I went on a joke website and windows defender said it had detected and blocked program A.exe or something like that. I clicked continue blocking. Then nod32 popped up and said it had discovered a trojan. I cleaned the registry and temp internet files. however whenever I tried to go to a site, yahoo.com for instance, i would be redirected to an ad site like freemoney.com or something like that. I did a system restore and disabled/reenabled system restore. The problems seem gone. I just want to get another opinion.
Thank you,
Jake

heres my logfile
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:43:24 PM, on 9/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Intel\IDU\IDUServ.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Intel\IDU\iptray.exe
C:\Program Files\Intel\IDU\awtray.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\FarStone\GameDrive\GDP\GDTask.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\SYSTEM32\taskmgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ipTray.exe] "C:\Program Files\Intel\IDU\iptray.exe"
O4 - HKLM\..\Run: [awTray.exe] "C:\Program Files\Intel\IDU\awtray.exe"
O4 - HKLM\..\Run: [U.S. Robotics Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [GameDrive] "C:\Program Files\FarStone\GameDrive\GDP\GDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1158802693078
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: Intel® Desktop Utilities Service (iHCService) - OSA Technologies, Inc. - C:\Program Files\Intel\IDU\IDUServ.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: U.S. Robotics Wireless LAN Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 7463 bytes

Hey jp550,

Welcome to Geeks to Go! My name is SpySentinel and I will be helping you fix your computer problem.

Take note that I'm still in training, and my posts will have to be checked by an expert. This may cause delays in between my responses, so I ask for your patience. Please stick with me until we get your computer cleaned up.

I'm currently analyzing your log now, and I'll post back with a fix ASAP. Thanks for your patience.

Download OTViewIt to your desktop.

• Close all windows and open it
• Click Run Scan and let the program run uninterrupted
• It will produce two logs for you, one will pop up called OTViewIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.
• You may need to use two posts to get it all on the forum

thanks. here are the logs
OTViewIt logfile created on: 9/20/2008 4:33:47 PM - Run 1
OTViewIt by OldTimer - Version 1.0.7.1 Folder = C:\Documents and Settings\Jake\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.85% Memory free
3.85 Gb Paging File | 3.49 Gb Available in Paging File | 90.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78.13 Gb Total Space | 1.39 Gb Free Space | 1.77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 677.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 154.76 Gb Total Space | 8.96 Gb Free Space | 5.79% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
Drive H: | 232.88 Gb Total Space | 13.51 Gb Free Space | 5.80% Space Free | Partition Type: NTFS
Drive I: | 465.76 Gb Total Space | 369.35 Gb Free Space | 79.30% Space Free | Partition Type: NTFS

Computer Name: HAL
Current User Name: Jake
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

========== Process Files Modified Within 30 Days ==========

[2005/03/02 12:18:26 | 00,065,536 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE
[2008/03/09 11:20:26 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
[2008/07/08 15:14:24 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe
[2008/09/05 20:40:17 | 00,307,712 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2008/09/20 16:33:31 | 00,418,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jake\Desktop\OTViewIt.exe

========== (O23) Win32 Service Files Modified Within 30 Days ==========

File not found -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2008/03/09 11:20:26 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU [Auto | Running])
[2008/07/08 15:14:24 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])
[2005/03/02 12:18:26 | 00,065,536 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE -- (wltrysvc [Auto | Running])

========== Driver Service Files Modified Within 30 Days ==========

[2008/02/20 11:11:16 | 00,033,800 | ---- | M] () -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir [System | Running])
File not found -- C:\WINDOWS\system32\drivers\iteio.sys -- (iteio [On_Demand | Stopped])
File not found -- C:\WINDOWS\system32\DRIVERS\Si3114r5.sys -- (Si3114r5 [Boot | Stopped])
File not found -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter [Boot | Stopped])
[2004/12/17 17:14:44 | 00,013,952 | ---- | M] () -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper [System | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Start Page"=http://www.google.com/

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
"provider"=yaho

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local

========== (O1) Hosts File ==========

HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
"nwiz"=nwiz.exe /install ()
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)

