My HijackThis Log

[Kathleen]

It is taking forever to start using my computer every morning.  I use Outlook Express for emails, and it will take several minutes for the email to pull up. This happened many years ago, to the point where I just went out and bought a new CPU so that I could work at home. It is happening again, so before it gets slower, maybe I can clean it up.

After the several minutes for Outlook Express to begin working, my next wait is opening up any IE window. It, too, is extremely slow to load up.  Now, my keyboard is lagging, and I'm having to do alot of backspacing because not all the keys are being recorded.  (nothing has spilled on it...it just seems really stiff and loud) (As I wait for Outlook to work, there is a small white box in the upper left corner that appears if I click anything)

I am a full time eBay seller, using PaperPort and Adobe Photoshop Elements 2.0 quite often.  After 4 hours of working, I have to restart my computer because it starts to slow down. Is this normal? I'm going between four windows, Outlook Express, eBay, PaperPort & Adobe Photoshop, when this happens.

I'm also wanting to stop so many programs from starting up when I turn my computer on. Any help on how to stop unwanted programs from opening are appreciated. I dont want to necessarily delete the programs, I just dont want them automatically starting up and slowing my other processes down.

Any input and help is much appreciated!

Here is my hijackthis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:38:50 PM, on 6/20/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Wireless LAN Utility\WlanUtility.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.swagbucks.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {4219427b-0228-4356-a78b-eb7668d37d07} - C:\Program Files\InboxDollars\Helper.dll
N3 - Netscape 7: # Mozilla User Preferences

/* Do not edit this file.
 *
 * If you make changes to this file while the browser is running,
 * the changes will be overwritten when the browser exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 * For more information, see http://www.mozilla.org/unix/customizing.html#prefs
 */

user_pref("aim.session.firsttime", false);
user_pref("browser.activation.checkedNNFlag", true);
user_pref("browser.bookmarks.added_static_root", true);
user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src");
user_pref("browser.startup.homepage", "http://yahoo.sbc.com/dsl");
user_pref("dom.disable_open_during_load", true);
user_pref("intl.charsetmenu.browser.cache", "ISO-8859-1");
user_pref("network.cookie.prefsMigrated", true);
user_pref("prefs.converted-to-utf8", true);
user_pref("privacy.popups.first_popup", false);
user_pref("security.warn_submit_insecure", false);
user_pref
N3 - Netscape 7: # Mozilla User Preferences

/* Do not edit this file.
 *
 * If you make changes to this file while the browser is running,
 * the changes will be overwritten when the browser exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 * For more information, see http://www.mozilla.org/unix/customizing.html#prefs
 */

user_pref("aim.session.firsttime", false);
user_pref("browser.activation.checkedNNFlag", true);
user_pref("browser.bookmarks.added_static_root", true);
user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src");
user_pref("browser.startup.homepage", "http://yahoo.sbc.com/dsl");
user_pref("dom.disable_open_during_load", true);
user_pref("intl.charsetmenu.browser.cache", "ISO-8859-1");
user_pref("network.cookie.prefsMigrated", true);
user_pref("prefs.converted-to-utf8", true);
user_pref("privacy.popups.first_popup", false);
user_pref("security.warn_submit_insecure", false);
user_pref
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\common\ycomp5_1_6_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: FCTBPos00Pos - {6FFB615D-E8CE-4ADD-8D9F-31C4BE9C26E4} - C:\Program Files\InboxDollars\Toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\common\ycomp5_1_6_0.dll
O3 - Toolbar: InboxDollars - {47980628-3844-42AA-A0DD-E2D86BBA9600} - C:\Program Files\InboxDollars\Toolbar.dll
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [*vbinfo] C:\WINDOWS\Cursors\vbinfo.exe
O4 - HKLM\..\Run: [*diskodbc] C:\WINDOWS\addins\diskodbc.exe
O4 - HKLM\..\Run: [*adtcp] C:\WINDOWS\java\Packages\adtcp.exe
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Wireless Lan Utility.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.com/SnapfishActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqcpc/downloads/msxml4.cab
O16 - DPF: {8C42D15B-D8C2-40AD-9A06-3F27F58AE33E} - http://www.search-climbers.com/download/uninstall/KeywordsUnInst.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
O16 - DPF: {C7B05B62-C8D7-438C-840B-4994DAAA8EEE} - http://webpdp.gator.com/v3/download/pdpplugin5094_hd3ptdmgainads.cab
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E62A47D8-74B1-4A93-963A-E5E43B7CC5C2} (UCSearch.ucUCSearch) - http://www.zuvio.com/UCSearch.CAB
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.Email Removed/downloads/aol/unagi/ampx_en_dl.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 14184 bytes

[guestolo]

Hi Kathleen, and welcome
Could you do the following please

Download [color="#FF0000"]OTL.exe[/color][/url] by OldTimer to your Desktop.

• Double click on OTL.exe to run it
• Click Run Scan and let the program run uninterrupted.
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.

[Kathleen]

This is the popup OTL.txt log:

OTL logfile created on: 6/21/2011 9:11:24 AM - Run 1
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Documents and Settings\Owner\My Documents\download
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
511.36 Mb Total Physical Memory | 224.00 Mb Available Physical Memory | 43.80% Memory free
1.47 Gb Paging File | 0.92 Gb Available in Paging File | 62.58% Paging File free
Paging file location(s): C:\pagefile.sys 1024 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.34 Gb Total Space | 50.44 Gb Free Space | 46.99% Space Free | Partition Type: NTFS
Drive D: | 4.43 Gb Total Space | 0.69 Gb Free Space | 15.58% Space Free | Partition Type: FAT32
 
