Author Topic: Control Panel Freezes (Read 1153 times)

NuCK · « **on:** February 17, 2010, 11:41:45 AM »

Hi again

This is for another PC of mine.

I've got this really weird problem. My control panel freezes everytime I open it. It takes a good 20 mins for it to load the icons in the control panel (it'll freeze and show the windows searching icon with the torchlight briefly, and then freeze again). However, once the icons are loaded, I'm able to run common tasks normally (add/remove program, system, sound, etc etc).

Other parts of the system seems to be fine. Only my control panel is affected.

Here's my hijack this log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:34 AM, on 2/18/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
F:\Program Files\Razer\Krait\razerhid.exe
F:\Program Files\Java\jre6\bin\jusched.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Razer\Krait\razerofa.exe
f:\program files\idt\5902xp_6033v_012208\wdm\STacSV.exe
F:\Program Files\McAfee.com\Agent\mcagent.exe
F:\WINDOWS\system32\RUNDLL32.EXE
F:\Program Files\IDT\WDM\sttray.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
F:\Program Files\Windows Live\Messenger\msnmsgr.exe
F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\McAfee\SiteAdvisor\McSACore.exe
F:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
f:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
F:\WINDOWS\system32\rundll32.exe
f:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
F:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
F:\Program Files\McAfee\MPF\MPFSrv.exe
F:\Program Files\McAfee\MSK\MskSrver.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Windows Live\Contacts\wlcomm.exe
F:\Program Files\BitComet\BitComet.exe
F:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
F:\Program Files\Java\jre6\bin\jucheck.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://malaysia.search.yahoo.com/search?fr=mcafee&p=%s
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - f:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - F:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - F:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Krait] F:\Program Files\Razer\Krait\razerhid.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] F:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [mcagent_exe] "F:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] F:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TaskSwitchXP] F:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TaskSwitchXP] F:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://F:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D9B3B1A-0D51-4AD6-BBEC-699D346E6A2C}: NameServer = 202.188.0.133 202.188.1.5
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - F:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - F:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - F:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - f:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - f:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - F:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - F:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - f:\program files\idt\5902xp_6033v_012208\wdm\STacSV.exe

--
End of file - 8268 bytes

guestolo · « **Reply #1 on:** February 26, 2010, 11:03:16 PM »

Sorry for the delay, are you still in need of a hand with this computer?

NuCK · « **Reply #2 on:** March 01, 2010, 12:18:56 AM »

Yes please. No worries man as the only problem i have with this PC is with accessing the control panel.

Thanks again!

guestolo · « **Reply #3 on:** March 01, 2010, 10:03:41 PM »

I don't think it's anything malicious, but can we have a bit closer look
Download [color=\"#FF0000\"]OTL.exe[/color][/url] by OldTimer to your Desktop.

Close all windows and double click on OTL.exe to run it
Close all windows and right click on OTL.exe and choose to "Run as Administrator"
Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
You may need to use two posts to get it all.

NOTE: If you have trouble, or an error message trying to post the logs
Can you upload it to a reply box
In a Reply, select "Browse..." on the bottom right and then navigate to the file and select it
Then click "Upload"

NuCK · « **Reply #4 on:** March 05, 2010, 04:57:26 AM »

Woah. It took more than an hour to scan.

OTL logfile created on: 3/5/2010 12:44:58 AM - Run 1
OTL by OldTimer - Version 3.1.33.0 Folder = F:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 71.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): F:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 259.02 Gb Total Space | 63.08 Gb Free Space | 24.35% Space Free | Partition Type: NTFS
Drive D: | 37.10 Gb Total Space | 13.75 Gb Free Space | 37.06% Space Free | Partition Type: NTFS
Drive E: | 37.42 Gb Total Space | 0.44 Gb Free Space | 1.18% Space Free | Partition Type: NTFS
Drive F: | 39.06 Gb Total Space | 21.20 Gb Free Space | 54.28% Space Free | Partition Type: NTFS
Drive G: | 4.29 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-B0B73D7D31
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=\"#E56717\"]========== Processes (SafeList) ==========[/color]

PRC - [2010/03/05 00:43:16 | 000,552,960 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) -- F:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/10/29 06:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- F:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- F:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/09/16 10:22:08 | 000,144,704 | ---- | M] (McAfee, Inc.) -- F:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/09/16 09:28:38 | 000,606,736 | ---- | M] (McAfee, Inc.) -- F:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/07/10 00:26:20 | 000,865,832 | ---- | M] (McAfee, Inc.) -- F:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/08 14:48:48 | 000,026,640 | ---- | M] (McAfee, Inc.) -- F:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- f:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- f:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008/11/28 09:28:34 | 000,446,571 | ---- | M] (IDT, Inc.) -- F:\Program Files\IDT\WDM\sttray.exe
PRC - [2008/11/28 09:28:34 | 000,237,665 | ---- | M] (IDT, Inc.) -- f:\Program Files\IDT\5902XP_6033V_012208\WDM\stacsv.exe
PRC - [2008/09/10 13:01:28 | 000,611,664 | ---- | M] (Lavasoft) -- F:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/07/17 21:50:18 | 002,599,224 | ---- | M] (www.BitComet.com) -- F:\Program Files\BitComet\BitComet.exe
PRC - [2006/09/28 22:13:20 | 000,204,800 | ---- | M] (Anti-Malware Development a.s.) -- F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
PRC - [2006/05/20 22:23:26 | 001,032,192 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\explorer.exe
PRC - [2006/02/04 20:16:34 | 000,062,464 | ---- | M] (Alexander Avdonin) -- F:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
PRC - [2006/01/24 11:38:56 | 000,147,456 | ---- | M] () -- F:\Program Files\Razer\Krait\razerhid.exe
PRC - [2005/12/08 12:42:28 | 000,155,648 | ---- | M] (Razer Inc.) -- F:\Program Files\Razer\Krait\razerofa.exe

