settings\Application Data\IconCache.db
[2009/06/12 08:04:27 | 00,379,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/06/11 18:01:40 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/06/10 06:00:54 | 00,068,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\sbbd.exe
[2009/06/01 14:28:56 | 00,098,024 | ---- | M] () -- C:\Documents and Settings\Test\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/06/01 14:16:44 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/06/01 13:24:59 | 00,000,729 | ---- | M] () -- C:\Documents and Settings\Test\Start Menu\Programs\Startup\Secunia PSI.lnk
[2009/06/01 11:51:12 | 23,635,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

========== LOP Check ==========

[2009/06/30 09:30:21 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/10/04 12:24:12 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{101CEB38-EB1F-4487-8308-EF431174FBB0}
[2007/03/08 18:22:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{1A6E2773-3F02-4D0C-84B7-FDC9D08D5E56}
[2006/10/11 10:51:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{427AC175-E3C6-475F-A606-39F049F75179}
[2007/01/24 13:44:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{529FE8BA-D3D1-4F0D-91A1-A196102A4E8C}
[2006/11/08 17:00:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{614BC858-2826-4467-8984-B0F963F2FA84}
[2007/01/12 17:03:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7687B166-1669-44E8-9615-567E0CF711AD}
[2006/09/14 17:18:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{A49C5BD7-28C2-413F-A907-FB345AD05292}
[2006/08/16 17:35:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{AAD5D5D4-78DF-4BEF-9198-31803B433B2C}
[2006/09/05 08:51:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D6FDFB5A-DA29-488D-BF85-CA13BA8A5F8C}
[2007/12/20 18:55:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2005/11/01 14:42:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bitstream Font Navigator
[2007/11/16 17:55:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CardScan
[2009/05/26 16:03:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Linksys
[2005/12/30 15:54:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2009/06/30 09:30:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/06/22 15:34:32 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Test\Application Data
[2008/11/19 18:05:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Test\Application Data\AMPSoft
[2009/01/22 15:50:29 | 00,000,000 | R--D | M] -- C:\Documents and Settings\Test\Application Data\Brother
[2008/07/30 08:52:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Test\Application Data\CardScan
[2008/05/23 16:12:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Test\Application Data\Corel
[2008/07/10 10:27:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Test\Application Data\My Sam's Club Digital Photo Center
[2009/06/24 15:01:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Test\Application Data\OpenOffice.org2
[2009/06/22 15:34:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Test\Application Data\TweakNow RegCleaner
[2009/05/19 14:07:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Test\Application Data\Uniblue
[2009/06/01 14:16:44 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2002/07/01 15:53:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/06/30 09:34:07 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========


< End of report >


My computer is running a little better. I am running windows firewall.

Here is the OTL extras log... sorry I forgot to put it on the last post.



OTL Extras logfile created on: 6/30/2009 10:14:07 AM - Run 1
OTL by OldTimer - Version 3.0.5.3 Folder = C:\A Files\computer fix
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.49 Mb Total Physical Memory | 527.69 Mb Available Physical Memory | 51.56% Memory free
1.65 Gb Paging File | 1.35 Gb Available in Paging File | 81.71% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 34.43 Gb Free Space | 46.20% Space Free | Partition Type: NTFS
Drive D: | 501.61 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 149.05 Gb Total Space | 134.98 Gb Free Space | 90.56% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
Drive H: | 111.79 Gb Total Space | 18.27 Gb Free Space | 16.34% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive M: | 232.88 Gb Total Space | 34.63 Gb Free Space | 14.87% Space Free | Partition Type: NTFS

