10 minutes to boot. Here are some logs.

thito01 · 2008/09/24

My wifes HP laptop is now taking 10+ minutes just to get to the password prompt.
Other issues:
Wants to format any already formated usb stick.
Will not access the DVD/CD.
This machine does not show any virus with CA-Anti-Virus. I have also run another anti-virus check using a bootable CD and nothing shows up.
It's been like this for several months. (I should have looked at it when she first told me.)
Replacing the hard-drive with a factory fresh one from an identical machine and everything works well.
I am about to the point of restoring the factory image, but thought I would first see if hijackthis can point to the real problem.

Thanks in advance.
Tony

(I will have to make two posts as putting them in one post exceeds the size limit.)

Here are the logs:

info.txt logfile of random's system information tool 1.02 2008-09-24 22:37:13

======Uninstall list======

--> "C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe "
--> "C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe "
--> "C:\Program Files\HP Games\Blasterball 3\Uninstall.exe "
--> "C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe "
--> "C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe "
--> "C:\Program Files\HP Games\Cake Mania\Uninstall.exe "
--> "C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe "
--> "C:\Program Files\HP Games\Crystal Maze\Uninstall.exe "
--> "C:\Program Files\HP Games\Diner Dash\Uninstall.exe "
--> "C:\Program Files\HP Games\Family Feud\Uninstall.exe "
--> "C:\Program Files\HP Games\FATE\Uninstall.exe "
--> "C:\Program Files\HP Games\Final Drive Fury\Uninstall.exe "
--> "C:\Program Files\HP Games\Flip Words\Uninstall.exe "
--> "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe "
--> "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe "
--> "C:\Program Files\HP Games\Lemonade Tycoon 2\Uninstall.exe "
--> "C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe "
--> "C:\Program Files\HP Games\My HP Game Console\Uninstall.exe "
--> "C:\Program Files\HP Games\Otto\Uninstall.exe "
--> "C:\Program Files\HP Games\Penguins!\Uninstall.exe "
--> "C:\Program Files\HP Games\Phoenix Assault\Uninstall.exe "
--> "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe "
--> "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe "
--> "C:\Program Files\HP Games\Puzzle Express\Uninstall.exe "
--> "C:\Program Files\HP Games\SCRABBLE\Uninstall.exe "
--> "C:\Program Files\HP Games\Snowboard SuperJam\Uninstall.exe "
--> "C:\Program Files\HP Games\SpongeBob SquarePants Krabby Quest\Uninstall.exe "
--> "C:\Program Files\HP Games\Super Granny\Uninstall.exe "
--> "C:\Program Files\HP Games\Tradewinds\Uninstall.exe "
--> "C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe "
--> "C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe "
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Acronis True Image Home-->MsiExec.exe /X{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AIM Toolbar 5.0--> "C:\Program Files\AOL\AIM Toolbar 5.0\uninstall.exe "
AOPA's Real-Time Flight Planner 1.2.2-->c:\Jeppesen\RTFPClient\Uninstall.exe
Aviator Trip Pack-->MsiExec.exe /I{00934E3F-D60F-43F4-BA1E-B4B64DDBD2CA}
CA Anti-Spyware--> "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\setup\ccinstaller.exe" /u /silent /module= "pp "
CA Anti-Spyware--> "C:\Program Files\CA\CA Internet Security Suite\caunst.exe" /u /product=pp
CA Anti-Virus--> "C:\Program Files\CA\CA Internet Security Suite\caunst.exe" /u /product=av
CA Anti-Virus-->C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\unvet32.exe
CA Pest Patrol Realtime Protection-->MsiExec.exe /X{F05A5232-CE5E-4274-AB27-44EB8105898D}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -IwisR30B7.INF
CoPilot Laptop 11-->C:\Program Files\InstallShield Installation Information\{00BA7260-EEB2-4600-AB16-4394FF90B219}\setup.exe -runfromtemp -l0x0409
ESU for Microsoft Vista-->MsiExec.exe /X{39523EA4-F914-4447-A551-2513766095F5}
GNS400W-500W Trainer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59E019B-0952-4B72-A382-68A72224F88F}\setup.exe"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IwqcVenz.inf