[color=\"#E56717\"]========== Modules (SafeList) ==========[/color]

MOD - [2010/03/05 00:43:16 | 000,552,960 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2009/12/08 13:12:24 | 000,014,544 | ---- | M] (McAfee, Inc.) -- f:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2006/05/20 22:23:26 | 001,053,696 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\comctl32.dll

[color=\"#E56717\"]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009/12/08 14:25:28 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- F:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- F:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/09/16 11:23:32 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- F:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/09/16 10:22:08 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- F:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/09/16 09:28:38 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- F:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/07/10 00:26:20 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- F:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 14:48:48 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- F:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- f:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- f:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008/11/28 09:28:34 | 000,237,665 | ---- | M] (IDT, Inc.) [Auto | Running] -- f:\Program Files\IDT\5902XP_6033V_012208\WDM\stacsv.exe -- (STacSV)
SRV - [2008/09/10 13:01:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- F:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2006/09/28 22:13:20 | 000,204,800 | ---- | M] (Anti-Malware Development a.s.) [Auto | Running] -- F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard)
SRV - [2005/10/06 19:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)

[color=\"#E56717\"]========== Driver Services (SafeList) ==========[/color]

DRV - [2009/10/15 01:35:22 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- F:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/09/16 10:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/07/16 12:32:26 | 000,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2008/11/28 09:28:34 | 001,392,498 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008/08/07 19:14:56 | 000,111,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007/10/12 09:40:12 | 000,009,096 | R--- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- F:\WINDOWS\system32\DRIVERS\amdide.sys -- (amdide)
DRV - [2007/05/11 06:03:00 | 006,738,432 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/09/28 22:13:34 | 000,004,096 | ---- | M] () [Kernel | System | Running] -- F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver)
DRV - [2006/09/06 16:04:12 | 004,377,600 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/09/06 00:03:16 | 000,003,968 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\AvgAsCln.sys -- (AvgAsCln)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/05/20 22:23:26 | 000,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006/05/20 22:23:26 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2006/05/16 19:25:02 | 000,018,944 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/05/16 19:25:00 | 000,052,736 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/04/24 17:52:28 | 000,100,736 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- F:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005/12/07 18:27:52 | 000,013,324 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\krait.sys -- (krait03)
DRV - [2005/02/01 23:30:00 | 000,141,246 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- F:\WINDOWS\system32\drivers\NVCAP.SYS -- (nvcap) nVidia WDM Video Capture (universal)
DRV - [2005/02/01 23:30:00 | 000,016,176 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- F:\WINDOWS\system32\drivers\NVXBAR.SYS -- (NVXBAR)
DRV - [2001/08/17 21:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\irsir.sys -- (irsir)

[color=\"#E56717\"]========== Standard Registry (SafeList) ==========[/color]

[color=\"#E56717\"]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\AV, = http://www.altavista.com/sites/search/web?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\FM, = http://www.filemirrors.com/search.src?file=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\Ggl, = http://www.google.com/search?q=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSKB, = http://support.microsoft.com/?kbid=%s
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\MSN, = http://search.msn.com/results.asp?q=%s
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - f:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=\"#E56717\"]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.03
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: F:\Program Files\McAfee\SiteAdvisor [2010/02/18 14:50:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2010/01/07 19:42:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins [2010/01/07 19:42:32 | 000,000,000 | ---D | M]

[2009/07/09 23:57:32 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/02/28 00:23:07 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\fugtnys0.default\extensions
[2009/01/28 01:08:00 | 000,000,000 | ---D | M] (BitComet Download Helper) -- F:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\fugtnys0.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2009/07/09 23:58:33 | 000,000,000 | ---D | M] (Adblock Plus) -- F:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\fugtnys0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/10/18 23:53:50 | 000,002,386 | ---- | M] () -- F:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\fugtnys0.default\searchplugins\siteadvisor.xml
[2010/02/28 00:23:06 | 000,000,000 | ---D | M] -- F:\Program Files\Mozilla Firefox\extensions
[2007/01/06 15:57:53 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2007/01/06 15:57:53 | 000,000,000 | ---D | M] -- F:\Program Files\Mozilla Firefox\extensions\filtersetg@updater
[2008/01/23 14:20:30 | 000,491,520 | ---- | M] (BitComet) -- F:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2006/03/06 11:23:02 | 000,000,232 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\wikipedia.png
[2006/04/14 17:48:08 | 000,001,081 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\wikipedia.src
[2006/03/19 09:50:02 | 000,001,019 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\Wiktionary.png
[2006/03/19 10:15:46 | 000,000,717 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\wiktionary.src

