Errors on application startups+

I have two issues that may, or may not be related:

The first is when I start my Mozilla Firefox browser, I get the following error message: "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." When I click on "okay", the error message goes away, and the application starts just fine. More annoying than anything, but fishy, and not designed.

The second error message appears when I click on CONTROL PANEL: "This file does not have a program associated with it for performing this action. Create an association in the Folder Options control panel." Again, when I click on "okay", the control panel window opens, HOWEVER, after clicking on the User Accounts icon, I get the hourglass for about three seconds, then NOTHING. The Control Panel window stays, and all of the other icons 'work'.

My guess I have some mal-script trying to do something, but can't, and just gets ignored after trying. No idea what problem is with User Accounts. Several .txt logs follow from the following apps (in order): DDS, RootRepeal, Win32Diag, [no name], peek.bat. Also attach.txt is attached.

THANK YOU FOR ALL OF YOUR HELP!

---------


DDS (Ver_09-10-13.01) - NTFSx86
Run by JIM at 19:03:36.15 on Tue 10/20/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15

============== Running Processes ===============


============== Pseudo HJT Report ===============

uStart Page = hxxp://www.my.yahoo.com/
uWindow Title = Windows Internet Explorer provided by Yahoo!
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [nwiz] nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [HWTablet Service] c:\windows\system32\HWTabTray.exe
mRun: [HWTablet KeyPlus] c:\windows\system32\HWKeyPlus.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hanvon~1.lnk - c:\program files\hanvon\hwshell.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {F4430FE8-2638-42e5-B849-800749B94EED} - c:\program files\partygaming.net\partypokernet\RunPF.exe
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jim\applic~1\mozilla\firefox\profiles\l2wjgmih.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
FF - component: c:\documents and settings\jim\application data\mozilla\firefox\profiles\l2wjgmih.default\extensions\piclens@cooliris.com\components\cooliris.dll
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\jim\application data\mozilla\firefox\profiles\l2wjgmih.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\documents and settings\jim\application data\mozilla\firefox\profiles\l2wjgmih.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-10-04 21:27 21 a------- c:\windows\PI_setup.ini
2009-10-04 21:27 212,480 a------- c:\windows\pcdlib32.dll
2009-10-03 14:17 934 a------- c:\windows\alletter.ini
2009-10-03 14:16 354 a------- c:\windows\UniTech.Lic
2009-10-03 14:16 <DIR> --d----- C:\BOSSFonts
2009-10-03 12:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\WEBREG
2009-10-03 11:29 <DIR> --d----- c:\program files\common files\HP
2009-10-02 18:55 468,493 -------- c:\windows\hpoins37.dat.temp
2009-10-02 18:55 504 -------- c:\windows\hpomdl37.dat.temp
2009-10-02 17:20 16,496 a----r-- c:\windows\system32\drivers\HPZipr12.sys
2009-10-02 17:20 49,920 a----r-- c:\windows\system32\drivers\HPZid412.sys
2009-10-02 17:19 121,344 a------- c:\windows\system32\hpf3l083.dll
2009-10-02 17:19 271,704 a----r-- c:\windows\system32\hpzids01.dll
2009-10-02 17:19 21,568 a----r-- c:\windows\system32\drivers\HPZius12.sys
2009-10-02 17:19 737,280 a----r-- c:\windows\system32\hposwia_d02a.dll
2009-10-02 17:19 598,016 a----r-- c:\windows\system32\hpost_d02a.dll
2009-10-02 17:19 372,736 a----r-- c:\windows\system32\hppldcoi.dll
2009-10-02 17:19 309,760 a----r-- c:\windows\system32\difxapi.dll
2009-10-02 17:19 307,200 a----r-- c:\windows\system32\hposc_d02a.dll
2009-10-02 17:17 <DIR> --d----- c:\program files\common files\Hewlett-Packard
2009-10-02 17:17 <DIR> --d----- c:\program files\HP
2009-10-02 17:17 25,856 ac------ c:\windows\system32\dllcache\usbprint.sys
2009-10-02 17:17 25,856 a------- c:\windows\system32\drivers\usbprint.sys
2009-10-02 17:17 15,104 ac------ c:\windows\system32\dllcache\usbscan.sys
2009-10-02 17:17 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2009-10-02 17:12 147,884 a------- c:\windows\hpoins37.dat
2009-10-02 17:12 504 -------- c:\windows\hpomdl37.dat
2009-10-01 10:53 28,160 a------- c:\windows\system32\drivers\usbccgp.sys