========== (O4) Startup Folders ==========


========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveAutoRun"=16
"NoCDBurning"=0
"AllowLegacyWebView"=1
"AllowUnhashedWebView"=1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
1 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}: http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab -- CKAVWebScan Object
{17492023-C23A-453E-A040-C7C580BBF700}: http://go.microsoft.com/fwlink/?linkid=39204 -- Windows Genuine Advantage Validation Tool
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}: C:\Program Files\Yahoo!\Common\yinsthelper.dll -- YInstStarter Class
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://update.microsoft.com/microsoftupdat...b?1158802693078 -- MUWebControl Class
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_01
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_02
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_03
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_05
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab -- Shockwave Flash Object

========== (O17) DNS Name Servers ==========

{15E669B5-0004-41C8-B982-5CCF0CA9A1DB} (Servers: | Description: D-Link WUA-1340 USB Adapter)
{1A825682-A57E-4ACD-842A-65E8C1FD44B5} (Servers: | Description: D-Link WUA-1340 USB Adapter)
{41B8AF08-E4A3-4C78-A232-5831ABC9D633} (Servers: | Description: 1394 Net Adapter)
{6133D50E-9A3C-4D23-BA0F-8C773CD11600} (Servers: | Description: D-Link WUA-1340 USB Adapter)
{8F055BB6-EB9D-471D-81A0-14F4C81C38AC} (Servers: | Description: U.S. Robotics Wireless MAXg PCI Adapter)
{9ADCD2AB-FCC7-4351-B27A-6A5711AEC15A} (Servers: | Description: Intel® PRO/1000 PL Network Connection)
{BD3743F1-C800-412E-8B5D-457EE7C6287A} (Servers: | Description: D-Link WUA-1340 USB Adapter)
{ECEEB02F-DB46-4681-ADDE-0F412B78475F} (Servers: | Description: )
{FC2AC109-F36E-4753-8FFD-1A1C1AA6F9E5} (Servers: | Description: D-Link WUA-1340 USB Adapter)

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2006/07/03 16:52:33 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

Autorun.exe [MZ | ]
[2006/05/18 13:52:21 | 04,386,816 | R--- | M] () -- E:\Autorun.exe -- [ CDFS ]

Autorun.inf [[autorun] | icon=Autorun.exe | open=Autorun.exe | ]
[2006/05/18 13:52:21 | 00,000,047 | R--- | M] () -- E:\Autorun.inf -- [ CDFS ]

autorun []
[2006/05/18 13:52:21 | 04,386,816 | R--- | M] () -- E:\autorun.exe -- [ CDFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{577b753c-0af8-11db-8de5-001676879543}\Shell]
""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{577b753c-0af8-11db-8de5-001676879543}\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{577b753c-0af8-11db-8de5-001676879543}\Shell\AutoRun\command]
""=E:\Autorun.exe -- [2006/05/18 13:52:21 | 04,386,816 | R--- | M] ()

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\Shell]
""=AutoRun

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\Shell\AutoRun]
""=Auto&Play


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\Shell\AutoRun\command]
""=I:\LaunchU3.exe -- File not found

========== Files/Folders - Created Within 30 Days ==========

[2 C:\WINDOWS\System32\*.tmp files]
[2008/09/20 16:33:18 | 00,418,816 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jake\Desktop\OTViewIt.exe
[2008/09/17 12:37:42 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2008/09/17 12:37:42 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2008/09/04 23:42:53 | 00,251,392 | ---- | C] () -- C:\Documents and Settings\Jake\Desktop\hijackthis_sfx.exe
[2008/09/04 23:14:55 | 00,058,809 | ---- | C] () -- C:\WINDOWS\System32\tdssinit.dll
[2008/09/04 23:14:55 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\tdssserf.dll
[2008/09/04 23:14:54 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\tdssadw.dll
[2008/09/04 23:14:54 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tdsslog.dll
[2008/09/04 23:14:54 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tdssmain.dll
[2008/09/04 23:14:53 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tdssl.dll
[2008/09/04 23:14:53 | 00,000,174 | ---- | C] () -- C:\WINDOWS\System32\tdssservers.dat
[2008/09/01 12:45:20 | 00,020,992 | ---- | C] () -- C:\Documents and Settings\Jake\My Documents\Math autobiography.doc