O1 HOSTS File: ([2008/11/25 00:19:55 | 000,288,033 | R--- | M]) - F:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1   www.007guard.com
O1 - Hosts: 127.0.0.1   007guard.com
O1 - Hosts: 127.0.0.1   008i.com
O1 - Hosts: 127.0.0.1   www.008k.com
O1 - Hosts: 127.0.0.1   008k.com
O1 - Hosts: 127.0.0.1   www.00hq.com
O1 - Hosts: 127.0.0.1   00hq.com
O1 - Hosts: 127.0.0.1   010402.com
O1 - Hosts: 127.0.0.1   www.032439.com
O1 - Hosts: 127.0.0.1   032439.com
O1 - Hosts: 127.0.0.1   www.0scan.com
O1 - Hosts: 127.0.0.1   0scan.com
O1 - Hosts: 127.0.0.1   1000gratisproben.com
O1 - Hosts: 127.0.0.1   www.1000gratisproben.com
O1 - Hosts: 127.0.0.1   www.1001namen.com
O1 - Hosts: 127.0.0.1   1001namen.com
O1 - Hosts: 127.0.0.1   100888290cs.com
O1 - Hosts: 127.0.0.1   www.100888290cs.com
O1 - Hosts: 127.0.0.1   100sexlinks.com
O1 - Hosts: 127.0.0.1   www.100sexlinks.com
O1 - Hosts: 127.0.0.1   10sek.com
O1 - Hosts: 127.0.0.1   www.10sek.com
O1 - Hosts: 127.0.0.1   www.123haustiereundmehr.com
O1 - Hosts: 127.0.0.1   123haustiereundmehr.com
O1 - Hosts: 9926 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - f:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - F:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll (BitComet)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - F:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - f:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - f:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] F:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Krait] F:\Program Files\Razer\Krait\razerhid.exe ()
O4 - HKLM..\Run: [mcagent_exe] F:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] F:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] F:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] F:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] F:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RemoteControl] F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SysTrayApp] F:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [TaskSwitchXP] F:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (Alexander Avdonin)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O8 - Extra context menu item: &D&ownload &with BitComet - F:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - F:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - F:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - F:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll (BitComet)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - f:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - F:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - F:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - f:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: F:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: F:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (Anti-Malware Development a.s.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/16 14:44:35 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/01/06 16:01:17 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/09/03 14:28:17 | 000,000,046 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe -- [2007/09/03 11:46:41 | 000,253,952 | R--- | M] (2K Games )
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - F:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

[color=\"#E56717\"]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010/03/05 00:43:45 | 000,552,960 | ---- | C] (OldTimer Tools) -- F:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/02/18 01:22:56 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\My Documents\Bioshock
[2010/02/18 01:22:56 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Administrator\Application Data\Bioshock
[2010/02/18 01:22:51 | 000,000,000 | RH-D | C] -- F:\Documents and Settings\Administrator\Application Data\SecuROM
[2010/02/18 00:19:14 | 000,000,000 | ---D | C] -- F:\Program Files\Trend Micro
[2009/11/03 20:57:13 | 000,000,000 | ---D | M] -- F:\Documents and Settings\LocalService\Application Data\McAfee
[2009/10/18 20:34:09 | 000,000,000 | ---D | M] -- F:\Documents and Settings\LocalService\Application Data\SACore
[2007/01/06 16:03:00 | 000,000,000 | ---D | M] -- F:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2007/01/06 16:02:57 | 000,000,000 | ---D | M] -- F:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2007/01/06 16:01:15 | 000,000,000 | --SD | M] -- F:\Documents and Settings\NetworkService\Application Data\Microsoft
[2007/01/06 16:01:15 | 000,000,000 | --SD | M] -- F:\Documents and Settings\LocalService\Application Data\Microsoft
[5 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ]
[1 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]

[color=\"#E56717\"]========== Files - Modified Within 30 Days ==========[/color]

[2010/03/05 00:43:16 | 000,552,960 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/03/05 00:38:36 | 000,016,347 | ---- | M] () -- F:\WINDOWS\System32\Config.MPF
[2010/03/05 00:35:16 | 000,000,006 | -H-- | M] () -- F:\WINDOWS\tasks\SA.DAT
[2010/03/05 00:35:07 | 000,002,206 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2010/03/05 00:35:04 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2010/03/04 19:05:39 | 010,747,904 | -H-- | M] () -- F:\Documents and Settings\Administrator\NTUSER.DAT
[2010/03/01 00:36:12 | 002,110,928 | -H-- | M] () -- F:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/03/01 00:36:03 | 000,000,162 | ---- | M] () -- F:\WINDOWS\igsmj2002.no
[2010/02/20 21:59:08 | 000,112,128 | ---- | M] () -- F:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/18 01:22:50 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- F:\WINDOWS\System32\CmdLineExt.dll
[2010/02/18 01:20:51 | 000,001,719 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\BioShock.lnk
[2010/02/18 00:19:14 | 000,001,734 | ---- | M] () -- F:\Documents and Settings\Administrator\Desktop\HijackThis.lnk
[2010/02/17 04:44:31 | 000,000,116 | ---- | M] () -- F:\WINDOWS\NeroDigital.ini
[2010/02/15 01:03:25 | 000,000,356 | ---- | M] () -- F:\WINDOWS\tasks\McDefragTask.job
[5 F:\WINDOWS\*.tmp files -> F:\WINDOWS\*.tmp -> ]
[1 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]