==================== Find3M ====================

2009-10-20 19:03 1,744 a------- c:\windows\system32\d3d9caps.dat
2009-10-19 15:48 3,116 a------- c:\windows\system32\HWTablet.bin
2009-10-14 15:22 1,632 a------- c:\windows\system32\d3d8caps.dat
2009-10-06 17:06 2,516 a--sh--- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys
2009-09-11 09:18 136,192 a------- c:\windows\system32\msv1_0.dll
2009-09-04 16:03 58,880 a------- c:\windows\system32\msasn1.dll
2009-08-26 03:00 247,326 -------- c:\windows\system32\strmdll.dll
2009-08-20 15:10 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-08-20 06:29 5,018 ac------ c:\windows\system32\KGyGaAvL.sys
2009-08-06 19:23 274,288 a------- c:\windows\system32\mucltui.dll
2009-08-06 19:23 215,920 a------- c:\windows\system32\muweb.dll
2009-08-05 04:01 204,800 -------- c:\windows\system32\mswebdvd.dll
2009-08-04 20:44 2,189,184 -------- c:\windows\system32\ntoskrnl.exe
2009-08-04 09:20 2,066,048 -------- c:\windows\system32\ntkrnlpa.exe
2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll
2009-01-27 18:47 88 ---shr-- c:\docume~1\alluse~1\applic~1\74BB9F2D22.sys
2008-02-27 16:24 336 ac------ c:\program files\temp995.bat
2007-04-08 23:33 476,752 ac------ c:\docume~1\alluse~1\applic~1\pswi_preloaded.exe
2009-02-19 17:49 168 -c-shr-- c:\windows\system32\74BB9F2D22.sys

============= FINISH: 19:04:26.03 ===============

----
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/19 17:15
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB63C8000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79E9000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB552F000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

==EOF==

----
Running from: C:\Documents and Settings\JIM\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\JIM\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...

Finished!