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2--> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Active Support Library 32 bit components-->MsiExec.exe /I{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}
HP Active Support Library 32 bit components-->MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{E59A46D4-699C-4DC8-969F-DAC3395B4543}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /I{9061CEF2-51F5-42C9-8A70-9ED351C6597A}
HP Pavilion Webcam Driver for Vista v061.001.00005-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CA81D12-9EC2-4082-972B-43ECA63F41F2}\setup.exe" -l0x9 -removeonly
HP Photosmart Essential 2.0-->C:\Program Files\Hewlett-Packard\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Quick Launch Buttons 6.20 B1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP QuickPlay 3.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
HP Total Care Advisor-->MsiExec.exe /X{F6B29003-A078-4491-AFBE-62EFB6CFFE19}
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HP User Guide 0042-->MsiExec.exe /I{B0F97FBF-9F98-4522-B65D-8980FE38C726}
HP Wireless Assistant-->MsiExec.exe /I{D32067CD-7409-4792-BFA0-1469BCD8F0C8}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (2.0.0.14)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.16)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSCU for Microsoft Vista-->MsiExec.exe /X{3FFB3B34-D639-4384-9AE9-DDE58430D86F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
muvee autoProducer 6.0-->C:\Program Files\InstallShield Installation Information\{0BFC200F-C45D-4271-AF34-4CA969225DEB}\setup.exe -runfromtemp -l0x0009 -removeonly
My HP Games--> "C:\Program Files\HP Games\Uninstall.exe "
Nokia Connectivity Cable Driver-->MsiExec.exe /X{11964613-805F-432D-A12B-169554B793E7}
Nokia PC Suite-->C:\ProgramData\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Nokia_PC_Suite_6_84_10_3_eng_us_web.exe
Nokia PC Suite-->MsiExec.exe /I{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}
North American Railroad Map v 3.00--> "C:\Railroad Map 3\unins000.exe "
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
PC Connectivity Solution-->MsiExec.exe /I{99A40651-0BC2-4095-8F9A-A40FAB224FEF}
PC Pitstop Optimize2 2.0--> "C:\Program Files\PCPitstop\Optimize2\unins000.exe "
PresenterSoft MediaEasy 2.6.2--> "C:\Program Files\PresenterSoft MediaEasy\unins000.exe "
Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Rhapsody-->C:\PROGRA~1\Rhapsody\Unwise32.exe /A C:\PROGRA~1\Rhapsody\install.log
Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive-->MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9-->MsiExec.exe /I{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Skypeâ„¢ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sokoban YASC--> "C:\Program Files\BDSokobanYASC\unins000.exe "
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll ",standAloneUninstall
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Vongo-->MsiExec.exe /X{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}
Windows Driver Package - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\pccswpddriver.inf_a419b392\pccswpddriver.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\pccs_bluetooth.inf_48f6f624\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\pccs_bluetooth.inf_51d2d3e1\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_e5643fdd\nokbtmdm.inf
Windows Driver Package - NXP Software. (spotJ) USB (06/01/2007 1.0.9.0)-->rundll32.exe C:\PROGRA~1\DIFX\15B7F172FC21855D\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\spotj.inf_5e4cf693\spotj.inf

======Security center information======

AV: CA Anti-Virus
AS: Windows Defender (disabled) (outdated)
AS: CA Anti-Spyware

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"Path "=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE "=x86
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"USERNAME "=SYSTEM
"windir "=%SystemRoot%
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION "=4802
"NUMBER_OF_PROCESSORS "=2
"PLATFORM "=MCD
"PCBRAND "=Pavilion
"OnlineServices "=Online Services
"RoxioCentral "=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"USERPART "=E:

-----------------EOF-----------------

thito01 · 2008/09/24

Logfile of random's system information tool 1.02 (written by random/random)
Run by sthigpen at 2008-09-24 22:36:22
Microsoft® Windows Vista™ Home Premium
System drive C: has 97 GB (67%) free of 144 GB
Total RAM: 958 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:37:08 PM, on 9/24/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\cavrid.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\TEMP\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\sthigpen.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://71.203.94.197:18080/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe "
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe "
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe "
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe "
O4 - HKLM\..\RunServices: [CAISafe] C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted IP range: http://71.226.81.73
O16 - DPF: {B0781EB7-16EA-49F1-9C1D-9716D88206CF} (CSQ Object) - http://71.226.81.73:18080/view.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spot GPS Maxim (SpotGPSMaxim) - NXP Software B.V. - C:\Users\Public\Public Apps\ALK Technologies\CoPilot Laptop\Services\Spot2741.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10092 bytes

======Scheduled tasks folder======

C:\Windows\tasks\CAAntiSpywareScan_Daily as sthigpen at 7 32 AM.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-05-30 1410344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar Launcher - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll [2008-03-07 1090912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AIM Toolbar - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll [2008-03-07 1090912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender "=C:\Program Files\Windows Defender\MSASCui.exe [2007-08-30 1006264]
"NvSvc "=C:\Windows\system32\nvsvc.dll [2007-02-28 90191]
"NvCplDaemon "=C:\Windows\system32\NvCpl.dll [2007-02-28 7770112]
"NvMediaCenter "=C:\Windows\system32\NvMcTray.dll [2007-02-28 81920]
"SynTPEnh "=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"HP Software Update "=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"QPService "=C:\Program Files\HP\QuickPlay\QPService.exe [2007-03-28 176128]
"QlbCtrl "=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744]
"HP Health Check Scheduler "=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-06-05 71176]
"hpWirelessAssistant "=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
"WAWifiMessage "=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"TrueImageMonitor.exe "=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2006-10-16 1164912]
"AcronisTimounterMonitor "=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2006-10-16 1941784]
"Acronis Scheduler2 Service "=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2006-10-16 87584]
"PCSuiteTrayApplication "=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"cctray "=C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe [2008-09-09 181488]
"CAVRID "=C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe [2008-09-09 234736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher "=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar "=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-08 1232896]
"ehTray.exe "=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages "=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA "=0
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe "= "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
" "=" "
"C:\Program Files\Vongo\VongoService.exe "= "C:\Program Files\Vongo\VongoService.exe:*:enabled:VongoService "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d664bbff-75f2-11dd-8d48-001b244d2a28}]
shell\AutoRun\command - G:\LaunchU3.exe -a