[color=\"#E56717\"]========== Files Created - No Company Name ==========[/color]

[2010/02/18 01:20:51 | 000,001,719 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\BioShock.lnk
[2010/02/18 00:19:14 | 000,001,734 | ---- | C] () -- F:\Documents and Settings\Administrator\Desktop\HijackThis.lnk
[2009/10/15 01:35:22 | 000,721,904 | ---- | C] () -- F:\WINDOWS\System32\drivers\sptd.sys
[2009/09/04 20:37:44 | 000,000,013 | ---- | C] () -- F:\WINDOWS\msgtn.ini
[2009/09/04 20:33:00 | 000,000,113 | ---- | C] () -- F:\WINDOWS\PPSMediaList.ini
[2009/09/04 20:32:59 | 000,000,063 | ---- | C] () -- F:\WINDOWS\powerlist.ini
[2009/09/04 20:32:55 | 000,001,451 | ---- | C] () -- F:\WINDOWS\powerplayer.ini
[2009/09/04 20:32:55 | 000,000,886 | ---- | C] () -- F:\WINDOWS\psnetwork.ini
[2008/04/23 21:19:15 | 000,032,768 | ---- | C] () -- F:\WINDOWS\System32\mf.dll
[2008/02/14 03:35:57 | 000,000,023 | ---- | C] () -- F:\WINDOWS\BlendSettings.ini
[2008/02/10 14:31:39 | 000,000,300 | ---- | C] () -- F:\WINDOWS\game.ini
[2007/09/22 18:34:30 | 000,000,025 | ---- | C] () -- F:\WINDOWS\cdplayer.ini
[2007/04/17 15:34:40 | 000,135,716 | ---- | C] () -- F:\WINDOWS\System32\xlive.dll.cat
[2007/04/14 15:57:06 | 000,053,248 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/04/14 15:57:06 | 000,053,248 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/04/14 15:57:06 | 000,053,248 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/04/14 15:57:04 | 000,053,248 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/04/14 15:57:04 | 000,053,248 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/04/14 15:57:04 | 000,053,248 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelKorean.dll
[2007/04/14 15:57:04 | 000,053,248 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/04/14 15:57:04 | 000,053,248 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelGerman.dll
[2007/04/14 15:57:04 | 000,053,248 | ---- | C] () -- F:\WINDOWS\System32\AgCPanelFrench.dll
[2007/02/21 16:37:13 | 000,000,056 | ---- | C] () -- F:\WINDOWS\kgt2k.INI
[2007/01/15 21:59:11 | 000,000,376 | ---- | C] () -- F:\WINDOWS\ODBC.INI
[2007/01/06 17:35:57 | 000,112,128 | ---- | C] () -- F:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/06 17:24:32 | 000,000,116 | ---- | C] () -- F:\WINDOWS\NeroDigital.ini
[2007/01/06 17:15:50 | 000,000,000 | ---- | C] () -- F:\WINDOWS\muveeapp.INI
[2007/01/06 16:49:37 | 000,147,456 | ---- | C] () -- F:\WINDOWS\System32\RtlCPAPI.dll
[2006/12/13 00:30:26 | 003,596,288 | ---- | C] () -- F:\WINDOWS\System32\qt-dx331.dll
[2006/12/13 00:24:42 | 000,012,288 | ---- | C] () -- F:\WINDOWS\System32\DivXWMPExtType.dll
[2006/06/01 17:22:00 | 001,703,936 | ---- | C] () -- F:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/01 17:22:00 | 001,474,560 | ---- | C] () -- F:\WINDOWS\System32\nview.dll
[2006/06/01 17:22:00 | 001,019,904 | ---- | C] () -- F:\WINDOWS\System32\nvwimg.dll
[2006/06/01 17:22:00 | 000,581,632 | ---- | C] () -- F:\WINDOWS\System32\nvhwvid.dll
[2006/06/01 17:22:00 | 000,466,944 | ---- | C] () -- F:\WINDOWS\System32\nvshell.dll
[2006/06/01 17:22:00 | 000,286,720 | ---- | C] () -- F:\WINDOWS\System32\nvnt4cpl.dll
[2006/05/20 22:23:26 | 000,394,240 | ---- | C] () -- F:\WINDOWS\System32\HMTCD.dll
[2006/05/20 22:23:26 | 000,081,920 | ---- | C] () -- F:\WINDOWS\System32\ieencode.dll
[2006/05/20 22:23:26 | 000,061,440 | ---- | C] () -- F:\WINDOWS\System32\CopyToSendTo.dll
[2005/04/28 12:22:34 | 000,831,488 | ---- | C] () -- F:\WINDOWS\System32\libeay32.dll
[2005/04/28 12:22:34 | 000,159,744 | ---- | C] () -- F:\WINDOWS\System32\ssleay32.dll
[2003/01/08 03:05:08 | 000,002,695 | ---- | C] () -- F:\WINDOWS\System32\OUTLPERF.INI