Computer Name: KATHLEEN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/06/21 09:01:49 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\download\OTL.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccsvchst.exe
PRC - [2010/04/12 10:13:08 | 000,142,336 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2008/06/19 10:32:20 | 001,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/09 19:06:33 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/03/12 19:30:14 | 000,517,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/01/04 16:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
PRC - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
PRC - [2002/12/18 15:05:12 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2002/10/08 02:41:46 | 000,217,088 | ---- | M] () -- C:\Program Files\Wireless LAN Utility\WlanUtility.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/06/21 09:01:49 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\download\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe -- (NAV)
SRV - [2010/04/12 10:13:08 | 000,142,336 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2008/08/04 11:20:16 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/06/19 10:32:20 | 001,245,064 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/02/09 19:06:33 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/03/12 19:30:14 | 000,517,768 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () [Auto | Running] -- C:\Program Files\Softex\OmniPass\omniServ.exe -- (omniserv)
SRV - [2002/12/18 15:05:12 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2002/11/14 10:09:14 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/06/02 20:08:20 | 000,355,256 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20110615.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/05/27 13:36:01 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110620.038\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/05/27 13:36:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110620.038\NAVENG.SYS -- (NAVENG)
DRV - [2011/05/19 14:37:06 | 000,810,616 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20110616.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/05/15 12:23:53 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/15 12:23:53 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/05/15 12:23:28 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/03/30 22:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1206000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 22:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1206000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 19:39:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1206000.01D\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/03/14 21:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1206000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 01:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1206000.01D\SYMDS.SYS -- (SymDS)
DRV - [2011/01/27 00:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1206000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2010/05/06 17:37:24 | 000,020,504 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hppcbulkio.sys -- (HPFXBULKLEDM)
DRV - [2006/09/07 16:19:02 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/03/13 00:13:22 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/10/01 11:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/04 00:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/04 00:29:51 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/04/13 19:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2003/11/13 20:25:26 | 000,391,680 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/03/08 00:13:22 | 000,624,369 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/02/26 21:19:50 | 000,260,736 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/02/22 21:55:26 | 000,141,824 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2002/12/27 13:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/12/25 00:09:48 | 000,030,848 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/12/18 15:02:46 | 000,019,140 | ---- | M] (America Online) [Kernel | On_Demand | Stopped] -- C:\Program Files\America Online 8.0\atwpkt2.sys -- (ATWPKT2)
DRV - [2002/12/18 15:00:38 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/01 09:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/09/06 20:24:00 | 000,013,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2001/06/04 15:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.swagbucks.com/
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {4219427b-0228-4356-a78b-eb7668d37d07} - C:\Program Files\InboxDollars\Helper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2011/05/16 14:43:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2010/12/12 22:55:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2011/06/20 12:43:33 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2004/07/11 19:35:08 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\common\ycomp5_1_6_0.dll (Yahoo! Inc.)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (InboxDollars BHO) - {6FFB615D-E8CE-4ADD-8D9F-31C4BE9C26E4} - C:\Program Files\InboxDollars\Toolbar.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (InboxDollars) - {47980628-3844-42AA-A0DD-E2D86BBA9600} - C:\Program Files\InboxDollars\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\common\ycomp5_1_6_0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Search) - {40D41A8B-D79B-43D7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (America Online, Inc)
O3 - HKCU\..\Toolbar\WebBrowser: (InboxDollars) - {47980628-3844-42AA-A0DD-E2D86BBA9600} - C:\Program Files\InboxDollars\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\common\ycomp5_1_6_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [*adtcp]  File not found
O4 - HKLM..\Run: [*diskodbc]  File not found
O4 - HKLM..\Run: [*vbinfo]  File not found
O4 - HKLM..\Run: [PRISMSVR.EXE]  File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched]  File not found
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Lan Utility.lnk = C:\Program Files\Wireless LAN Utility\WlanUtility.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AIM Search - C:\Program Files\AIM Toolbar\AIMBar.dll (America Online, Inc)
O8 - Extra context menu item: Yahoo! Dictionary - C:\Program Files\Yahoo!\Common [2006/12/24 01:41:43 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! Search - C:\Program Files\Yahoo!\Common [2006/12/24 01:41:43 | 000,000,000 | ---D | M]
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_25.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll (Yahoo! Inc.)
O9 - Extra Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab (SysData Class)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab (EPUImageControl Class)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} http://ipgweb.cce.hp.com/rdqcpc/downloads/msxml4.cab (XML DOM Document 4.0)
O16 - DPF: {8C42D15B-D8C2-40AD-9A06-3F27F58AE33E} http://www.search-climbers.com/download/uninstall/KeywordsUnInst.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yahoo.com/dl/installs/ymail/ymmapi.dll (YahooYMailTo Class)
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} http://download.microsoft.com/download/PowerPoint2002/Install/10.0.2609/WIN98MeXP/EN-US/msorun.cab (IEAnimBehaviorFactory Class)
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://download.yahoo.com/dl/installs/yab_af.cab (YAddBook Class)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {C7B05B62-C8D7-438C-840B-4994DAAA8EEE} http://webpdp.gator.com/v3/download/pdpplugin5094_hd3ptdmgainads.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab (PhotosCtrl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E62A47D8-74B1-4A93-963A-E5E43B7CC5C2} http://www.zuvio.com/UCSearch.CAB (UCSearch.ucUCSearch)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.Email Removed/downloads/aol/unagi/ampx_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\OPXPGina: DllName - C:\Program Files\Softex\OmniPass\opxpgina.dll - C:\Program Files\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/04/10 00:19:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 04:02:32 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/06/20 13:33:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/06/20 13:33:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\HiJackThis
[2011/06/15 17:04:20 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011/06/01 10:38:56 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/06/21 05:42:24 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/21 05:40:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/21 05:39:31 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2011/06/21 05:39:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/20 14:30:35 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2011/06/20 13:33:16 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HiJackThis.lnk