======List of files/folders created in the last 3 months======

2008-09-24 22:36:22 ----D---- C:\rsit
2008-09-24 22:23:21 ----D---- C:\Program Files\Trend Micro
2008-09-24 15:30:35 ----D---- C:\Program Files\PCPitstop
2008-09-24 07:14:24 ----D---- C:\Users\sthigpen\AppData\Roaming\Acronis
2008-09-12 10:03:12 ----D---- C:\restore
2008-09-09 21:52:26 ----A---- C:\Windows\system32\isafprod.dll
2008-09-08 09:47:42 ----D---- C:\Program Files\Citrix
2008-08-29 14:40:04 ----A---- C:\Windows\system32\tzres.dll
2008-08-29 14:16:49 ----A---- C:\Windows\system32\wshrm.dll
2008-08-29 14:16:47 ----A---- C:\Windows\system32\fsquirt.exe
2008-08-29 14:16:40 ----A---- C:\Windows\system32\EncDec.dll
2008-08-29 14:16:38 ----A---- C:\Windows\system32\psisdecd.dll
2008-08-29 14:16:37 ----A---- C:\Windows\system32\mcmde.dll
2008-08-29 14:16:24 ----A---- C:\Windows\system32\INETRES.dll
2008-08-29 14:16:24 ----A---- C:\Windows\system32\inetcomm.dll
2008-08-29 14:16:18 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-08-29 14:16:17 ----A---- C:\Windows\system32\gameux.dll
2008-08-29 14:16:04 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-08-29 14:16:01 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-08-29 14:15:43 ----A---- C:\Windows\system32\NlsData000c.dll
2008-08-29 14:15:43 ----A---- C:\Windows\system32\NlsData0009.dll
2008-08-29 14:15:43 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-08-29 14:15:42 ----A---- C:\Windows\system32\NlsData000a.dll
2008-08-29 14:15:41 ----A---- C:\Windows\system32\NlsData000d.dll
2008-08-29 14:15:40 ----A---- C:\Windows\system32\NlsData003e.dll
2008-08-29 14:15:40 ----A---- C:\Windows\system32\NlsData0027.dll
2008-08-29 14:15:40 ----A---- C:\Windows\system32\NlsData0011.dll
2008-08-29 14:15:40 ----A---- C:\Windows\system32\NlsData0007.dll
2008-08-29 14:15:40 ----A---- C:\Windows\system32\NlsData0001.dll
2008-08-29 14:15:39 ----A---- C:\Windows\system32\NlsData002a.dll
2008-08-29 14:15:39 ----A---- C:\Windows\system32\NlsData0024.dll
2008-08-29 14:15:39 ----A---- C:\Windows\system32\NlsData0022.dll
2008-08-29 14:15:39 ----A---- C:\Windows\system32\NlsData0021.dll
2008-08-29 14:15:39 ----A---- C:\Windows\system32\NlsData001a.dll
2008-08-29 14:15:39 ----A---- C:\Windows\system32\NlsData0018.dll
2008-08-29 14:15:39 ----A---- C:\Windows\system32\NlsData000f.dll
2008-08-29 14:15:39 ----A---- C:\Windows\system32\NlsData0002.dll
2008-08-29 14:15:36 ----A---- C:\Windows\system32\NlsData0019.dll
2008-08-29 14:15:34 ----A---- C:\Windows\system32\NlsData0816.dll
2008-08-29 14:15:34 ----A---- C:\Windows\system32\NlsData001d.dll
2008-08-29 14:15:34 ----A---- C:\Windows\system32\NlsData0010.dll
2008-08-29 14:15:33 ----A---- C:\Windows\system32\NlsData0013.dll
2008-08-29 14:15:32 ----A---- C:\Windows\system32\NlsData0049.dll
2008-08-29 14:15:32 ----A---- C:\Windows\system32\NlsData0039.dll
2008-08-29 14:15:32 ----A---- C:\Windows\system32\NlsData0020.dll
2008-08-29 14:15:31 ----A---- C:\Windows\system32\NlsData0416.dll
2008-08-29 14:15:31 ----A---- C:\Windows\system32\NlsData0414.dll
2008-08-29 14:15:30 ----A---- C:\Windows\system32\NlsData004c.dll
2008-08-29 14:15:30 ----A---- C:\Windows\system32\NlsData004a.dll
2008-08-29 14:15:30 ----A---- C:\Windows\system32\NlsData0047.dll
2008-08-29 14:15:29 ----A---- C:\Windows\system32\NlsData0c1a.dll
2008-08-29 14:15:29 ----A---- C:\Windows\system32\NlsData081a.dll
2008-08-29 14:15:29 ----A---- C:\Windows\system32\NlsData001b.dll
2008-08-29 14:15:28 ----A---- C:\Windows\system32\NlsData004e.dll
2008-08-29 14:15:28 ----A---- C:\Windows\system32\NlsData004b.dll
2008-08-29 14:15:28 ----A---- C:\Windows\system32\NlsData0046.dll
2008-08-29 14:15:28 ----A---- C:\Windows\system32\NlsData0045.dll
2008-08-29 14:15:28 ----A---- C:\Windows\system32\NlsData0026.dll
2008-08-29 14:15:28 ----A---- C:\Windows\system32\NlsData0000.dll
2008-08-29 14:15:27 ----A---- C:\Windows\system32\NlsData0003.dll
2008-08-29 14:15:05 ----A---- C:\Windows\system32\NlsModels0011.dll