[color=\"#E56717\"]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 120 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >

NuCK · « **Reply #5 on:** March 05, 2010, 04:58:31 AM »

OTL Extras logfile created on: 3/5/2010 12:45:02 AM - Run 1
OTL by OldTimer - Version 3.1.33.0 Folder = F:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 71.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): F:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 259.02 Gb Total Space | 63.08 Gb Free Space | 24.35% Space Free | Partition Type: NTFS
Drive D: | 37.10 Gb Total Space | 13.75 Gb Free Space | 37.06% Space Free | Partition Type: NTFS
Drive E: | 37.42 Gb Total Space | 0.44 Gb Free Space | 1.18% Space Free | Partition Type: NTFS
Drive F: | 39.06 Gb Total Space | 21.20 Gb Free Space | 54.28% Space Free | Partition Type: NTFS
Drive G: | 4.29 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-B0B73D7D31
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=\"#E56717\"]========== Extra Registry (SafeList) ==========[/color]

[color=\"#E56717\"]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[color=\"#E56717\"]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "F:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "F:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=\"#E56717\"]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect
"18299:TCP" = 18299:TCP:*:Enabled:BitComet 18299 TCP
"18299:UDP" = 18299:UDP:*:Enabled:BitComet 18299 UDP
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"54721:TCP" = 54721:TCP:*:Enabled:BitComet 54721 TCP
"54721:UDP" = 54721:UDP:*:Enabled:BitComet 54721 UDP

[color=\"#E56717\"]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"F:\Program Files\BitComet\BitComet.exe" = F:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
"F:\Program Files\Kazaa Lite K++\KazaaLite.kpp" = F:\Program Files\Kazaa Lite K++\KazaaLite.kpp:*:Enabled:KazaaLite -- ()
"C:\Games\World of Warcraft\BackgroundDownloader.exe" = C:\Games\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Games\World of Warcraft\WoW-2.0.3-enUS-downloader.exe" = C:\Games\World of Warcraft\WoW-2.0.3-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Games\World of Warcraft\WoW-2.0.4.6314-to-2.0.5.6320-enUS-downloader.exe" = C:\Games\World of Warcraft\WoW-2.0.4.6314-to-2.0.5.6320-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Games\World of Warcraft\WoW.exe" = C:\Games\World of Warcraft\WoW.exe:*:Enabled:WoW -- (Blizzard Entertainment)
"C:\Games\World of Warcraft\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe" = C:\Games\World of Warcraft\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Games\World of Warcraft\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe" = C:\Games\World of Warcraft\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Games\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe" = C:\Games\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Games\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe" = C:\Games\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"F:\Program Files\LimeWire\LimeWire.exe" = F:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Games\Neverwinter Nights 2\nwn2main.exe" = C:\Games\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main -- File not found
"C:\Games\Neverwinter Nights 2\nwn2main_amdxp.exe" = C:\Games\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD -- File not found
"C:\Games\Neverwinter Nights 2\nwupdate.exe" = C:\Games\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater -- File not found
"C:\Games\Neverwinter Nights 2\nwn2server.exe" = C:\Games\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server -- File not found
"C:\Games\Loki\GameCenter\GameCenter.exe" = C:\Games\Loki\GameCenter\GameCenter.exe:*:Enabled:GameCenter -- (Cyanide)
"C:\Games\Loki\Loki.exe" = C:\Games\Loki\Loki.exe:*:Enabled:Loki -- (Cyanide)
"C:\Games\Loki\Autorun\AutoRun.exe" = C:\Games\Loki\Autorun\AutoRun.exe:*:Enabled:Loki - AutoRun -- (Cyanide)
"C:\Games\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Games\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare(tm) -- ()
"C:\Games\Ghost Recon Advanced Warfighter 2\graw2.exe" = C:\Games\Ghost Recon Advanced Warfighter 2\graw2.exe:*:Enabled:Ghost Recon Advanced WarfighterÂ® 2 -- ()
"C:\Games\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe" = C:\Games\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe:*:Enabled:Ghost Recon Advanced WarfighterÂ® 2 Dedicated Server -- ()
"F:\Program Files\Microsoft Games\Halo 2\halo2.exe" = F:\Program Files\Microsoft Games\Halo 2\halo2.exe:*:Enabled:Halo 2 -- (Microsoft Corporation)
"F:\Program Files\Ubisoft\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe" = F:\Program Files\Ubisoft\Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:Disabled:SplinterCell4 -- ()
"C:\Games\Unreal Tournament 3\Binaries\UT3.exe" = C:\Games\Unreal Tournament 3\Binaries\UT3.exe:*:Enabled:UT3 -- ()
"C:\Games\Battlefield 2142\BF2142.exe" = C:\Games\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2 -- ()
"F:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = F:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.)
"C:\Downloads\ppstreamsetup.exe" = C:\Downloads\ppstreamsetup.exe:*:Enabled:PPStream Installer -- (PPStream Inc.)
"F:\Program Files\PPStream\PPStream.exe" = F:\Program Files\PPStream\PPStream.exe:*:Enabled:PPSÃÃ¸Ã‚Ã§ÂµÃ§ÃŠÃ“ -- (PPStream Inc.)
"F:\Program Files\PPStream\PPSAP.exe" = F:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS ÃÃ¸Ã‚Ã§Â¼Ã“Ã‹Ã™Ã†Ã· -- (PPStream Inc)