Computer Name: COREL
Current User Name: Test
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
C:\WWRIP\WWRIP.EXE:*:Enabled:wwrip ()
%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 (Microsoft Corporation)
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe ()
C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe (Hewlett-Packard Development Company, L.P.)
C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe (Hewlett-Packard)
C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe ( )
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe (Hewlett-Packard Development Company, L.P.)
C:\WINDOWS\LMI1F4.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue File not found
C:\WINDOWS\LMI213.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue File not found
C:\Documents and Settings\Test\Local Settings\Temp\7zS3B3.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{03261EAA-89BD-4BCB-9DC9-B34E41B9E0CC}" = VIPRE Antivirus + Antispyware
"{072D2077-9E22-4F7F-B817-A92CA6CCC843}" = iriver Music Manager
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{0A55CDBB-0566-4AA2-A15B-24C7F27C6FF4}" = BPD_Scan
"{12B2A6DE-AC89-464A-9CAF-01EAF3C5807C}" = OpenOffice.org 2.4
"{138BD312-3557-40F8-BC5E-6DFF00A6880D}" = BPDSoftware_Ini
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{17E81C48-407E-499f-A105-1B49ACDB9BA4}" = ProductContext
"{1B4AA674-F5CA-4BB5-831A-CD37B4021959}" = ImageMixer for Sony
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{26BB11D7-36D1-49ee-986F-8F8AD4D051C8}" = L7600
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java™ 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{32A72502-BC2C-4C39-ACEA-BC3D463F0697}" = EN
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35F768BD-330E-4A2C-89C5-A38B588AF08D}" = Canon PIXMA iP6000D Memory Card Utility
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Acronis True Image Home
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{48C5C035-9B6C-4203-BD0D-BA3AE4DE5B34}" = CardScan 8.0
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4AE80E7B-6633-4046-9C15-D3B281C4F73D}" = BPDSoftware
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{63218538-4A69-497F-8455-904261B0E9E4}" = CorelDRAW Graphics Suite X3
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6DE9751D-3FFE-400E-8761-26A92DB734DE}" = BPD_HPSU
"{6E066C73-EECD-46EC-93B6-D31F2ABD9007}" = Magellan RoadMate Manager North America
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7729A02E-D1AD-4830-8FC5-11853500D90D}" = HP Officejet Pro All-In-One Series
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{809987B2-F964-11D4-A1A5-00104BD190B1}" = QuickBooks Pro 2002
"{830C07EC-6123-4F0D-92D4-F5E5DDCE0D32}" = T-Quoter
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{865F91EF-9EA0-486F-88E8-E5C1E3B4AE93}" = Brother HL-2140
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A367C28-423C-48E2-8C76-EBA1171F932A}" = Adobe Photoshop Album 2.0
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8C045626-4496-4238-B3B8-394CC6D46427}" = 7500_7600_7700_Help
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{91793EA9-4AA4-4AC4-9AAF-3A6E15FBA723}" = FastManager
"{A06A0200-C61D-11D4-B7BE-000102A308F0}" = System Agent
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = BPDfax
"{D48AD533-BAD5-469B-A9AA-272C6D80E70B}" = MPM
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DCB63CEC-C6A3-4963-A5D0-6C03EE0CC08F}" = CardScan 6.0.6
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Avance AC'97 Audio
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Illustrator 9.0" = Adobe Illustrator 9.0
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AMP Font Viewer" = AMP Font Viewer
"CANONBJ_Deinstall_CNMCP69.DLL" = Canon PIXMA iP6000D
"CM999" = Corel Magazine Archive 97
"Corel Applications" = Corel Applications
"Corel Uninstaller" = Corel Uninstaller
"Creative Launcher" = Creative Launcher
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"Extensis PhotoFrame 2.0" = Extensis PhotoFrame 2.0
"FastFilms 2.04" = FastFilms 2.04
"FastFilms 3.0 Upgrade" = FastFilms 3.0 Upgrade
"FastFilms 3.5" = FastFilms Uninstaller
"FastManager Updates" = FastManager Updates
"God Bless America" = God Bless America
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"IntelliPoint" = Microsoft IntelliPoint
"iolo Search and Recover" = iolo Search and Recover
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MasterClips Browser" = MasterClips Browser
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Mixman Studio Pro" = Mixman Studio Pro
"MLUpdater" = iRiver Updater
"MSN Music Assistant" = MSN Music Assistant
"MVApplication1" = SureThing CD Labeler - Stomper Edition 32 bit
"MVApplication2" = SureThing CD Labeler
"MWASPI" = MicroStaff WINASPI
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Netscape Communicator 4.7" = Netscape Communicator 4.7
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OLYMPUS CAMEDIA Master 2.0" = OLYMPUS CAMEDIA Master 2.01
"PC Authorize" = PC Authorize
"Rainbow Sentinel Driver" = Sentinel System Driver
"RealPlayer 6.0" = RealPlayer G2
"Secunia PSI" = Secunia PSI
"Sound Blaster Live! Value" = Sound Blaster Live! Value
"SupraMax 56i Voice PCI" = SupraMax 56i Voice PCI
"SystemRequirementsLab" = System Requirements Lab
"T-Quoter" = T-Quoter
"TweakNow RegCleaner_is1" = TweakNow RegCleaner
"VIA PCI IRQ Routing Miniport Driver - V1.3A" = VIA PCI IRQ Routing Miniport Driver - V1.3A
"ViewpointMediaPlayer" = Viewpoint Media Player
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"Wasatch" = Wasatch SoftRIP
"Windows" = Windows XP Uninstall
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"Worms2" = Worms2
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/17/2009 2:27:29 PM | Computer Name = COREL | Source = Application Hang | ID = 1002
Description = Hanging application mshta.exe, version 7.0.5730.11, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 6/22/2009 2:28:00 PM | Computer Name = COREL | Source = Application Hang | ID = 1002
Description = Hanging application FastManager.exe, version 2008.0.0.28, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/22/2009 2:28:01 PM | Computer Name = COREL | Source = Application Hang | ID = 1002
Description = Hanging application FastManager.exe, version 2008.0.0.28, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/22/2009 2:29:24 PM | Computer Name = COREL | Source = Application Hang | ID = 1002
Description = Hanging application T-Quoter.exe, version 2.18.3197.39521, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/22/2009 4:27:14 PM | Computer Name = COREL | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.5512, faulting
module srrstr.dll, version 5.1.2600.5512, fault address 0x000099c2.