2008-08-29 14:15:05 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2008-08-29 14:15:03 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2008-08-29 14:15:02 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2008-08-29 14:15:01 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2008-08-29 14:15:00 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2008-08-29 14:14:59 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2008-08-29 14:14:58 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2008-08-29 14:14:58 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2008-08-29 14:14:56 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2008-08-29 14:14:56 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2008-08-29 14:14:55 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2008-08-29 14:14:54 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2008-08-29 14:14:54 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2008-08-29 14:14:52 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2008-08-29 14:14:51 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2008-08-29 14:14:50 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2008-08-29 14:14:49 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2008-08-29 14:14:49 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2008-08-29 14:14:48 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2008-08-29 14:14:47 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2008-08-29 14:14:47 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2008-08-29 14:14:46 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2008-08-29 14:14:45 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2008-08-29 14:14:44 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2008-08-29 14:14:41 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2008-08-29 14:14:37 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2008-08-29 14:14:36 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2008-08-29 14:14:36 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2008-08-29 14:14:36 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2008-08-29 14:14:36 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2008-08-29 14:14:35 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2008-08-29 14:14:35 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2008-08-29 14:14:35 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2008-08-29 14:14:35 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2008-08-29 14:14:35 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2008-08-29 14:14:34 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2008-08-29 14:14:34 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2008-08-29 14:14:24 ----A---- C:\Windows\system32\mshtml.dll
2008-08-29 14:14:23 ----A---- C:\Windows\system32\ieframe.dll
2008-08-29 14:14:22 ----A---- C:\Windows\system32\wininet.dll
2008-08-29 14:14:22 ----A---- C:\Windows\system32\urlmon.dll
2008-08-29 14:14:22 ----A---- C:\Windows\system32\mshtmled.dll
2008-08-29 14:14:21 ----A---- C:\Windows\system32\mstime.dll
2008-08-29 14:14:21 ----A---- C:\Windows\system32\ieapfltr.dll
2008-08-29 14:14:21 ----A---- C:\Windows\system32\ie4uinit.exe
2008-08-29 14:14:21 ----A---- C:\Windows\system32\advpack.dll
2008-08-29 14:14:20 ----A---- C:\Windows\system32\pngfilt.dll
2008-08-29 14:14:20 ----A---- C:\Windows\system32\jsproxy.dll
2008-08-29 14:14:20 ----A---- C:\Windows\system32\ieUnatt.exe
2008-08-29 14:14:20 ----A---- C:\Windows\system32\ieui.dll
2008-08-29 14:14:20 ----A---- C:\Windows\system32\iesetup.dll
2008-08-29 14:14:20 ----A---- C:\Windows\system32\iernonce.dll
2008-08-29 14:14:20 ----A---- C:\Windows\system32\icardie.dll
2008-08-29 14:14:20 ----A---- C:\Windows\system32\dxtrans.dll
2008-08-29 14:14:20 ----A---- C:\Windows\system32\dxtmsft.dll
2008-08-29 14:14:00 ----A---- C:\Windows\system32\shell32.dll
2008-08-29 14:13:40 ----A---- C:\Windows\system32\es.dll
2008-08-29 14:13:36 ----A---- C:\Windows\system32\winipsec.dll
2008-08-29 14:13:36 ----A---- C:\Windows\system32\polstore.dll
2008-08-29 14:13:36 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-08-29 14:13:36 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2008-08-29 14:09:24 ----A---- C:\Windows\system32\quartz.dll
2008-08-29 13:54:03 ----D---- C:\Users\sthigpen\AppData\Roaming\U3
2008-07-13 22:13:37 ----A---- C:\Windows\system32\javaws.exe
2008-07-13 22:13:37 ----A---- C:\Windows\system32\javaw.exe
2008-07-13 22:13:37 ----A---- C:\Windows\system32\java.exe
2008-07-05 15:44:10 ----D---- C:\Users\sthigpen\AppData\Roaming\skypePM
2008-07-05 15:41:05 ----D---- C:\Users\sthigpen\AppData\Roaming\Skype
2008-07-05 15:38:35 ----D---- C:\Program Files\Skype
2008-07-05 15:38:34 ----D---- C:\Program Files\Common Files\Skype
2008-07-05 15:38:19 ----D---- C:\ProgramData\Skype
2008-06-27 14:16:41 ----D---- C:\ProgramData\MSScanAppDataDir
2008-06-25 07:31:53 ----D---- C:\Program Files\Common Files\Scanner
2008-06-25 07:19:35 ----A---- C:\Windows\system32\vetredir.dll
2008-06-25 07:19:35 ----A---- C:\Windows\system32\isafeif.dll
2008-06-25 07:19:18 ----D---- C:\Program Files\CA
2008-06-25 07:12:11 ----D---- C:\Windows\Sun
2008-06-25 07:02:16 ----HD---- C:\Config.msi