----

Volume in drive C has no label.
Volume Serial Number is 2C3C-6A50

Directory of C:\WINDOWS\$NtServicePackUninstall$

08/04/2004 02:56 AM 180,224 scecli.dll

Directory of C:\WINDOWS\$NtServicePackUninstall$

08/04/2004 02:56 AM 407,040 netlogon.dll

Directory of C:\WINDOWS\$NtServicePackUninstall$

08/04/2004 02:56 AM 55,808 eventlog.dll
3 File(s) 643,072 bytes

Directory of C:\WINDOWS\ServicePackFiles\i386

04/13/2008 07:12 PM 181,248 scecli.dll

Directory of C:\WINDOWS\ServicePackFiles\i386

04/13/2008 07:12 PM 407,040 netlogon.dll

Directory of C:\WINDOWS\ServicePackFiles\i386

04/13/2008 07:11 PM 56,320 eventlog.dll
3 File(s) 644,608 bytes

Directory of C:\WINDOWS\system32

04/13/2008 07:12 PM 181,248 scecli.dll

Directory of C:\WINDOWS\system32

04/13/2008 07:12 PM 407,040 netlogon.dll

Directory of C:\WINDOWS\system32

04/13/2008 07:11 PM 56,320 eventlog.dll
3 File(s) 644,608 bytes

Total Files Listed:
9 File(s) 1,932,288 bytes
0 Dir(s) 56,191,451,136 bytes free

---

Volume in drive C has no label.
Volume Serial Number is 2C3C-6A50

Directory of C:\WINDOWS\$NtServicePackUninstall$

08/04/2004 02:56 AM 180,224 scecli.dll

Directory of C:\WINDOWS\$NtServicePackUninstall$

08/04/2004 02:56 AM 407,040 netlogon.dll

Directory of C:\WINDOWS\$NtServicePackUninstall$

08/04/2004 02:56 AM 55,808 eventlog.dll
3 File(s) 643,072 bytes

Directory of C:\WINDOWS\ServicePackFiles\i386

04/13/2008 07:12 PM 181,248 scecli.dll

Directory of C:\WINDOWS\ServicePackFiles\i386

04/13/2008 07:12 PM 407,040 netlogon.dll

Directory of C:\WINDOWS\ServicePackFiles\i386

04/13/2008 07:11 PM 56,320 eventlog.dll
3 File(s) 644,608 bytes

Directory of C:\WINDOWS\system32

04/13/2008 07:12 PM 181,248 scecli.dll

Directory of C:\WINDOWS\system32

04/13/2008 07:12 PM 407,040 netlogon.dll

Directory of C:\WINDOWS\system32

04/13/2008 07:11 PM 56,320 eventlog.dll
3 File(s) 644,608 bytes

Total Files Listed:
9 File(s) 1,932,288 bytes
0 Dir(s) 56,191,451,136 bytes free

I totally forgot to mention that every time I run AVG Virus scan (free), my system crashes before it finishes. Kind of important, I think.

Hello gannon,

We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the HJT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.

Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.

Thank you for understanding.

Regards,

The weatherman
(Moderator)

Edited by The weatherman, 21 October 2009 - 05:16 PM.

Hello gannon

Welcome to BleepingComputer
==========================

• Download OTL to your desktop.
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Under the Standard Registry box change it to All.
• Check the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

===========
Download This file. Note its name and save it to your root folder, such as C:\.

• Disconnect from the Internet and close all running programs.
• Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
• Click on this link to see a list of programs that should be disabled.
• Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
• Allow the driver to load if asked.
• You may be prompted to scan immediately if it detects rootkit activity.
• If you are prompted to scan your system click "Yes" to begin the scan.
• If not prompted, click the "Rootkit/Malware" tab.
• On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
• Select all drives that are connected to your system to be scanned.
• Click the Scan button to begin. (Please be patient as it can take some time to complete)
• When the scan is finished, click Save to save the scan results to your Desktop.
• Save the file as Results.log and copy/paste the contents in your next reply.
• Exit the program and re-enable all active protection when done.

Okay - here is what happened. I ran OTL, but the system blue screened before completion. It did, however, create the OTL.txt file, and that log is pasted below. I ran OTL twice, and both times the system blue screened. On re-start(s), browser goes to Microsoft error reporting page, and says error caused by device or driver (which they always seem to say). Drivers are up to date, and disk has no issues, so ....?

When running "this file" (uiukoryx.exe), I get the small error screen "uiukory.exe has encountered a problem and needs to close" after running perhaps two minutes. Buttons: Debug, send error report, don't send. It obviously did not complete, and I could not save the log. I ran three times, and the same error message appeared each time. I am pretty sure I disabled my AVG correctly.

-------
Paste of OTL.txt:

OTL logfile created on: 10/31/2009 12:20:37 PM - Run 1
OTL by OldTimer - Version 3.1.1.7 Folder = C:\Documents and Settings\JIM\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: | Date Format:

1.50 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 66.61% Memory free
1.55 Gb Paging File | 1.10 Gb Available in Paging File | 70.77% Paging File free
Paging file location(s): C:\pagefile.sys 200 2500 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 53.53 Gb Free Space | 71.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 93.34 Gb Total Space | 57.42 Gb Free Space | 61.52% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JIM-HP750N
Current User Name: JIM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\JIM\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\system32\jwpen.exe (HanWang)
PRC - C:\WINDOWS\system32\HWTabTray.exe ()
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\system32\HWKeyPlus.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
PRC - C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
PRC - C:\WINDOWS\system32\PSIService.exe ()
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Hanvon\hwshell.exe ()
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - C:\WINDOWS\system32\jwpen.exe (HanWang)
SRV - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (NOS Microsystems Ltd.)
SRV - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - C:\WINDOWS\system32\HPZipm12.dll (Hewlett-Packard)
SRV - C:\WINDOWS\system32\HPZinw12.dll (Hewlett-Packard)
SRV - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe (Smith Micro Software, Inc.)
SRV - C:\WINDOWS\system32\PSIService.exe ()
SRV - C:\Program Files\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)
SRV - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - C:\WINDOWS\system32\drivers\HPZius12.sys (HP)
DRV - C:\WINDOWS\system32\drivers\HPZipr12.sys (HP)
DRV - C:\WINDOWS\system32\drivers\HPZid412.sys (HP)
DRV - C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - C:\WINDOWS\system32\drivers\mcstrm.sys (RealNetworks, Inc.)
DRV - C:\WINDOWS\system32\drivers\2WirePCP.sys (2Wire, Inc.)
DRV - C:\WINDOWS\system32\drivers\ltmdmnt.sys (LT)
DRV - C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - C:\WINDOWS\system32\drivers\ousbehci.sys (OrangeWare Corporation)
DRV - C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)
DRV - C:\WINDOWS\system32\drivers\e100b325.sys (Intel Corporation)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\JIM\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\mslbui.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.my.yahoo.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.5
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090525
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: openbookmarkintab@piro.sakura.ne.jp:0.1.2009100801
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:0.9948
FF - prefs.js..extensions.enabledItems: sortplaces@andyhalford.com:1.6.4
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/08/20 15:09:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/10/03 11:42:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/28 22:18:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/28 14:06:38 | 00,000,000 | ---D | M]

[2009/10/13 09:49:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\sortplaces@andyhalford.com
[2009/10/15 10:46:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\piclens@cooliris.com-trash
[2009/10/15 10:46:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\piclens@cooliris.com
[2009/10/13 12:23:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\openbookmarkintab@piro.sakura.ne.jp
[2009/10/21 10:02:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\isreaditlater@ideashower.com
[2009/10/14 09:42:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/08/08 17:00:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/10/30 15:14:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions
[2009/07/29 20:28:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/29 20:28:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Extensions
[2009/07/29 20:28:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Extensions
[2009/07/29 20:28:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/30 15:14:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions
[2009/08/08 17:00:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/10/14 09:42:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/10/21 10:02:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\isreaditlater@ideashower.com
[2009/10/13 12:23:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\openbookmarkintab@piro.sakura.ne.jp
[2009/10/15 10:46:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\piclens@cooliris.com
[2009/10/15 10:46:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\piclens@cooliris.com-trash
[2009/10/13 09:49:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Mozilla\Firefox\Profiles\l2wjgmih.default\extensions\sortplaces@andyhalford.com
[2009/08/30 13:17:15 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/07/30 17:38:02 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/10/28 14:06:38 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/30 15:14:53 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/30 15:14:53 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/28 14:06:38 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/30 17:38:02 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/08/30 13:17:15 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/10/28 14:06:30 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/10/28 14:06:30 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/07/13 19:16:26 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[2009/07/25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/07/13 19:15:48 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2009/07/13 19:15:58 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2009/10/28 14:06:32 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/07/13 19:16:26 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
[2009/07/15 13:10:00 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/07/15 13:10:00 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/07/15 13:10:00 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/07/15 13:10:00 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/07/15 13:10:00 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/07/15 13:10:00 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml

O1 HOSTS File: (292138 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10060 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [HWTablet KeyPlus] C:\WINDOWS\system32\HWKeyPlus.exe ()
O4 - HKLM..\Run: [HWTablet Service] C:\WINDOWS\system32\HWTabTray.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Hanvon Shell.lnk = C:\Program Files\Hanvon\hwshell.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (Bodog)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 123haustiereundmehr.com ([www] * is out of zone range - 112)
O15 - HKCU\..Trusted Domains: alls%curitysite.com ([]* is out of zone range - 84)
O15 - HKCU\..Trusted Domains: errorsafe.com ([se] * is out of zone range - 64)
O15 - HKCU\..Trusted Domains: game7-desktop.com ([]* is out of zone range - 36)
O15 - HKCU\..Trusted Domains: icwbJcom ([]* is out of zone range - 36)
O15 - HKCU\..Trusted Domains: icwocom ([]* is out of zone range - 32)
O15 - HKCU\..Trusted Domains: idblC.com ([idbl] * is out of zone range - 112)
O15 - HKCU\..Trusted Domains: idhh.com ([]* is out of zone range - 96)
O15 - HKCU\..Trusted Domains: uzoo7le.com ([gameg] * is out of zone range - 36)
O15 - HKCU\..Trusted Domains: 74 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: 1 range(s) not assigned to a zone.
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/30 12:00:49 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4933b41c-af91-11de-9703-00e018512de6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4933b41c-af91-11de-9703-00e018512de6}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{4933b41c-af91-11de-9703-00e018512de6}\Shell\phone\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{86bb1661-aea2-11de-9701-00e018512de6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{86bb1661-aea2-11de-9701-00e018512de6}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{86bb1661-aea2-11de-9701-00e018512de6}\Shell\phone\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/10/31 12:13:30 | 00,526,336 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\JIM\Desktop\OTL.exe
[2009/10/28 13:04:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Desktop\Trax Cell
[2009/10/20 19:59:30 | 00,000,000 | ---D | C] -- C:\Program Files\Cobian Backup 9
[2009/10/19 22:19:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Desktop\PC Utilities
[2009/10/19 15:26:00 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\JIM\Recent
[2009/10/06 21:45:24 | 38,465,6464 | ---- | C] (Acresso Software Inc.) -- C:\Documents and Settings\JIM\Desktop\CorelDRAWGraphicsSuiteX4Installer_EN(2).exe
[2009/10/04 21:27:35 | 00,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\pcdlib32.dll
[2009/10/03 14:16:44 | 00,000,000 | ---D | C] -- C:\BOSSFonts
[2009/10/03 12:33:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Desktop\Scans
[2009/10/03 12:26:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Application Data\HPAppData
[2009/10/03 12:25:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WEBREG
[2009/10/03 12:23:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JIM\My Documents\My Scans
[2009/10/03 12:22:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Local Settings\Application Data\HP
[2009/10/03 11:29:26 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2009/10/03 11:29:16 | 00,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2009/10/02 17:21:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP
[2009/10/02 17:20:19 | 00,016,496 | R--- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZipr12.sys
[2009/10/02 17:20:16 | 00,049,920 | R--- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZid412.sys
[2009/10/02 17:19:59 | 00,121,344 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpf3l083.dll
[2009/10/02 17:19:58 | 00,271,704 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
[2009/10/02 17:19:47 | 00,021,568 | R--- | C] (HP) -- C:\WINDOWS\System32\drivers\HPZius12.sys
[2009/10/02 17:19:23 | 00,737,280 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hposwia_d02a.dll
[2009/10/02 17:19:23 | 00,598,016 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpost_d02a.dll
[2009/10/02 17:19:23 | 00,372,736 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hppldcoi.dll
[2009/10/02 17:19:23 | 00,309,760 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
[2009/10/02 17:19:23 | 00,307,200 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hposc_d02a.dll
[2009/10/02 17:17:45 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2009/10/02 17:17:11 | 00,000,000 | ---D | C] -- C:\Program Files\HP
[2009/10/02 17:17:09 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2009/10/02 17:17:09 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2009/10/02 17:17:06 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/10/02 17:17:06 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2009/10/02 05:53:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JIM\Local Settings\Application Data\tjnet