[color=\"#E56717\"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{038CE313-BED2-4C82-A8DD-4FB827B85C5C}" = Unreal Tournament 3
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = Halo 2 for Windows Vista
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(tm) 6 Update 11
"{2FB04107-7BC2-449C-915A-530B29B5E0FE}" = UE3Redist
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(tm) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(tm) 6 Update 3
"{3475AD55-62C2-4BB3-A7E7-86EB93FCB4DB}" = BioShock
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68AD6F25-07A0-4CFE-9555-A30633329B08}" = muvee autoProducer 3.5 magicMoments
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7148F0A8-6813-11D6-A77B-00B0D0142020}" = Java 2 Runtime Environment, SE v1.4.2_02
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = AusLogics BoostSpeed
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders
"{839916F4-D8B5-4407-BE6D-6D4EB9D96AF4}" = LIVE gaming on Windows Runtime Version 1.0.6027
"{88C1D078-7F04-4DC3-967C-3FDFAC33E2F3}" = Splinter Cell Chaos Theory
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{B023185F-F1EF-4F97-B0BD-AE6D802226D1}" = NVIDIA WDM Drivers
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare(tm)
"{E6DA58C0-4EC5-4F5E-B73E-2F22ED30ACFC}" = Razer Krait
"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced WarfighterÂ® 2
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Illustrator CS2" = Adobe Illustrator CS2
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Audacity_is1" = Audacity 1.2.6
"AVGAntiSpyware75" = AVG Anti-Spyware 7.5
"BitComet" = BitComet 1.03
"BitComet Acceleration Patch" = BitComet Acceleration Patch
"GameCenter" = GameCenter
"Halo 2" = Halo 2 for Windows Vista
"HijackThis" = HijackThis 2.0.2
"InstallShield_{2FB04107-7BC2-449C-915A-530B29B5E0FE}" = UE3Redist
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare(tm)
"kazaalite202_is1" = Kazaa Lite K++ v2.4.2
"LimeWire" = LimeWire PRO 4.18.5
"Loki" = Loki
"Loki_is1" = Loki
"Mah Jong Quest_is1" = Mah Jong Quest
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.0.17)" = Mozilla Firefox (3.0.17)
"MSC" = McAfee SecurityCenter
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Ã•Ã¾Ã–ÃŽÃ‚Ã©Å’Â¢ÃˆÃ½ÃˆÂ±Ã’Â»2004" = Ã•Ã¾Ã–ÃŽÃ‚Ã©Å’Â¢ÃˆÃ½ÃˆÂ±Ã’Â»2004
"PPStream" = PPStream V2.6.86.8900 Final
"RealAlt_is1" = Real Alternative 1.9.0
"SpywareBlaster_is1" = SpywareBlaster 4.1
"VLC media player" = VideoLAN VLC media player 0.8.2
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"æœ¸ç¬£ã„œã„œéš´é™Žï¡‡ïŸ»ç¨2002ç¬¢æ…å”³" = æœ¸ç¬£ã„œã„œéš´é™Žï¡‡ïŸ»ç¨2002ç¬¢æ…å”³

[color=\"#E56717\"]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2/28/2010 3:17:37 AM | Computer Name = HOME-B0B73D7D31 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 2/28/2010 3:17:37 AM | Computer Name = HOME-B0B73D7D31 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 2/28/2010 3:17:37 AM | Computer Name = HOME-B0B73D7D31 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 2/28/2010 3:17:37 AM | Computer Name = HOME-B0B73D7D31 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 2/28/2010 4:28:48 AM | Computer Name = HOME-B0B73D7D31 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 2/28/2010 4:28:48 AM | Computer Name = HOME-B0B73D7D31 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 2/28/2010 4:28:49 AM | Computer Name = HOME-B0B73D7D31 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 2/28/2010 4:28:49 AM | Computer Name = HOME-B0B73D7D31 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.

Error - 2/28/2010 7:02:12 AM | Computer Name = HOME-B0B73D7D31 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 2/28/2010 7:02:12 AM | Computer Name = HOME-B0B73D7D31 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The specified server cannot perform the requested operation.