Error - 6/22/2009 4:27:24 PM | Computer Name = COREL | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 6/22/2009 4:32:11 PM | Computer Name = COREL | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/25/2009 12:04:00 PM | Computer Name = COREL | Source = Application Hang | ID = 1002
Description = Hanging application FastManager.exe, version 2008.0.0.28, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/25/2009 1:34:15 PM | Computer Name = COREL | Source = Application Hang | ID = 1002
Description = Hanging application FastManager.exe, version 2008.0.0.28, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 6/25/2009 1:44:56 PM | Computer Name = COREL | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.16850, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

ectexas,

Please go to Start Menu > Control Panel > Add/ Remove Programs
Scroll Down and locate the following programs:

• Viewpoint, ViewpointMediaPlayer or Viewpoint Manager
• Java™ 6 Update 3
• Java™ 6 Update 4
• Java™ 6 Update 7
  

Select each one of the programs, then select remove.
(if the program is not listed don't be alarmed, just continue)

Exit the Control Panel when finished

Reboot your computer once all Java components are removed.

- - - - - Next - - - - -

Your Java is out of date.

Java™ 6 can be updated from the Java Control Panel.
Go Start > Control Panel (Classic View) > Java (looks like a coffee cup) > Update Tab > Update Now.
An update should begin; follow the prompts.

- - - - - Next - - - - -

Run OTL.exe

• Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
  
  
  CODE
  :OTL
  PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
  IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
  O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
  O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
  O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_04)
  O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
  O24 - Desktop Components:0 (My Current Home Page) - About:Home
  
  :Reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  "{3248F0A8-6813-11D6-A77B-00B0D0160030}"=-
  "{3248F0A8-6813-11D6-A77B-00B0D0160040}"=-
  "{3248F0A8-6813-11D6-A77B-00B0D0160070}"=-
  "ViewpointMediaPlayer"=-
  
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]
  
  
• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done
• Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

- - - - - Next - - - - -

Reboot, on your next post please provide the following:

• New OTL log (refer to previous post for directions, if necessary)
• Tell me how your computer is running at the moment.

Here is the OTL Log

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O24 - Desktop Components:0 (My Current Home Page) - About:Home

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{3248F0A8-6813-11D6-A77B-00B0D0160030}"=-
"{3248F0A8-6813-11D6-A77B-00B0D0160040}"=-
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=-
"ViewpointMediaPlayer"=-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

My computer is running a little better. I am still getting error messages in my production software (fastmanager) but overall my computer is running better. Yesterday for some reason it started freaking out, jumping around inside any program, but after unpluging my usb mouse and pluging it back in it stopped.

My bad... I posted the wrong log.. here's the right one

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\msn.com\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0\ deleted successfully.
File About:Home not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{3248F0A8-6813-11D6-A77B-00B0D0160030} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3248F0A8-6813-11D6-A77B-00B0D0160030}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{3248F0A8-6813-11D6-A77B-00B0D0160040} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3248F0A8-6813-11D6-A77B-00B0D0160040}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{3248F0A8-6813-11D6-A77B-00B0D0160070} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3248F0A8-6813-11D6-A77B-00B0D0160070}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\ViewpointMediaPlayer not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 16786 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: Rick
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Test
->Temp folder emptied: 27033650 bytes
->Temporary Internet Files folder emptied: 288921816 bytes
->Java cache emptied: 7720544 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\LMI212.tmp folder deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 4154938 bytes
%systemroot%\System32 .tmp files removed: 413561 bytes
Windows Temp folder emptied: 1076459663 bytes
Session Manager Temp folder emptied: 0 bytes
Session Manager Tmp folder emptied: 0 bytes

RecycleBin emptied: 73661 bytes

Total Files Cleaned = 1339.81 mb

Error: Unable to interpret <[start explorer]> in the current context!

OTL by OldTimer - Version 3.0.5.3 log created on 07022009_083643

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

ectexas,

QUOTE

I am still getting error messages in my production software (fastmanager) but overall my computer is running better. Yesterday for some reason it started freaking out, jumping around inside any program, but after unpluging my usb mouse and pluging it back in it stopped.

Your production software might need to be reinstalled.

As far as your mouse:

• Wireless: Check the batteries.
• Corded with a light sensor:might require cleaning.
• Corded with ball roller:remove ball and clean contacts

- - - - - Next - - - - -

Please re-run the: Eset Online Scanner
(You will need Internet Explorer to run this scan)

• Place a check mark in the box YES, I accept the Terms Of Use
• Click the Start button.
• Now click the Install button.
• Click Start. The scanner engine will initialize and update.
• Place a check mark in the box beside Remove found threats.
• Click the Scan button. The scan will now run, please be patient.
• When the scan finishes click the Details tab.
• Copy and paste the contents of the C:\ProgramFiles\EsetOnlineScanner\log.txt into your next reply.

- - - - - Next - - - - -

• Please re-run OTL (it should still be on your desktop)
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Check the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
  Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
  You may need two posts to fit them both in.

- - - - - Next - - - - -

Reboot, on your next post please provide the following:

• ESET log.txt
• OTL logs OTL.Txt and Extras.Txt
• Tell me how your computer is running at the moment.

Hello ectexas,

It's been a few days, I was just checking to see if you still needed assistance?

Due to inactivity this topic will be closed.
If you need help please start a new thread and post a new HJT log