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/10/31 12:19:35 | 00,001,744 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/31 12:19:01 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/10/31 12:14:58 | 00,291,328 | ---- | M] () -- C:\uiukoryx.exe
[2009/10/31 12:13:39 | 00,526,336 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JIM\Desktop\OTL.exe
[2009/10/31 12:01:23 | 44,519,940 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/10/31 12:01:23 | 00,068,428 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/10/30 14:58:31 | 00,003,303 | ---- | M] () -- C:\WINDOWS\photoimpression.ini
[2009/10/30 13:20:22 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/10/30 11:32:26 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/30 11:30:45 | 00,003,116 | ---- | M] () -- C:\WINDOWS\System32\HWTablet.bin
[2009/10/30 11:30:36 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/10/30 11:30:28 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/30 11:30:20 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/30 11:30:18 | 16,101,90848 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/29 16:30:44 | 00,336,899 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\CareerFairBrochure2.pdf
[2009/10/29 16:29:12 | 00,019,991 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Career Day Flyer Front.odt
[2009/10/29 14:45:19 | 00,024,454 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Career Day Flyer Back.odt
[2009/10/29 11:49:07 | 00,052,687 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Gio pro resume.rmr
[2009/10/28 12:05:13 | 74,133,504 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2009/10/27 15:05:54 | 02,776,576 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\TheBeautyOfNight.pps
[2009/10/27 14:47:34 | 00,001,334 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Resume Gio.rtf
[2009/10/26 11:36:09 | 00,014,470 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Fax Cover.odt
[2009/10/25 11:29:14 | 10,747,904 | ---- | M] () -- C:\Documents and Settings\JIM\ntuser.dat
[2009/10/22 23:45:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/22 14:39:17 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\JIM\ntuser.ini
[2009/10/17 20:08:08 | 00,002,499 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\ACDSee 8.lnk
[2009/10/14 15:22:49 | 00,001,632 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/10/14 14:54:56 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/10/14 14:38:40 | 00,031,232 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\CareerFairLetter-Gannon-Lisa.doc
[2009/10/14 09:37:00 | 00,073,144 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\09105ASectionalBrackets.pdf
[2009/10/14 07:31:42 | 02,934,653 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\Overview of Trademark App.pdf
[2009/10/06 22:27:46 | 38,465,6464 | ---- | M] (Acresso Software Inc.) -- C:\Documents and Settings\JIM\Desktop\CorelDRAWGraphicsSuiteX4Installer_EN(2).exe
[2009/10/06 17:06:48 | 00,002,516 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/10/04 21:28:21 | 00,000,973 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PhotoImpression 3.0.lnk
[2009/10/03 15:12:20 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/10/03 14:17:30 | 00,000,934 | ---- | M] () -- C:\WINDOWS\alletter.ini
[2009/10/03 13:54:55 | 00,000,777 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\HP Scanning Software.lnk
[2009/10/03 11:42:30 | 00,000,776 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/03 11:42:15 | 00,147,884 | ---- | M] () -- C:\WINDOWS\hpoins37.dat
[2009/10/03 11:40:15 | 00,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/10/02 19:23:26 | 00,468,493 | ---- | M] () -- C:\WINDOWS\hpoins37.dat.temp
[2009/10/02 17:56:43 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\JIM\Desktop\CCleaner.lnk
[2009/10/02 13:01:57 | 25,198,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/10/31 12:14:58 | 00,291,328 | ---- | C] () -- C:\uiukoryx.exe
[2009/10/29 16:30:43 | 00,336,899 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\CareerFairBrochure2.pdf
[2009/10/29 13:49:08 | 00,024,454 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\Career Day Flyer Back.odt
[2009/10/29 13:39:12 | 00,019,991 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\Career Day Flyer Front.odt
[2009/10/29 12:49:39 | 00,001,744 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/27 15:05:33 | 02,776,576 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\TheBeautyOfNight.pps
[2009/10/27 14:45:21 | 00,052,687 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\Gio pro resume.rmr
[2009/10/27 13:01:05 | 00,001,334 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\Resume Gio.rtf
[2009/10/26 11:36:07 | 00,014,470 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\Fax Cover.odt
[2009/10/14 14:54:56 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/10/14 14:38:39 | 00,031,232 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\CareerFairLetter-Gannon-Lisa.doc
