However I have now found some possible trigger files so lets kill them and see what happens. For the duration of this fix you may lose the desktop
Start OTScanit. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.
[Kill Explorer] [Files/Folders - Created Within 90 days] NY -> 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp [Files Created - Additional Folder Scans - Non-Microsoft Only] NY -> @Alternate Data Stream - 112 bytes -> %AllUsersProfile%\TEMP:DFC5A2B2 NY -> DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini NY -> Installer5332 -> %UserProfile%\AppData\Local\Installer5332 NY -> Installer5864 -> %UserProfile%\AppData\Local\Installer5864 [Files/Folders - Modified Within 90 days] NY -> 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 NY -> 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 NY -> 1 C:\Windows\*.tmp files -> C:\Windows\*.tmp NY -> C:\Users\Drew\AppData\Local\Temp\ -> C:\Users\Drew\AppData\Local\Temp NY -> aupd.exe -> C:\Users\Drew\AppData\Local\Temp\aupd.exe NY -> 4 C:\Users\Drew\AppData\Local\Temp\*.tmp files -> C:\Users\Drew\AppData\Local\Temp\*.tmp [Files Modified - Additional Folder Scans - Non-Microsoft Only] NY -> @Alternate Data Stream - 112 bytes -> %AllUsersProfile%\TEMP:DFC5A2B2 NY -> DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini NY -> Installer5332 -> %UserProfile%\AppData\Local\Installer5332 NY -> Installer5864 -> %UserProfile%\AppData\Local\Installer5864 [Empty Temp Folders]
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new Hijackthis log.
I will review the information when it comes back in.
Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.