========== Files - Modified Within 30 Days ==========

[2 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[4 C:\Documents and Settings\Jake\My Documents\*.tmp files]
[2008/09/20 16:33:31 | 00,418,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jake\Desktop\OTViewIt.exe
[2008/09/20 11:09:10 | 00,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2008/09/20 11:07:49 | 00,000,040 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2008/09/20 11:07:04 | 00,013,712 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/09/20 11:06:35 | 00,175,799 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2008/09/20 11:06:11 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/09/20 11:06:04 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/09/19 23:40:19 | 00,020,480 | ---- | M] () -- C:\Documents and Settings\Jake\My Documents\movies.doc
[2008/09/19 21:01:45 | 00,227,328 | ---- | M] () -- C:\Documents and Settings\Jake\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/19 20:55:05 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008/09/19 17:16:05 | 00,000,374 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2008/09/17 12:54:12 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/09/17 12:37:42 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2008/09/17 12:37:42 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2008/09/04 23:42:52 | 00,251,392 | ---- | M] () -- C:\Documents and Settings\Jake\Desktop\hijackthis_sfx.exe
[2008/09/04 23:14:55 | 00,058,809 | ---- | M] () -- C:\WINDOWS\System32\tdssinit.dll
[2008/09/04 23:14:55 | 00,032,768 | ---- | M] () -- C:\WINDOWS\System32\tdssadw.dll
[2008/09/04 23:14:55 | 00,012,288 | ---- | M] () -- C:\WINDOWS\System32\tdssserf.dll
[2008/09/04 23:14:54 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tdssl.dll
[2008/09/04 23:14:54 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tdsslog.dll
[2008/09/04 23:14:54 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tdssmain.dll
[2008/09/04 23:14:53 | 00,000,174 | ---- | M] () -- C:\WINDOWS\System32\tdssservers.dat
[2008/09/02 17:34:06 | 00,139,600 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/09/02 17:33:59 | 00,111,928 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008/09/01 17:31:32 | 00,020,992 | ---- | M] () -- C:\Documents and Settings\Jake\My Documents\Math autobiography.doc
< End of report >

OTViewIt Extras logfile created on: 9/20/2008 4:33:47 PM - Run Jake
OTViewIt by OldTimer - Version 1.0.7.1 Folder = C:\Documents and Settings\Jake\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 73.85% Memory free
3.85 Gb Paging File | 3.49 Gb Available in Paging File | 90.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78.13 Gb Total Space | 1.39 Gb Free Space | 1.77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 677.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 154.76 Gb Total Space | 8.96 Gb Free Space | 5.79% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
Drive H: | 232.88 Gb Total Space | 13.51 Gb Free Space | 5.80% Space Free | Partition Type: NTFS
Drive I: | 465.76 Gb Total Space | 369.35 Gb Free Space | 79.30% Space Free | Partition Type: NTFS

Computer Name: HAL
Current User Name: Jake
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled"=1
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2006/05/01 18:09:50 | 01,974,272 | ---- | M] () -- C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s
[2006/09/26 18:53:22 | 07,574,463 | ---- | M] () -- C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2
[2006/02/17 01:19:34 | 00,192,512 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
[2007/01/23 13:06:35 | 33,361,920 | ---- | M] () -- C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Game.exe:*:Enabled:Rainbow Six Vegas
[2008/07/08 15:14:24 | 00,066,872 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA
[2008/09/02 17:33:59 | 00,111,928 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB
[2008/06/20 15:43:00 | 03,330,048 | ---- | M] () -- H:\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™
[2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[2008/09/10 17:39:54 | 14,228,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes

========== (O10) Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
msdaipp: [HKLM - No CLSID value]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}"=Crysis®
"{00203668-8170-44A0-BE44-B632FA4D780F}"=Adobe AIR
"{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}"=Adobe Audition 2.0
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}"=Battlefield 2: Deluxe Edition
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}"=SlideShow
"{0E6AB9FC-76C2-431B-9C06-6C1CFFFEA8EB}"=Ad-Aware 2007
"{127B684B-A002-44C8-99A7-6CF8F1E26873}"=PunkBuster for Battlefield 1942
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}"=cp_OnlineProjectsConfig
"{1C08A24C-B168-407E-A826-68FAF5F20710}"=Age of Empires III - The WarChiefs
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}"=Google Earth
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk"=Google Talk (remove only)
"{236BB7C4-4419-42FD-0409-1E257A25E34D}"=Adobe Photoshop CS2
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}"=HPPhotoSmartExpress
"{2A780209-2A41-4C75-932A-F6F0390D430A}"=Adobe Photoshop CS2 Functional Content
"{2ECE7ECE-D15B-4999-8B8D-01C998F489D5}"=Adobe Encore DVD 2.0
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}"=Sonic_PrimoSDK
"{3248F0A8-6813-11D6-A77B-00B0D0160010}"=Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}"=Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}"=Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}"=Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java™ 6 Update 7
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}"=SkinsHP1
"{34ACF0AB-D649-47DC-A90C-6DF34C270D78}"=Intel Audio Studio 2.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}"=PanoStandAlone
"{385979FE-DC4F-4140-8EAD-A59625000D72}"=NTI Backup NOW! 4
"{3872D54E-84A0-4C04-9BDB-684D01840CA6}"=Diskeeper Lite
"{3BD633E0-4BF8-4499-9149-88F0767D449C}"=Call of Duty® 4 - Modern Warfare™ 1.4 Patch
"{41B9E2CF-0B3F-442A-B5B3-592A4A355634}"=iTunes
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}"=CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}"=BufferChm
"{4E868D3D-6EEB-4273-926C-2287236B5B79}"=3DVIA Player 4.1
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}"=HPProductAssistant
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}"=FullDPAppQFolder
"{5731C0A8-B266-451A-8D3F-8066AA21836F}"=Tom Clancy's Rainbow Six Vegas
"{57922B53-02D4-4DFC-AC24-A3519DC1F49A}"=Adobe Premiere Pro FC
"{57B2281D-A34A-4a48-8C68-169B8873659D}"=c4100_Help
"{5888428E-699C-4E71-BF71-94EE06B497DA}"=TuneUp Utilities 2008
"{5DE1B7CF-7429-40CA-987F-6BEE09B63787}"=Prime95
"{66910000-8B30-4973-A159-6371345AFFA5}"=WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}"=RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}"=eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}"=AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}"=Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}"=Battlefield 1942
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}"=Microsoft Office Converter Pack
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}"=MSXML 4.0 SP2 Parser and SDK
"{71FD28F7-E697-40B4-8DC9-91E8B1B9AEE9}"=Wireless G WUA-1340
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}"=Readme
"{77DCDCE3-2DED-62F3-8154-05E745472D07}"=Acrobat.com
"{786C5747-1437-443D-B06E-79A00FE45110}"=Adobe Stock Photos 1.0
"{789289CA-F73A-4A16-A331-54D498CE069F}"=Ventrilo Client
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}"=Call of Duty® 2 Patch 1.3
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}"=Age of Empires III
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}"=DocumentViewerQFolder
"{7D974ACA-4EE5-412C-8E6A-A5B57B305727}"=ESET NOD32 Antivirus
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1"=CDBurnerXP
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}"=ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}"=Status
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}"=Call of Duty® 4 - Modern Warfare™ 1.5 Patch
"{87E2B986-07E8-477a-93DC-AF0B6758B192}"=DocProcQFolder
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}"=Call of Duty® 4 - Modern Warfare™ 1.6 Patch
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}"=Bonjour
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}"=DocProc
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}"=Unload
"{8DC42D05-680B-41B0-8878-6C14D24602DB}"=QuickTime
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}"=Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}"=Adobe Help Center 2.0
"{90280409-6000-11D3-8CFE-0050048383C9}"=Microsoft Office XP Professional with FrontPage