[ System Events ]
Error - 3/2/2010 11:45:21 PM | Computer Name = HOME-B0B73D7D31 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 3/2/2010 11:45:21 PM | Computer Name = HOME-B0B73D7D31 | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM Video Capture (universal) service failed to start due
to the following error: %%1058

Error - 3/2/2010 11:45:21 PM | Computer Name = HOME-B0B73D7D31 | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM A/V Crossbar service failed to start due to the following
error: %%1058

Error - 3/3/2010 9:32:52 AM | Computer Name = HOME-B0B73D7D31 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 3/3/2010 9:32:52 AM | Computer Name = HOME-B0B73D7D31 | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM Video Capture (universal) service failed to start due
to the following error: %%1058

Error - 3/3/2010 9:32:52 AM | Computer Name = HOME-B0B73D7D31 | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM A/V Crossbar service failed to start due to the following
error: %%1058

Error - 3/4/2010 12:35:11 PM | Computer Name = HOME-B0B73D7D31 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.2 for the Network Card with network
address 00251114057C has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 3/4/2010 12:36:36 PM | Computer Name = HOME-B0B73D7D31 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058

Error - 3/4/2010 12:36:36 PM | Computer Name = HOME-B0B73D7D31 | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM Video Capture (universal) service failed to start due
to the following error: %%1058

Error - 3/4/2010 12:36:36 PM | Computer Name = HOME-B0B73D7D31 | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM A/V Crossbar service failed to start due to the following
error: %%1058

< End of report >

guestolo · « **Reply #6 on:** March 06, 2010, 12:52:28 PM »

Can you do the following please

Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
IMPORTANT>>>Change the Save as Type to All Files.
Name the file as look.bat

Save this file on the desktop

Code: [Select]

dir C:\Windows\system32\*.cpl /a h > files.txt notepad files.txt

Double click on look.bat
A doslike window will open/close very quickly
On your desktop will be a text file called files.txt
Please post the contents of that file

NuCK · « **Reply #7 on:** March 08, 2010, 08:51:37 AM »

Ok done. But files.txt is empty.

NuCK · « **Reply #8 on:** March 08, 2010, 08:53:02 AM »

oh! my windows folder is in f:.

here are the contents.

Volume in drive F has no label.
Volume Serial Number is 2C6C-81E5

Directory of f:\Windows\system32

05/20/2006 10:23 PM 68,608 access.cpl
11/17/2006 05:40 AM 18,804,736 alsndmgr.cpl
05/20/2006 10:23 PM 549,888 appwiz.cpl
05/20/2006 10:23 PM 55,296 AutoPlay.cpl
05/20/2006 10:23 PM 55,296 BootVis.cpl
05/20/2006 10:23 PM 110,592 bthprops.cpl
05/20/2006 10:23 PM 125,952 cttune.cpl
05/20/2006 10:23 PM 135,168 desk.cpl
05/20/2006 10:23 PM 80,896 firewall.cpl
05/20/2006 10:23 PM 155,136 hdwwiz.cpl
05/20/2006 10:23 PM 55,296 Hoster.cpl
11/28/2008 09:28 AM 8,106,089 idtsg.cpl
05/20/2006 10:23 PM 358,400 inetcpl.cpl
05/20/2006 10:23 PM 129,536 intl.cpl
05/20/2006 10:23 PM 380,416 irprops.cpl
04/16/2004 11:24 AM 61,440 ISUSPM.cpl
01/11/2009 03:03 PM 73,728 javacpl.cpl
05/20/2006 10:23 PM 68,608 joy.cpl
12/08/2005 02:43 PM 65,536 krait.cpl
05/20/2006 10:23 PM 187,904 main.cpl
05/20/2006 10:23 PM 55,296 MemTest.cpl
05/20/2006 10:23 PM 618,496 mmsys.cpl
05/20/2006 10:23 PM 55,296 MSCONFIG.cpl
05/20/2006 10:23 PM 131,072 msicuu.cpl
05/20/2006 10:23 PM 55,296 MS_TimeZone.cpl
05/20/2006 10:23 PM 35,840 ncpa.cpl
05/20/2006 10:23 PM 25,600 netsetup.cpl
05/20/2006 10:23 PM 257,024 nusrmgr.cpl
05/11/2007 06:03 AM 413,696 nvcpl.cpl
05/11/2007 06:03 AM 73,728 nvtuicpl.cpl
05/20/2006 10:23 PM 36,864 nwc.cpl
05/20/2006 10:23 PM 32,768 odbccp32.cpl
04/14/2007 03:59 PM 489,000 PhysX.cpl
05/20/2006 10:23 PM 114,688 powercfg.cpl
05/20/2006 10:23 PM 55,296 REGEDIT.CPL
11/25/2001 05:18 PM 131,072 RegTweak.cpl
08/18/2006 06:58 AM 282,624 RTSndMgr.Cpl
05/20/2006 10:23 PM 55,296 SAFEXP.cpl
05/20/2006 10:23 PM 55,296 Services.cpl
05/20/2006 10:23 PM 55,296 Startup.cpl
05/20/2006 10:23 PM 298,496 sysdm.cpl
05/20/2006 10:23 PM 28,160 telephon.cpl
05/20/2006 10:23 PM 94,208 timedate.cpl
05/20/2006 10:23 PM 55,296 Updates.cpl
05/20/2006 10:23 PM 148,480 wscui.cpl
06/15/2005 12:43 PM 174,360 wuaucpl.cpl
46 File(s) 33,457,065 bytes

Directory of F:\Documents and Settings\Administrator\Desktop

Directory of F:\Documents and Settings\Administrator\Desktop

Directory of F:\Documents and Settings\Administrator\Desktop

03/08/2010 09:49 PM 0 files.txt
1 File(s) 0 bytes
0 Dir(s) 22,547,906,560 bytes free

guestolo · « **Reply #9 on:** March 09, 2010, 01:37:26 PM »