[2009/10/14 09:36:50 | 00,073,144 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\09105ASectionalBrackets.pdf
[2009/10/14 07:31:42 | 02,934,653 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\Overview of Trademark App.pdf
[2009/10/04 21:28:21 | 00,000,973 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PhotoImpression 3.0.lnk
[2009/10/04 21:27:36 | 00,000,021 | ---- | C] () -- C:\WINDOWS\PI_setup.ini
[2009/10/03 14:17:30 | 00,000,934 | ---- | C] () -- C:\WINDOWS\alletter.ini
[2009/10/03 14:16:59 | 00,000,354 | ---- | C] () -- C:\WINDOWS\UniTech.Lic
[2009/10/03 13:54:55 | 00,000,777 | ---- | C] () -- C:\Documents and Settings\JIM\Desktop\HP Scanning Software.lnk
[2009/10/03 11:40:15 | 00,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2009/10/02 18:55:16 | 00,468,493 | ---- | C] () -- C:\WINDOWS\hpoins37.dat.temp
[2009/10/02 18:55:16 | 00,000,504 | ---- | C] () -- C:\WINDOWS\hpomdl37.dat.temp
[2009/10/02 17:12:54 | 00,004,355 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/10/02 17:12:53 | 00,147,884 | ---- | C] () -- C:\WINDOWS\hpoins37.dat
[2009/10/02 17:12:53 | 00,000,504 | ---- | C] () -- C:\WINDOWS\hpomdl37.dat
[2009/08/19 21:59:58 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\jwusbchk.dll
[2009/08/19 21:59:58 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\JwPenC.dll
[2009/08/19 21:59:58 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\JWPEN.DLL
[2009/08/19 21:59:58 | 00,010,548 | ---- | C] () -- C:\WINDOWS\System32\drivers\HYPEN.sys
[2009/08/19 21:59:57 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\JWKey.dll
[2009/01/05 16:06:13 | 00,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/01/05 16:06:13 | 00,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\74BB9F2D22.sys
[2008/07/10 15:52:00 | 00,000,168 | ---- | C] () -- C:\WINDOWS\PARSONS.INI
[2008/05/02 15:02:20 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\rsUtil.dll
[2008/04/15 11:32:52 | 00,000,166 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\REGISTRY.INI
[2008/02/27 16:24:00 | 00,000,336 | ---- | C] () -- C:\Program Files\temp995.bat
[2007/08/18 06:46:33 | 00,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys
[2007/04/08 23:33:57 | 00,476,752 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
[2007/04/08 23:32:25 | 00,005,018 | ---- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2007/04/08 23:32:25 | 00,000,168 | RHS- | C] () -- C:\WINDOWS\System32\74BB9F2D22.sys
[2007/03/31 22:31:57 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007/03/21 19:14:16 | 00,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2007/03/21 17:39:03 | 00,000,142 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/03/21 17:38:39 | 00,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2006/07/12 20:11:45 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/07/12 20:11:45 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/07/12 20:11:45 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/07/12 20:11:45 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/07/12 20:11:45 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/07/12 20:11:45 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/06/13 07:36:45 | 00,003,303 | ---- | C] () -- C:\WINDOWS\photoimpression.ini
[2006/03/04 22:18:08 | 00,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/02/25 22:52:39 | 04,318,598 | -H-- | C] () -- C:\Documents and Settings\JIM\Local Settings\Application Data\IconCache.db
[2006/02/19 15:28:22 | 00,038,400 | ---- | C] () -- C:\Documents and Settings\JIM\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/02/19 10:52:39 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2006/02/10 09:34:31 | 00,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2006/01/30 17:11:08 | 00,149,640 | ---- | C] () -- C:\Documents and Settings\JIM\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2006/01/30 12:18:35 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/01/30 12:05:43 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\JIM\Application Data\desktop.ini
[2006/01/30 05:50:20 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/07/15 13:35:56 | 00,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/07/15 13:35:56 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/07/15 13:35:24 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2003/03/31 07:00:00 | 00,000,776 | ---- | C] () -- C:\WINDOWS\win.ini
[2003/03/31 07:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2003/01/03 03:04:00 | 00,000,745 | ---- | C] () -- C:\WINDOWS\System32\drivers\cfrpsej115.sys
[2002/02/06 05:08:00 | 00,000,745 | ---- | C] () -- C:\WINDOWS\c_lfolqn135.ini
[2001/03/09 07:12:00 | 00,000,745 | ---- | C] () -- C:\WINDOWS\System32\g_iecdi32_338.dll
[2000/04/12 09:16:00 | 00,000,745 | ---- | C] () -- C:\WINDOWS\System32\drivers\gdxhxw_322.sys
[1999/05/15 11:20:00 | 00,000,745 | ---- | C] () -- C:\WINDOWS\System32\d_comsvrb_169.dll