[2011/06/20 10:17:14 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2011/06/20 06:29:14 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/06/19 19:35:15 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2011/06/16 14:12:38 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/06/16 09:29:43 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/05/30 17:19:48 | 005,964,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2011/05/24 05:56:33 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/06/20 13:33:16 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HiJackThis.lnk
[2011/05/24 05:56:33 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2011/01/31 22:23:59 | 000,002,352 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/17 15:20:04 | 000,000,024 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/01/17 15:03:12 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2010/11/10 07:06:07 | 000,045,884 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/10/20 17:21:21 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/10/11 17:21:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/15 19:30:53 | 000,031,728 | ---- | C] () -- C:\Program Files\Blockbuster Angleton Job 2805920 (168 x 600).jpg
[2010/08/15 19:29:02 | 000,031,728 | ---- | C] () -- C:\Program Files\Blockbuster Job 2805920 (168 x 600).jpg
[2009/09/16 12:44:52 | 000,003,235 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2008/03/28 08:21:56 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2007/09/12 22:06:14 | 000,000,117 | ---- | C] () -- C:\WINDOWS\NavWin.INI
[2007/09/12 22:04:03 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\free_res.exe
[2007/09/12 22:04:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\G32_TICK.DLL
[2007/09/12 22:04:02 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\G32_rkey.dll
[2007/05/21 21:05:57 | 000,002,197 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/22 15:18:28 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2005/08/19 20:06:35 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/02/06 22:23:00 | 000,105,168 | ---- | C] () -- C:\WINDOWS\NSUninst.exe
[2005/02/06 22:22:40 | 000,105,168 | ---- | C] () -- C:\WINDOWS\GREUninstall.exe
[2005/02/06 22:22:38 | 000,009,574 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/02/06 10:59:32 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/02/06 10:59:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/11/17 17:37:42 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2004/10/06 17:09:29 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/11 16:39:21 | 000,116,134 | ---- | C] () -- C:\WINDOWS\System32\datastore.dll
[2004/07/11 16:39:15 | 000,000,627 | ---- | C] () -- C:\WINDOWS\sepsd.bin
[2004/06/28 18:39:26 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2004/04/20 09:38:16 | 000,000,398 | ---- | C] () -- C:\WINDOWS\System32\master.dll
[2004/03/08 11:03:51 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL709.xml
[2004/03/08 10:44:35 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL184.xml
[2004/03/08 08:37:14 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL625.xml
[2004/03/08 08:36:37 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL771.xml
[2004/03/08 08:36:03 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL584.xml
[2004/03/08 08:34:38 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL30.xml
[2004/03/04 09:16:36 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\updaterinstall.dat
[2004/01/26 10:28:43 | 000,003,149 | ---- | C] () -- C:\Program Files\Common Files\remove_tools.html
[2003/11/22 19:49:34 | 002,219,998 | -H-- | C] () -- C:\WINDOWS\System32\kyf.dat
[2003/10/21 12:42:03 | 000,000,142 | ---- | C] () -- C:\WINDOWS\urls.dat
[2003/10/10 20:06:39 | 000,000,401 | ---- | C] () -- C:\WINDOWS\Belt.ini
[2003/08/25 11:55:55 | 000,004,665 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2003/07/25 09:12:05 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/07/11 15:56:08 | 001,294,336 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2A6.dll
[2003/07/11 15:56:08 | 001,228,800 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M5.dll
[2003/07/11 15:56:08 | 001,105,920 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P6.dll
[2003/07/11 15:56:07 | 001,261,568 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M6.dll
[2003/07/11 15:56:07 | 001,052,672 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P5.dll
[2003/07/11 15:55:37 | 000,000,002 | ---- | C] () -- C:\WINDOWS\PhotoSuite.ini
[2003/07/11 15:55:32 | 001,093,632 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2PX.dll
[2003/07/11 15:55:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\JPEGLIB.DLL
[2003/07/11 15:55:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\EnrouteStitch.dll
[2003/07/11 15:55:32 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2.dll
[2003/07/11 15:55:31 | 000,332,800 | ---- | C] () -- C:\WINDOWS\System32\FPXLIB.DLL
[2003/07/11 15:31:38 | 000,001,056 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2003/07/11 15:31:38 | 000,000,090 | ---- | C] () -- C:\WINDOWS\calera.ini
[2003/07/11 15:31:32 | 000,269,312 | ---- | C] () -- C:\WINDOWS\System32\FPXIG.DLL
[2003/07/11 15:31:32 | 000,068,096 | ---- | C] () -- C:\WINDOWS\System32\IGFPX32P.DLL
[2003/07/11 15:31:32 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\JPEGACC.DLL
[2003/07/11 15:31:16 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\WELSOF32.DLL
[2003/07/08 17:22:34 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003/07/06 22:40:14 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PFP100JPR.{PB
[2003/07/06 22:40:14 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PFP100JCM.{PB
[2003/07/05 23:32:50 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\CPUINF32.DLL
[2003/04/10 06:35:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/04/10 06:34:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2003/04/10 06:21:36 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2003/04/10 03:51:07 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2003/04/10 03:51:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2003/04/10 02:06:10 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2003/04/10 02:04:00 | 000,090,112 | R--- | C] () -- C:\WINDOWS\bwUnin-6.2.3.66.exe
[2003/04/10 02:03:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/04/10 02:03:38 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/04/10 01:57:15 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2003/04/10 01:57:04 | 000,000,621 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/04/10 01:16:44 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/04/10 01:06:59 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis740.bin
[2003/04/10 01:06:59 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis650.bin
[2003/04/10 00:44:58 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/04/10 00:44:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/04/10 00:44:29 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/04/10 00:23:21 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/04/10 00:21:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003/04/10 00:16:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003/04/10 00:05:45 | 000,000,659 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/04/10 00:05:26 | 000,434,138 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/04/10 00:05:26 | 000,068,042 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/04/09 17:10:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/04/09 17:09:25 | 000,220,040 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/03/19 18:50:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/11/14 10:09:12 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2002/11/14 10:08:26 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat
[2002/05/24 10:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2002/05/24 10:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2001/01/03 08:38:54 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/01/03 08:38:53 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/01/03 08:38:32 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/01/03 08:38:19 | 000,177,069 | ---- | C] () -- C:\WINDOWS\System32\mslink32.dat
[2001/01/03 08:38:19 | 000,000,134 | ---- | C] () -- C:\WINDOWS\System32\mslib.dat
[2001/01/03 08:11:26 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/01/03 08:11:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/01/03 08:11:23 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/01/03 08:11:19 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/01/03 08:11:14 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