======List of files/folders modified in the last 3 months======

2008-09-24 22:36:40 ----D---- C:\Windows\Prefetch
2008-09-24 22:36:00 ----D---- C:\Temp
2008-09-24 22:23:21 ----RD---- C:\Program Files
2008-09-24 22:12:18 ----D---- C:\Windows\Temp
2008-09-24 22:02:02 ----D---- C:\Windows\System32
2008-09-24 22:02:02 ----D---- C:\Windows\inf
2008-09-24 22:02:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-09-24 21:57:43 ----D---- C:\Windows\SMINST
2008-09-24 02:50:30 ----SHD---- C:\System Volume Information
2008-09-24 00:10:49 ----D---- C:\Windows\Logs
2008-09-23 23:32:44 ----D---- C:\ProgramData\Acronis
2008-09-13 22:43:59 ----D---- C:\SharonsFiles
2008-09-11 16:57:42 ----D---- C:\Windows\system32\drivers
2008-09-07 20:40:49 ----D---- C:\Windows\system32\WDI
2008-09-04 18:09:24 ----D---- C:\Windows\system32\catroot2
2008-08-29 19:13:48 ----D---- C:\Windows\Microsoft.NET
2008-08-29 19:13:44 ----RSD---- C:\Windows\assembly
2008-08-29 18:55:21 ----D---- C:\Windows\winsxs
2008-08-29 18:55:16 ----D---- C:\Windows\system32\catroot
2008-08-29 18:54:59 ----ASH---- C:\Program Files\desktop.ini
2008-08-29 18:51:05 ----D---- C:\Windows
2008-08-29 18:50:53 ----D---- C:\Windows\system32\en-US
2008-08-29 18:50:53 ----D---- C:\Windows\ehome
2008-08-29 18:50:51 ----D---- C:\Windows\system32\migration
2008-08-29 18:50:51 ----D---- C:\Windows\AppPatch
2008-08-29 18:50:51 ----D---- C:\Program Files\Windows Mail
2008-08-29 18:50:51 ----D---- C:\Program Files\Internet Explorer
2008-08-29 14:42:52 ----SHD---- C:\Windows\Installer
2008-08-29 14:25:09 ----A---- C:\Windows\win.ini
2008-08-20 23:33:44 ----SD---- C:\Users\sthigpen\AppData\Roaming\Microsoft
2008-08-05 18:31:56 ----D---- C:\Program Files\Mozilla Thunderbird
2008-08-05 11:11:02 ----A---- C:\Windows\system32\mrt.exe
2008-08-04 00:35:11 ----D---- C:\Railroad Map 3
2008-08-01 16:16:38 ----D---- C:\Program Files\Mozilla Firefox
2008-07-13 22:13:37 ----D---- C:\Program Files\Java
2008-07-10 17:09:06 ----D---- C:\Program Files\Adobe
2008-07-05 15:44:15 ----HD---- C:\ProgramData
2008-07-05 15:38:34 ----D---- C:\Program Files\Common Files
2008-06-25 07:38:52 ----A---- C:\caisslog.txt
2008-06-25 07:32:21 ----D---- C:\Windows\system32\Tasks
2008-06-25 07:32:20 ----D---- C:\Windows\Tasks
2008-06-25 07:32:02 ----D---- C:\Windows\Downloaded Installations
2008-06-25 07:19:36 ----A---- C:\caavsetupLog.txt
2008-06-25 07:19:25 ----D---- C:\ProgramData\CA
2008-06-25 07:03:47 ----A---- C:\Windows\SYSTEM.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 VETEFILE;VET File Scan Engine; C:\Windows\system32\drivers\VETEFILE.sys [2008-06-25 880560]
R1 VETFDDNT;VET Floppy Boot Sector Monitor; C:\Windows\system32\drivers\VETFDDNT.sys [2008-09-09 21488]
R1 VET-FILT;VET File System Filter; C:\Windows\system32\drivers\VET-FILT.sys [2008-09-09 26352]
R1 VETMONNT;VET File Monitor; C:\Windows\system32\drivers\VETMONNT.sys [2008-09-09 32240]
R1 VET-REC;VET File System Recognizer; C:\Windows\system32\drivers\VET-REC.sys [2008-09-09 21104]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-15 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-15 37376]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2007-08-30 39264]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-12 1044984]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-11-15 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 182272]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-03 1065384]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-02-28 4465184]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-08-30 82432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