========== LOP Check ==========

[2006/03/02 19:44:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2007/06/22 18:42:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BetZip
[2006/04/30 22:49:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2006/04/30 22:40:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/06/13 15:19:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Corel
[2009/08/21 13:07:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2008/06/27 09:32:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/01/09 23:00:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Individual Software
[2007/02/04 13:29:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McNeel
[2006/01/31 16:16:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSN6
[2009/02/17 17:37:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OfficeRecovery
[2007/03/21 19:14:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2007/08/01 20:16:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PurePlay
[2007/06/20 19:16:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SMSI
[2008/02/10 13:04:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2006/09/24 18:10:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2007/06/16 23:31:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/03/02 19:48:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\ACD Systems
[2009/08/03 14:11:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Amazon
[2009/08/20 06:30:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Corel
[2009/08/21 11:38:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\eBookPro6
[2009/01/09 23:03:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Individual Software
[2006/07/12 20:18:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\InterVideo
[2007/11/26 00:02:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Leadertech
[2009/08/21 11:38:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\LimeWire
[2009/05/10 16:49:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Move Networks
[2009/06/19 21:27:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\MSN6
[2009/01/14 03:00:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\OpenOffice.org
[2009/01/14 02:31:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\OpenOffice.org2
[2007/03/21 19:14:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\pdf995
[2007/02/01 22:16:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Serif
[2007/10/19 21:42:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\SoundSpectrum
[2008/02/10 13:08:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\TaxCut
[2009/08/21 13:07:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Uniblue
[2007/06/16 23:31:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Viewpoint
[2007/06/23 20:55:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JIM\Application Data\Walgreens
[2003/03/31 07:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/30 11:30:28 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========


< End of report >

I really don't see any type of malware present on your system.
But just to double check please do the following:
* Go here to run an online scannner from ESET.

• Note: You will need to use Internet explorer for this scan
• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Click Start
• Check next options: Remove found threats and Scan unwanted applications.
• Click Scan
• Wait for the scan to finish
• Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
• Copy and paste that log as a reply to this topic

Following is the ESET log. As you stated, it appears as if I have no virus/malware issues, but my system is still displaying unhealthy symptoms of "some' problem(s), and I don't know how to fix them. Should I re-post my original issues under some other topic, and seek assistance that way? Any guidance is appreciated. I am grateful for your help.

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=402a9c178e512643a4d390393473f45d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-11-01 05:30:33
# local_time=2009-11-01 11:30:33 (-0600, Central Standard Time)
# country="United States"
# lang=9
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=crash
# scanned=89370
# found=0
# cleaned=0
# scan_time=5053

No I can help here in this topic but you will have to say what your remaining problems are and we can go from there.
If it is something I know then we can keep this topic open but if it something that requires another forum I can direct you to the right one.

My problems:

1) When I start my Mozilla Firefox browser, I get the following error message: "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." When I click on "okay", the error message goes away, and the application starts just fine. More annoying than anything, but fishy, and shouldn't happen.

2) An error message appears when I click on CONTROL PANEL: "This file does not have a program associated with it for performing this action. Create an association in the Folder Options control panel." Again, when I click on "okay", the message goes away, and control panel window opens; HOWEVER, after clicking on the User Accounts icon, I get the hourglass for about three seconds, then NOTHING happens. The Control Panel window stays, and all of the other icons 'work'. I would like to be able to modify and set up User Accounts.

3) Every time I run AVG Virus scan (free), my system crashes before it finishes.

4) Problems running the apps you referred me to (OTL causes system crash, uiukotyx.exe can't run to completion). While these were part of determining if I had malware issues, the fact that they don't run properly indicates to me something is out of whack with my system, and if possible, I would like to fix whatever isn't just right - to avoid potential issues in the future without having to go buy a MAC (which I would if I had the money :-)).

For the first one do the following.
Click Here and download this program.
Save it to the desktop.

Then navigate to this location:
C:\Program Files\Mozilla Firefox.
Then drag the firefox icon on to the program you just downloaded.
A box will popup and say ok.
==================
For the second problem do the following:


Go to Start Run then paste in the bolded text into the run box > sfc /scannow then hit enter.
This will scan for missing or corrupted system files.
It may ask you for a disk.
Insert your xp disk if it prompts.

Then reboot and let me know if anything has changed.