< End of report >

[Kathleen]

Many thanks for your time in helping me figure out the reason for it being so slow.  If you have any tips on cleaning up my computer, please let me know.
I'm going to be moving my PaperPort images to a CD, so hopefully that clears up some slowness. (Would all the images even make the CPU slow?)

Thanks!
Kathleen


This is the Extras.Txt Log:

OTL Extras logfile created on: 6/21/2011 9:11:24 AM - Run 1
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Documents and Settings\Owner\My Documents\download
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
511.36 Mb Total Physical Memory | 224.00 Mb Available Physical Memory | 43.80% Memory free
1.47 Gb Paging File | 0.92 Gb Available in Paging File | 62.58% Paging File free
Paging file location(s): C:\pagefile.sys 1024 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.34 Gb Total Space | 50.44 Gb Free Space | 46.99% Space Free | Partition Type: NTFS
Drive D: | 4.43 Gb Total Space | 0.69 Gb Free Space | 15.58% Space Free | Partition Type: FAT32
 
Computer Name: KATHLEEN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"c:\Program Files\Yahoo!\Messenger\YPager.exe" = c:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger
"c:\Program Files\Yahoo!\Messenger\yserver.exe" = c:\Program Files\Yahoo!\Messenger\yserver.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger
"C:\Program Files\Real\RealOne Player\realplay.exe" = C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
"F:\INSTALLER\HPBCSIINSTALLER.EXE" = F:\INSTALLER\HPBCSIINSTALLER.EXE:*:Enabled:HP Networked Printer Installer
"C:\Program Files\InboxDollars\TroubleShooter.exe" = C:\Program Files\InboxDollars\TroubleShooter.exe:*:Enabled:InboxDollars (Helper) -- (FreeCause Inc.)
"C:\Program Files\InboxDollars\ToolbarUpdate.exe" = C:\Program Files\InboxDollars\ToolbarUpdate.exe:*:Enabled:InboxDollars (Update) -- (FreeCause Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{14589F05-C658-4594-9429-D437BA688686}" = IntelliMover Data Transfer Demo
"{229D6185-BD7E-494B-A73B-C5215BE0690E}" = HPLJUT
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 25
"{29D88826-2AB9-11D5-8854-00902761A46D}" = WordPerfect Productivity Pack
"{2A267BC6-F77F-4DD4-825F-7AEB1F68B4B1}" = HpSdpAppCoreApp
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E90FA5-2CB4-4039-A8BB-BE1B9DB94E21}" = HP Memories Disc
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{384A95F1-EDDA-4BBE-BC6B-7FAA886380F6}" = Trade Navigator
"{44A537A5-859C-43A6-8285-C0668142A090}" = iPod for Windows 2005-03-23
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{4F5FC172-F0E7-4EA5-902F-8D005DF9F000}" = HP Photo and Imaging 1.2 - Photosmart Cameras
"{4FCC384C-18EA-4E25-9281-A06AE006D219}" = Weblink
"{56364334-9530-11D2-BFFC-00C04FA329AA}" = Microsoft Works 2000
"{5C069542-CA13-4f1b-B90C-28C6430F4992}" = HP LaserJet Professional CP1520 Series
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{8214CC02-6271-4DC8-B8DD-779933450264}" = RecordNow
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9E56BE92-8628-470F-944B-E5DFC4F9C2CD}" = Wireless LAN Utility
"{9E88DAA4-1352-4272-BA3A-897668408400}" = HP Photosmart printers preloaded drivers
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}" = 2Wire Wireless Client
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{AABE44D1-0B72-4C6B-9778-20B2317F8064}" = hpzTLBXFX
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{AEEB3643-71DE-414d-9E3F-1159177FE211}" = Office Animation Runtime
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{BE41CB9F-8C21-44DC-BC47-5797654442E3}" = MX240a
"{BEEDEC2C-D33F-4FEF-8692-A5CCE6FF6835}" = hppTLBXFXCP1520
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D608C59B-424B-45D4-971C-5978F8564CEE}" = hppLaserJetService
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E15C68A1-9CA5-44AC-A7F7-6C0673F196A8}" = HPLaserJetHelp_LearnCenter
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EEF397AC-DAEF-4C04-90A9-5B2BD31875DC}" = Simple Installer - Multilanguage Version
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}" = OmniPass
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FE6DB3B1-C754-405D-BCAB-F4F9C765BF35}" = hppCP1520LaserJetService
"1ABC286C-DE10-4590-BEFF-4D0DFF5EA1EC" = GemMaster 3 from Hewlett-Packard Desktops (remove only)
"28BA89E7-2F60-4BE7-BAA2-7949EB3FE527" = BlasterBall Wild from Hewlett-Packard Desktops (remove only)
"357ECB62-CD36-4B63-B57E-769D0CA174F4" = Blasterball 2 from Hewlett-Packard Desktops (remove only)
"4F0AE1FB-4082-4A27-8363-05D292D92FB0" = Virtual Warfare from Hewlett-Packard Desktops (remove only)
"5415BC25-6D6C-46C4-B34C-EA8470FE56D5" = Blackhawk Striker from Hewlett-Packard Desktops (remove only)
"7841B68B-B7DD-408E-8B45-D5CA39608185" = Dark Orbit from Hewlett-Packard Desktops (remove only)
"8c9c48d7-2d03-4a1f-a303-5bd22ccabae1" = RingMaster from Hewlett-Packard Desktops (remove only)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0
"America Online us" = America Online
"BackWeb-137903 Uninstaller" = Updates from HP
"Batch Assistant" = Batch Assistant
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Data Compiler" = Data Compiler
"DF479CEA-34C0-460F-9B56-93BCE4CD4086" = Excavation from Hewlett-Packard Desktops (remove only)
"hp deskjet 3820 series" = hp deskjet 3820 series (Remove only)
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"hp instant support" = HP Instant Support
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"HPTOOLKIT" = toolkit
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InboxDollars" = InboxDollars
"Indexing Function" = Indexing Function
"InstallShield_{44A537A5-859C-43A6-8285-C0668142A090}" = iPod for Windows 2005-03-23
"Java Web Start" = Java Web Start
"Launcher" = Launcher
"LiveReg" = LiveReg (Symantec Corporation)
"MGI_PRISM_V3_0" = MGI PhotoSuite III SE (Remove Only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"NAV" = Norton AntiVirus
"Netscape (7.2)" = Netscape (7.2)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OneTouch Version 3.0" = OneTouch Version 3.0
"PaperPort 7.02" = PaperPort 7.02
"PS2" = PS2
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions
"Python 2.2.1" = Python 2.2.1
"RealPlayer 6.0" = RealPlayer
"S3Display" = S3Display
"S3Gamma2" = S3Gamma2
"S3Info2" = S3Info2
"S3Overlay" = S3Overlay
"SBC Yahoo! Applications" = SBC Yahoo! Applications
"SBM OS" = SBM OS
"Search OS" = Search OS
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WildTangent CDA" = WildTangent Web Driver
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WordPerfect Productivity Pack" = WordPerfect Productivity Pack
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 6/20/2011 9:44:59 AM | Computer Name = KATHLEEN | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 405266
 
Error - 6/20/2011 9:45:15 AM | Computer Name = KATHLEEN | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 6/20/2011 9:45:15 AM | Computer Name = KATHLEEN | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 420922
 
Error - 6/20/2011 9:45:15 AM | Computer Name = KATHLEEN | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 420922
 
Error - 6/20/2011 12:03:18 PM | Computer Name = KATHLEEN | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 6/20/2011 12:03:18 PM | Computer Name = KATHLEEN | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 765062
 
Error - 6/20/2011 12:03:18 PM | Computer Name = KATHLEEN | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 765062
 
Error - 6/21/2011 9:54:18 AM | Computer Name = KATHLEEN | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 6/21/2011 9:54:18 AM | Computer Name = KATHLEEN | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4405516
 
Error - 6/21/2011 9:54:18 AM | Computer Name = KATHLEEN | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4405516
 
[ System Events ]
Error - 6/20/2011 1:26:51 PM | Computer Name = KATHLEEN | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 6/20/2011 1:26:51 PM | Computer Name = KATHLEEN | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 6/20/2011 1:26:51 PM | Computer Name = KATHLEEN | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 6/20/2011 1:26:51 PM | Computer Name = KATHLEEN | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 6/20/2011 1:26:51 PM | Computer Name = KATHLEEN | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 6/20/2011 1:26:51 PM | Computer Name = KATHLEEN | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 6/20/2011 1:26:51 PM | Computer Name = KATHLEEN | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 6/20/2011 1:26:52 PM | Computer Name = KATHLEEN | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 6/20/2011 4:07:45 PM | Computer Name = KATHLEEN | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
 the stisvc service.
 