Let's try a fix meant for Windows 2000, but it should help us also

On your desktop can you create a Temp folder
Right click an empty spot on desktop and select NEW>FOLDER
Name that new folder Temp

Navigate to the following folder
F:\Windows\system32
In the System32 folder
Let's ensure that File extensions are not hidden
Click on TOOLS>>FOLDER OPTIONS
Open the VIEW tab
Untick "Hide Extensions for know file types"
Apply and OK it

Then cliick on VIEW>>DETAILS at the top menu bar
In the NAME,TYPE,SIZE selection bar click on TYPE, to put all files in group selection types
Scroll down and find all the .cpl extensions
They are all Control Panel Extensions

Highlight all the file names with the .cpl extension and right click on them
Select CUT
Paste them to that TEMP folder on your desktop
many of the .cpl files will be restored immediately, but not all
Now open Windows Control Panel, does it still freeze?

NuCK · « **Reply #10 on:** March 13, 2010, 02:30:19 AM »

Awesome! No more freezing.

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

There are only 15 icons left in my control panel though heh.

guestolo · « **Reply #11 on:** March 13, 2010, 06:08:14 PM »

By Trial and Error, can you find which of the .cpl files in your Temp folder is causing the freeze

Simply Open the System32 folder
Arrange it so the .cpl files are together as before
Then from your Temp folder on your desktop
Copy/paste one at a time the .cpl's that are missing in the System32 folder

After replacing each one, try opening the Control Panel till you find the one causing the freezing

NuCK · « **Reply #12 on:** March 21, 2010, 03:17:24 AM »

Thanks so much. Finally got around to doing it. Works great now.

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

However here are the problem files. These files take forever to access. Cutting and pasting them from a folders 'Temp' to 'Temp2' take forever too. Are these files corrupted? Are they sitting on bad HardDisk blocks? If they are does that mean my HardDisk is dying? If it is i've got to backup my data fast!

Volume in drive F has no label.
Volume Serial Number is 2C6C-81E5

Directory of F:\Documents and Settings\Administrator\Desktop\Temp2

03/21/2010 04:05 PM <DIR> .
03/21/2010 04:05 PM <DIR> ..
05/20/2006 10:23 PM 55,296 AutoPlay.cpl
05/20/2006 10:23 PM 55,296 BootVis.cpl
05/20/2006 10:23 PM 125,952 cttune.cpl
03/21/2010 04:07 PM 0 files.txt
05/20/2006 10:23 PM 55,296 Hoster.cpl
05/20/2006 10:23 PM 55,296 MemTest.cpl
05/20/2006 10:23 PM 618,496 mmsys.cpl
05/20/2006 10:23 PM 55,296 MSCONFIG.cpl
05/20/2006 10:23 PM 55,296 REGEDIT.CPL
11/25/2001 05:18 PM 131,072 RegTweak.cpl
05/20/2006 10:23 PM 55,296 SAFEXP.cpl
05/20/2006 10:23 PM 55,296 Services.cpl
05/20/2006 10:23 PM 55,296 Startup.cpl
05/20/2006 10:23 PM 55,296 Updates.cpl

Directory of F:\Documents and Settings\Administrator\Desktop\Temp2

Directory of F:\Documents and Settings\Administrator\Desktop\Temp2

03/21/2010 04:07 PM 0 files.txt
15 File(s) 1,428,480 bytes
2 Dir(s) 22,171,873,280 bytes free

Thanks man

guestolo · « **Reply #13 on:** March 21, 2010, 02:20:19 PM »

Quote

Are these files corrupted? Are they sitting on bad HardDisk blocks? If they are does that mean my HardDisk is dying?

I really can't give you an answer to that
You did the following

Quote

Cutting and pasting them from a folders 'Temp' to 'Temp2' take forever too.

I asked that you do the following

Quote

Simply Open the System32 folder
Arrange it so the .cpl files are together as before
Then from your Temp folder on your desktop
Copy/paste one at a time the .cpl's that are missing in the System32 folder

After replacing each one, try opening the Control Panel till you find the one causing the freezing

Did you try that?

NuCK · « **Reply #14 on:** March 22, 2010, 11:11:23 AM »

Yeah i've done that and most of my control panel icons are back. That last list was for the icons that were giving me problems. All 13 files in the last list were freezing up my control panel.

TheTechGuide Forum

News:

Author Topic: Control Panel Freezes (Read 1153 times)

NuCK

Control Panel Freezes

guestolo

Control Panel Freezes

NuCK

Control Panel Freezes

guestolo

Control Panel Freezes

NuCK

Control Panel Freezes

NuCK

Control Panel Freezes

guestolo

Control Panel Freezes

NuCK

Control Panel Freezes

NuCK

Control Panel Freezes

guestolo

Control Panel Freezes

NuCK

Control Panel Freezes

guestolo

Control Panel Freezes

NuCK

Control Panel Freezes

guestolo

Control Panel Freezes

NuCK

Control Panel Freezes