R3 VETEBOOT;VET Boot Scan Engine; C:\Windows\system32\drivers\VETEBOOT.sys [2008-06-25 108368]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2007-11-15 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-12 1044984]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-04-28 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-28 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-28 29184]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-02-22 159232]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-18 1380864]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 Ser2pl;Prolific2 Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2005-11-04 48640]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-10-16 230944]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 CAISafe;CAISafe; C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe [2008-06-02 144696]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-03-28 270431]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-06-05 61440]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 ITMRTSVC;CA Pest Patrol Realtime Protection Service; C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe [2007-09-26 283912]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 SpotGPSMaxim;Spot GPS Maxim; C:\Users\Public\Public Apps\ALK Technologies\CoPilot Laptop\Services\Spot2741.exe [2007-08-30 610425]
R2 VETMSGNT;VET Message Service; C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe [2008-09-09 255216]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 Vongo Service;Vongo Service; C:\Program Files\Vongo\VongoService.exe [2007-03-29 176128]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
R3 CaCCProvSP;CaCCProvSP; C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe [2008-09-09 214256]
R3 PPCtlPriv;PPCtlPriv; C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe [2008-09-09 185584]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-03-28 118877]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-11-09 181784]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]

-----------------EOF-----------------

noahdfear · 2008/09/25

Welcome to WindowsBBS thito01

I don't see any signs of infection in your logs. Have you run checkdisk, or any other drive fitness test?
Are you seeing any errors in Device Manager?
Have you tried disabling any of the startups, like Windows Defender, CA, Acronis, to see if any of them are culprit?

I don't expect it would cause a startup problem, but I did notice incorrect environment variable settings. They would cause command line applications or commands to be executed from the wrong starting point is all. If you want to fix that let me know.

Log in or Sign up

10 minutes to boot. Here are some logs.

thito01 Inactive Thread Starter

thito01 Inactive Thread Starter

noahdfear Inactive

Share This Page

Log in or Sign up

10 minutes to boot. Here are some logs.

thito01 Inactive Thread Starter

thito01 Inactive Thread Starter

noahdfear Inactive

Share This Page

Useful Searches