Error - 6/21/2011 9:54:24 AM | Computer Name = KATHLEEN | Source = PlugPlayManager | ID = 12
Description = The device 'ATAPI CDROM 48X' (IDE\CdRomATAPI_CDROM_48X_________________________160R____\5&265fbc54&0&0.1.0)
 disappeared from the system without first being prepared for removal.
 
 
< End of report >

[guestolo]

sorry for the delay, can you do the following please
Access your Add and Remove Programs and uninstall the following:
Search OS
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Reboot the computer

Back in Woindows
Double  click on OTL.exe and a it

• Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
  

  :Files
  C:\WINDOWS\tasks\At*.job
  ipconfig /flushdns /c
  :Commands
  [EmptyTemp]
  [EmptyFlash]
  

  
  
• Then click the [color="#FF0000"]Run Fix[/color] button at the top
  
• Let the program run unhindered, reboot the PC when it is done

On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder

In addition:
download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop
NOTE: the Shareware and Freeware version are the same installer
Choose to NOT install the Trial version during install

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.    
• If an update is found, it will download and install the latest version.    
• Once the program has loaded, select "Perform Quick Scan", then click Scan.    
  
• The scan may take some time to finish,so please be patient.    
• When the scan is complete, click OK, then Show Results to view the results.    
  
• Make sure that everything is checked, and click Remove Selected.
      * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)    
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.    
• Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

[Kathleen]

No worries on the slight delay! I know you are busy helping everyone while still maintaining your own life! Many thanks again for all your help!!

Here is the new OTL.exe log:

All processes killed
========== FILES ==========
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Owner\My Documents\download\cmd.bat deleted successfully.
C:\Documents and Settings\Owner\My Documents\download\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41620 bytes
 
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 383677 bytes
 
User: NetworkService
->Temp folder emptied: 1844099 bytes
->Temporary Internet Files folder emptied: 79872048 bytes
 
User: Owner
->Temp folder emptied: 6274430847 bytes
->Temporary Internet Files folder emptied: 1951583313 bytes
->Java cache emptied: 74116299 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 1814693 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 80647 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 342632263 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 90991124 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 488029 bytes
RecycleBin emptied: 485633738 bytes
 
Total Files Cleaned = 8,873.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
User: Owner
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0.00 mb
 
 
OTL by OldTimer - Version 3.2.24.1 log created on 06232011_121801

Files\Folders moved on Reboot...
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\C9EZU56H\adsCA3WKQ6H.htm moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\C9EZU56H\adsCAKLBU31.htm moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\C9EZU56H\index[7].htm moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\C9EZU56H\toolbarCA9JLDNK.htm moved successfully.
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File\Folder C:\WINDOWS\temp\{E80F62FF-5D3C-4A19-8409-9721F2928206}\ALUSETTINGS not found!
File\Folder C:\WINDOWS\temp\Temporary Internet Files\Content.IE5\MHCXTEJJ\desktop.ini not found!
File\Folder C:\WINDOWS\temp\Temporary Internet Files\Content.IE5\KMXA7ZKG\desktop.ini not found!
File\Folder C:\WINDOWS\temp\Temporary Internet Files\Content.IE5\4CQ1EYOQ\desktop.ini not found!
File\Folder C:\WINDOWS\temp\Temporary Internet Files\Content.IE5\3K8FZE57\desktop.ini not found!
File\Folder C:\WINDOWS\temp\Temporary Internet Files\Content.IE5\desktop.ini not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\CATALOG.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\CCERASER.DLL not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\ECBOOTIL.VXD not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\ECMSVR32.DLL not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\EECTRL.SYS not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\ERASER.GRD not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\ERASER.SIG not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\ERASER.SPM not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\ERASER.SYS not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\ESRDEF.BIN not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\HH not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\NAVENG.EXP not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\NAVENG.SYS not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\NAVENG.VXD not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\NAVENG32.DLL not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\NAVEX15.EXP not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\NAVEX15.SYS not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\NAVEX15.VXD not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\NAVEX32A.DLL not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\NCSACERT.TXT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\SCRAUTH.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\SYMAVENG.CAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\SYMAVENG.INF not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\SYMERASE.CAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\SYMERASE.INF not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\TCDEFS.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\TCSCAN7.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\TCSCAN8.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\TCSCAN9.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\TECHNOTE.TXT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\TINF.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\TINFIDX.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\TINFL.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\TSCAN1.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\TSCAN1HD.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\V.GRD not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\V.SIG not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\VIRSCAN.INF not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\VIRSCAN1.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\VIRSCAN2.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\VIRSCAN3.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\VIRSCAN4.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\VIRSCAN5.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\VIRSCAN6.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\VIRSCAN7.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\VIRSCAN8.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\VIRSCAN9.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\VIRSCANT.DAT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\WHATSNEW.TXT not found!
File\Folder C:\WINDOWS\temp\slufb2.tmp\ZDONE.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\CATALOG.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\CCERASER.DLL not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\ECBOOTIL.VXD not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\ECMSVR32.DLL not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\EECTRL.SYS not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\ERASER.GRD not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\ERASER.SIG not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\ERASER.SPM not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\ERASER.SYS not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\ESRDEF.BIN not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\HH not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\NAVENG.EXP not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\NAVENG.SYS not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\NAVENG.VXD not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\NAVENG32.DLL not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\NAVEX15.EXP not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\NAVEX15.SYS not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\NAVEX15.VXD not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\NAVEX32A.DLL not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\NCSACERT.TXT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\SCRAUTH.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\SYMAVENG.CAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\SYMAVENG.INF not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\SYMERASE.CAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\SYMERASE.INF not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\TCDEFS.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\TCSCAN7.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\TCSCAN8.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\TCSCAN9.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\TECHNOTE.TXT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\TINF.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\TINFIDX.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\TINFL.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\TSCAN1.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\TSCAN1HD.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\V.GRD not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\V.SIG not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\VIRSCAN.INF not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\VIRSCAN1.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\VIRSCAN2.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\VIRSCAN3.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\VIRSCAN4.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\VIRSCAN5.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\VIRSCAN6.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\VIRSCAN7.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\VIRSCAN8.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\VIRSCAN9.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\VIRSCANT.DAT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\WHATSNEW.TXT not found!
File\Folder C:\WINDOWS\temp\slu81c.tmp\ZDONE.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\CATALOG.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\CCERASER.DLL not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\ECBOOTIL.VXD not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\ECMSVR32.DLL not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\EECTRL.SYS not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\ERASER.GRD not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\ERASER.SIG not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\ERASER.SPM not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\ERASER.SYS not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\ESRDEF.BIN not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\HH not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\NAVENG.EXP not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\NAVENG.SYS not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\NAVENG.VXD not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\NAVENG32.DLL not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\NAVEX15.EXP not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\NAVEX15.SYS not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\NAVEX15.VXD not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\NAVEX32A.DLL not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\NCSACERT.TXT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\SCRAUTH.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\SYMAVENG.CAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\SYMAVENG.INF not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\SYMERASE.CAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\SYMERASE.INF not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\TCDEFS.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\TCSCAN7.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\TCSCAN8.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\TCSCAN9.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\TECHNOTE.TXT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\TINF.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\TINFIDX.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\TINFL.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\TSCAN1.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\TSCAN1HD.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\V.GRD not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\V.SIG not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\VIRSCAN.INF not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\VIRSCAN1.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\VIRSCAN2.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\VIRSCAN3.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\VIRSCAN4.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\VIRSCAN5.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\VIRSCAN6.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\VIRSCAN7.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\VIRSCAN8.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\VIRSCAN9.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\VIRSCANT.DAT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\WHATSNEW.TXT not found!
File\Folder C:\WINDOWS\temp\slu5de3.tmp\ZDONE.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\CATALOG.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\CCERASER.DLL not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\ECBOOTIL.VXD not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\ECMSVR32.DLL not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\EECTRL.SYS not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\ERASER.GRD not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\ERASER.SIG not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\ERASER.SPM not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\ERASER.SYS not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\ESRDEF.BIN not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\HH not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\NAVENG.EXP not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\NAVENG.SYS not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\NAVENG.VXD not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\NAVENG32.DLL not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\NAVEX15.EXP not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\NAVEX15.SYS not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\NAVEX15.VXD not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\NAVEX32A.DLL not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\NCSACERT.TXT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\SCRAUTH.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\SYMAVENG.CAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\SYMAVENG.INF not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\SYMERASE.CAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\SYMERASE.INF not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\TCDEFS.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\TCSCAN7.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\TCSCAN8.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\TCSCAN9.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\TECHNOTE.TXT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\TINF.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\TINFIDX.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\TINFL.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\TSCAN1.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\TSCAN1HD.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\V.GRD not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\V.SIG not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\VIRSCAN.INF not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\VIRSCAN1.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\VIRSCAN2.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\VIRSCAN3.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\VIRSCAN4.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\VIRSCAN5.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\VIRSCAN6.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\VIRSCAN7.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\VIRSCAN8.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\VIRSCAN9.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\VIRSCANT.DAT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\WHATSNEW.TXT not found!
File\Folder C:\WINDOWS\temp\slu17c4.tmp\ZDONE.DAT not found!
File\Folder C:\WINDOWS\temp\MPTelemetrySubmit\client_manifest.txt not found!
File\Folder C:\WINDOWS\temp\MPTelemetrySubmit\client_manifest_1.txt not found!
File\Folder C:\WINDOWS\temp\MPTelemetrySubmit\client_manifest_2.txt not found!
File\Folder C:\WINDOWS\temp\MPTelemetrySubmit\watson_manifest.txt not found!
File\Folder C:\WINDOWS\temp\MPTelemetrySubmit\watson_manifest_1.txt not found!
File\Folder C:\WINDOWS\temp\MPTelemetrySubmit\watson_manifest_2.txt not found!
File\Folder C:\WINDOWS\temp\HP\AtStatus\hpinksts8811lm.log not found!
File\Folder C:\WINDOWS\temp\History\History.IE5\desktop.ini not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_b0.dat not found!

Registry entries deleted on Reboot...

[Kathleen]

This is my MBAM Log:

How often should I run this Malware program?

-Kat

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6930

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/23/2011 2:07:41 PM
mbam-log-2011-06-23 (14-07-41).txt

Scan type: Quick scan
Objects scanned: 157350
Time elapsed: 9 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3C2D2A1E-031F-4397-9614-87C932A848E0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04A38F6B-006F-4247-BA4C-02A139D5531C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MiniBugTransporter.MiniBugTransporterX.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MiniBugTransporter.MiniBugTransporterX (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{2A7DB8D1-43BE-4AD3-A81E-9BB8C9D00073} (Adware.Delphinmediaviewer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files\AWS\weatherbug\minibugtransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.

[guestolo]

Can you reopen OTL.exe, choose to run a "Quick Scan"
When done, post the new log that opens

Keep me informed how things are now running please

[Kathleen]

Here is the current OTL.exe log:

My computer is running better, faster. I seem to be hanging up on web browsing though. Do you have any suggestions? Thank you for all you have done to help!

OTL logfile created on: 6/26/2011 7:20:31 PM - Run 2
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Documents and Settings\Owner\My Documents\download
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
511.36 Mb Total Physical Memory | 110.09 Mb Available Physical Memory | 21.53% Memory free
1.47 Gb Paging File | 0.92 Gb Available in Paging File | 62.68% Paging File free
Paging file location(s): C:\pagefile.sys 1024 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 107.34 Gb Total Space | 2.14 Gb Free Space | 1.99% Space Free | Partition Type: NTFS
Drive D: | 4.43 Gb Total Space | 0.69 Gb Free Space | 15.58% Space Free | Partition Type: FAT32
 
Computer Name: KATHLEEN | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/06/21 09:01:49 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\download\OTL.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccsvchst.exe
PRC - [2010/04/12 10:13:08 | 000,142,336 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2008/06/19 10:32:20 | 001,245,064 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008/04/13 19:12:28 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/09 19:06:33 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/03/12 19:30:14 | 000,517,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
PRC - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
PRC - [2002/12/18 15:05:12 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
PRC - [2002/10/08 02:41:46 | 000,217,088 | ---- | M] () -- C:\Program Files\Wireless LAN Utility\WlanUtility.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/06/21 09:01:49 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\download\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe -- (NAV)
SRV - [2010/04/12 10:13:08 | 000,142,336 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2008/08/04 11:20:16 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/06/19 10:32:20 | 001,245,064 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/02/09 19:06:33 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007/03/12 19:30:14 | 000,517,768 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe -- (LiveUpdate Notice Service)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () [Auto | Running] -- C:\Program Files\Softex\OmniPass\omniServ.exe -- (omniserv)
SRV - [2002/12/18 15:05:12 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2002/11/14 10:09:14 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/06/02 20:08:20 | 000,355,256 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20110624.050\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/27 13:36:01 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110625.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/05/27 13:36:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110625.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/05/19 14:37:06 | 000,810,616 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20110616.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/05/15 12:23:53 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/15 12:23:53 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/05/15 12:23:28 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/03/30 22:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1206000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 22:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1206000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 19:39:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1206000.01D\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/03/14 21:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1206000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 01:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1206000.01D\SYMDS.SYS -- (SymDS)
DRV - [2011/01/27 00:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1206000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2010/05/06 17:37:24 | 000,020,504 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hppcbulkio.sys -- (HPFXBULKLEDM)
DRV - [2006/09/07 16:19:02 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006/03/13 00:13:22 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/10/01 11:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/04 00:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/08/04 00:29:51 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/04/13 19:20:08 | 000,015,781 | R--- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2003/11/13 20:25:26 | 000,391,680 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/03/08 00:13:22 | 000,624,369 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/02/26 21:19:50 | 000,260,736 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/02/22 21:55:26 | 000,141,824 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2002/12/27 13:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/12/25 00:09:48 | 000,030,848 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/12/18 15:02:46 | 000,019,140 | ---- | M] (America Online) [Kernel | On_Demand | Stopped] -- C:\Program Files\America Online 8.0\atwpkt2.sys -- (ATWPKT2)
DRV - [2002/12/18 15:00:38 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/01 09:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/09/06 20:24:00 | 000,013,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2001/06/04 15:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.swagbucks.com/
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {4219427b-0228-4356-a78b-eb7668d37d07} - C:\Program Files\InboxDollars\Helper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2011/06/26 10:49:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2010/12/12 22:55:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2011/06/20 12:43:33 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2004/07/11 19:35:08 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\common\ycomp5_1_6_0.dll (Yahoo! Inc.)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (InboxDollars BHO) - {6FFB615D-E8CE-4ADD-8D9F-31C4BE9C26E4} - C:\Program Files\InboxDollars\Toolbar.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (InboxDollars) - {47980628-3844-42AA-A0DD-E2D86BBA9600} - C:\Program Files\InboxDollars\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\common\ycomp5_1_6_0.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Search) - {40D41A8B-D79B-43D7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (America Online, Inc)
O3 - HKCU\..\Toolbar\WebBrowser: (InboxDollars) - {47980628-3844-42AA-A0DD-E2D86BBA9600} - C:\Program Files\InboxDollars\Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\common\ycomp5_1_6_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [*adtcp]  File not found
O4 - HKLM..\Run: [*diskodbc]  File not found
O4 - HKLM..\Run: [*vbinfo]  File not found
O4 - HKLM..\Run: [PRISMSVR.EXE]  File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched]  File not found
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Lan Utility.lnk = C:\Program Files\Wireless LAN Utility\WlanUtility.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AIM Search - C:\Program Files\AIM Toolbar\AIMBar.dll (America Online, Inc)
O8 - Extra context menu item: Yahoo! Dictionary - C:\Program Files\Yahoo!\Common [2006/12/24 01:41:43 | 000,000,000 | ---D | M]
O8 - Extra context menu item: Yahoo! Search - C:\Program Files\Yahoo!\Common [2006/12/24 01:41:43 | 000,000,000 | ---D | M]
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_25.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll (Yahoo! Inc.)
O9 - Extra Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab (SysData Class)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/pm/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab (EPUImageControl Class)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} http://ipgweb.cce.hp.com/rdqcpc/downloads/msxml4.cab (XML DOM Document 4.0)
O16 - DPF: {8C42D15B-D8C2-40AD-9A06-3F27F58AE33E} http://www.search-climbers.com/download/uninstall/KeywordsUnInst.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yahoo.com/dl/installs/ymail/ymmapi.dll (YahooYMailTo Class)
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} http://download.microsoft.com/download/PowerPoint2002/Install/10.0.2609/WIN98MeXP/EN-US/msorun.cab (IEAnimBehaviorFactory Class)
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://download.yahoo.com/dl/installs/yab_af.cab (YAddBook Class)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {C7B05B62-C8D7-438C-840B-4994DAAA8EEE} http://webpdp.gator.com/v3/download/pdpplugin5094_hd3ptdmgainads.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab (PhotosCtrl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E62A47D8-74B1-4A93-963A-E5E43B7CC5C2} http://www.zuvio.com/UCSearch.CAB (UCSearch.ucUCSearch)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.Email Removed/downloads/aol/unagi/ampx_en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\OPXPGina: DllName - C:\Program Files\Softex\OmniPass\opxpgina.dll - C:\Program Files\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/04/10 00:19:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 04:02:32 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/06/23 13:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/06/23 13:51:31 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/06/23 13:51:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/23 13:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/06/23 13:51:23 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/06/23 13:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/23 12:18:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/20 13:33:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/06/20 13:33:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\HiJackThis
 
========== Files - Modified Within 30 Days ==========
 
[2011/06/26 10:52:11 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/26 10:50:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/26 10:49:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/25 23:36:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/23 13:51:32 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 13:33:16 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\HiJackThis.lnk
[2011/06/20 06:29:14 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/06/16 09:29:43 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2011/06/23 13:51:32 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/20 13:33:16 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\HiJackThis.lnk
[2011/01/31 22:23:59 | 000,002,352 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/17 15:20:04 | 000,000,024 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/01/17 15:03:12 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2010/11/10 07:06:07 | 000,045,884 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/10/20 17:21:21 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/10/11 17:21:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/15 19:30:53 | 000,031,728 | ---- | C] () -- C:\Program Files\Blockbuster Angleton Job 2805920 (168 x 600).jpg
[2010/08/15 19:29:02 | 000,031,728 | ---- | C] () -- C:\Program Files\Blockbuster Job 2805920 (168 x 600).jpg
[2009/09/16 12:44:52 | 000,003,235 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2008/03/28 08:21:56 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2007/09/12 22:06:14 | 000,000,117 | ---- | C] () -- C:\WINDOWS\NavWin.INI
[2007/09/12 22:04:03 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\free_res.exe
[2007/09/12 22:04:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\G32_TICK.DLL
[2007/09/12 22:04:02 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\G32_rkey.dll
[2007/05/21 21:05:57 | 000,002,197 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/02/22 15:18:28 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2005/08/19 20:06:35 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/02/06 22:23:00 | 000,105,168 | ---- | C] () -- C:\WINDOWS\NSUninst.exe
[2005/02/06 22:22:40 | 000,105,168 | ---- | C] () -- C:\WINDOWS\GREUninstall.exe
[2005/02/06 22:22:38 | 000,009,574 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/02/06 10:59:32 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/02/06 10:59:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/11/17 17:37:42 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2004/10/06 17:09:29 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/11 16:39:21 | 000,116,134 | ---- | C] () -- C:\WINDOWS\System32\datastore.dll
[2004/07/11 16:39:15 | 000,000,627 | ---- | C] () -- C:\WINDOWS\sepsd.bin
[2004/06/28 18:39:26 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2004/04/20 09:38:16 | 000,000,398 | ---- | C] () -- C:\WINDOWS\System32\master.dll
[2004/03/08 11:03:51 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL709.xml
[2004/03/08 10:44:35 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL184.xml
[2004/03/08 08:37:14 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL625.xml
[2004/03/08 08:36:37 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL771.xml
[2004/03/08 08:36:03 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL584.xml
[2004/03/08 08:34:38 | 000,000,220 | ---- | C] () -- C:\WINDOWS\b2_t_C%3A%2FWINDOWS%2FDOWNLOADED+PROGRAM+FILES%2FBRIDGE.DLL30.xml
[2004/03/04 09:16:36 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\updaterinstall.dat
[2004/01/26 10:28:43 | 000,003,149 | ---- | C] () -- C:\Program Files\Common Files\remove_tools.html
[2003/11/22 19:49:34 | 002,219,998 | -H-- | C] () -- C:\WINDOWS\System32\kyf.dat
[2003/10/21 12:42:03 | 000,000,142 | ---- | C] () -- C:\WINDOWS\urls.dat
[2003/10/10 20:06:39 | 000,000,401 | ---- | C] () -- C:\WINDOWS\Belt.ini
[2003/08/25 11:55:55 | 000,004,665 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2003/07/25 09:12:05 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/07/11 15:56:08 | 001,294,336 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2A6.dll
[2003/07/11 15:56:08 | 001,228,800 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M5.dll
[2003/07/11 15:56:08 | 001,105,920 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P6.dll
[2003/07/11 15:56:07 | 001,261,568 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2M6.dll
[2003/07/11 15:56:07 | 001,052,672 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2P5.dll
[2003/07/11 15:55:37 | 000,000,002 | ---- | C] () -- C:\WINDOWS\PhotoSuite.ini
[2003/07/11 15:55:32 | 001,093,632 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2PX.dll
[2003/07/11 15:55:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\JPEGLIB.DLL
[2003/07/11 15:55:32 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\EnrouteStitch.dll
[2003/07/11 15:55:32 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\MGIIpl2.dll
[2003/07/11 15:55:31 | 000,332,800 | ---- | C] () -- C:\WINDOWS\System32\FPXLIB.DLL
[2003/07/11 15:31:38 | 000,001,056 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2003/07/11 15:31:38 | 000,000,090 | ---- | C] () -- C:\WINDOWS\calera.ini
[2003/07/11 15:31:32 | 000,269,312 | ---- | C] () -- C:\WINDOWS\System32\FPXIG.DLL
[2003/07/11 15:31:32 | 000,068,096 | ---- | C] () -- C:\WINDOWS\System32\IGFPX32P.DLL
[2003/07/11 15:31:32 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\JPEGACC.DLL
[2003/07/11 15:31:16 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\WELSOF32.DLL
[2003/07/08 17:22:34 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003/07/06 22:40:14 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PFP100JPR.{PB
[2003/07/06 22:40:14 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PFP100JCM.{PB
[2003/07/05 23:32:50 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\CPUINF32.DLL
[2003/04/10 06:35:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/04/10 06:34:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2003/04/10 06:21:36 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2003/04/10 03:51:07 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2003/04/10 03:51:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2003/04/10 02:06:10 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2003/04/10 02:04:00 | 000,090,112 | R--- | C] () -- C:\WINDOWS\bwUnin-6.2.3.66.exe
[2003/04/10 02:03:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/04/10 02:03:38 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/04/10 01:57:15 | 000,000,052 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2003/04/10 01:57:04 | 000,000,621 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/04/10 01:16:44 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/04/10 01:06:59 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis740.bin
[2003/04/10 01:06:59 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis650.bin
[2003/04/10 00:44:58 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/04/10 00:44:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/04/10 00:44:29 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/04/10 00:23:21 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/04/10 00:21:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2003/04/10 00:16:07 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2003/04/10 00:05:45 | 000,000,659 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/04/10 00:05:26 | 000,434,138 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/04/10 00:05:26 | 000,068,042 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/04/09 17:10:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/04/09 17:09:25 | 000,220,040 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/03/19 18:50:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/11/14 10:09:12 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2002/11/14 10:08:26 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat
[2002/05/24 10:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2002/05/24 10:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2001/01/03 08:38:54 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/01/03 08:38:53 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/01/03 08:38:32 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/01/03 08:38:19 | 000,177,069 | ---- | C] () -- C:\WINDOWS\System32\mslink32.dat
[2001/01/03 08:38:19 | 000,000,134 | ---- | C] () -- C:\WINDOWS\System32\mslib.dat
[2001/01/03 08:11:26 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/01/03 08:11:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/01/03 08:11:23 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/01/03 08:11:19 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/01/03 08:11:14 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
 
========== LOP Check ==========
 
[2009/03/09 19:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2011/06/23 11:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/03/23 11:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/12/12 23:02:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/18 22:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/06/20 08:35:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/02/05 15:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Aim
[2011/02/16 17:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FCTB000062133
[2010/04/28 14:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Image Zone Express
[2003/04/10 01:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterTrust
[2003/09/17 05:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterVideo
[2008/11/30 20:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\iWin
[2006/01/18 12:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\LimeWire
[2004/02/12 22:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Lycos
[2004/02/19 13:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MX
[2011/06/20 12:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Saba
[2003/04/10 02:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2005/12/28 23:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Snapfish
[2011/02/05 14:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer
[2011/02/13 10:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Tific
[2005/10/31 11:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\VERITAS
[2007/05/22 11:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Viewpoint
[2005/02/25 08:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\WeatherBug
[2011/06/26 10:52:11 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
 
========== Purity Check ==========
 
 

< End of report >

[guestolo]

I'm just on my way out to Dinner, in the meantime, can you do the following please
Double  click on OTL.exe and Run it

• Under the [color="#0000FF"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
  

  :OTL
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapp.../search/ie.html
  IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
  O4 - HKLM..\Run: [] File not found
  O4 - HKLM..\Run: [*adtcp] File not found
  O4 - HKLM..\Run: [*diskodbc] File not found
  O4 - HKLM..\Run: [*vbinfo] File not found
  O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
  O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} Reg Error: Key error. (Reg Error: Key error.)
  :Reg
  :Files
  C:\Documents and Settings\All Users\Application Data\Viewpoint
  C:\Documents and Settings\Owner\Application Data\Viewpoint
  ipconfig /flushdns /c
  :Commands
  [EmptyFlash]
  [EmptyTemp]
  

  
  
• Then click the [color="#FF0000"]Run Fix[/color] button at the top
  
• Let the program run unhindered, reboot the PC when it is done

On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder

Again, let me know how things are then running
Also, if you still have a problem with your Browser, can you let me know which Browser please>> IE or Netscape, or both