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}"=InterVideo WinDVD
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}"=Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"{9559F7CA-5E34-4237-A2D9-D856464AD727}"=Project64 1.6
"{962DE60D-D080-4E77-BD0C-F97A179C50B7}"=Microsoft Windows Vista Upgrade Advisor
"{996512CF-F35B-48DE-9291-557FA5316967}"=ScannerCopy
"{998AD896-5B25-466D-8D56-CC0CC9228A68}"=Adobe Audition 2.0 Loopology Content
"{A06275F4-324B-4E85-95E6-87B2CD729401}"=Windows Defender
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}"=InstantShareDevices
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}"=SigmaTel Audio
"{A48E4951-D8E9-4FDF-82EF-46FB1C953F3E}"=Intel Audio Studio 2.0
"{A8B94669-8654-4126-BD28-D0D2412CDED6}"=TI Connect 1.6
"{AA9768AA-FF0B-4C66-A085-31E934F77841}"=Apple Mobile Device Support
"{AAB061B3-99A6-4EE5-93F4-6EB1F60295C4}"=Adobe Production Studio
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}"=DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A90000000001}"=Adobe Reader 9
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}"=Command & Conquer 3
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}"=cp_PosterPrintConfig
"{B22F646A-3FCF-4DFE-AD34-DEEE173F150F}"=AdminWorks
"{B2C45229-65A0-4738-B9CB-C5A41634FBB1}"=2d3 SteadyMove for Adobe Premiere Pro 2.0
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}"=Adobe Illustrator CS2
"{B3B7836C-A1AD-4A56-811C-C18ABDE5EAAD}"=Adobe Video Suite Extras
"{B4C88CF0-B617-4658-8F84-C4E847FBC9F7}"=Microsoft Managed DirectX (1126)
"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1
"{B6286A44-7505-471A-A72B-04EC2DB2F442}"=CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}"=CP_Panorama1Config
"{B73B4A99-4173-4747-BBEC-0F05E966F9D2}"=Battlefield 1942: Secret Weapons of WWII
"{B74D4E10-0000-0000-0000-EDED00000102}"=Adobe ExtendScript Toolkit 1.0
"{B74D4E10-0000-0000-0000-EDED00000103}"=Adobe ExtendScript Toolkit 1.0
"{B74D4E10-6884-0000-0000-000000000103}"=Adobe Bridge 1.0
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}"=HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}"=HP Photosmart, Officejet and Deskjet 7.0.A
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}"=PhotoGallery
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}"=SolutionCenter
"{C871525F-7116-4d26-BA6D-215F59B6F88B}"=C4100
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}"=AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}"=Need for Speed™ ProStreet
"{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}"=Battlefield 1942: The Road To Rome
"{D07643A3-CE41-4286-8C78-EB9C83E76DDB}"=PunkBuster for Battlefield Vietnam
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}"=Call of Duty® 2
"{D5BB0907-4BB2-46A3-AA68-0173D111058D}"=GameDrive
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}"=TrayApp
"{DBFE5FBD-A7D9-4F74-88A1-2B042722F2DB}"=Intel® Desktop Control Center
"{DD362256-A7A2-4524-9457-213DDC2AFC2A}"=Adobe After Effects 7.0
"{DE1FD294-CF2A-4936-92F4-B1B778371627}"=Intel® Desktop Utilities
"{E35B3C63-E958-4E31-A178-95D22024109A}"=Battlefield Vietnam™
"{E48469CC-635E-4FD5-A122-1497C286D217}"=Call of Duty® 4 - Modern Warfare™
"{E6C48B74-26ED-4EF8-A04C-42AFDE5E1CA3}"=Intel® PRO Network Connections
"{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}"=Lock On: Modern Air Combat
"{EC1963C6-8EA9-40DF-8CD7-F63E174FCAEC}"=Adobe After Effects 7.0 Functional Content
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}"=CP_CalendarTemplates1
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}"=Adobe Stock Photos 1.0
"{F157460F-720E-482f-8625-AD7843891E5F}"=InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}"=Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}"=Fax_CDA
"{F6F6C08A-ED6F-4968-8292-A08E9F02584F}"=Adobe Encore DVD FC
"{F989306B-9287-444F-AE73-E30C7E4AF0F5}"=Battlefield Vietnam: WW2 Mod
"{FA17A726-B229-4116-B793-A2AB1A4EAE2E}"=Adobe Premiere Pro 2.0
"{FB15E224-67C3-491F-9F5C-F257BC418412}"=Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}"=NewCopy_CDA
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}"=DocumentViewer
"Adobe Acrobat 5.0"=Adobe Acrobat 5.0
"Adobe AIR"=Adobe AIR
"Adobe Flash Player Plugin"=Adobe Flash Player Plugin
"Adobe Shockwave Player"=Adobe Shockwave Player
"Adobe SVG Viewer"=Adobe SVG Viewer 3.0
"AGEIA PhysX v2.3.3"=AGEIA PhysX v2.3.3
"AnyDVD"=AnyDVD
"AOL Instant Messenger"=AOL Instant Messenger
"Battlecraft 19422.1"=Battlecraft 1942
"Blender"=Blender (remove only)
"CCleaner"=CCleaner (remove only)
"Celtx (1.0)"=Celtx (1.0)
"CleanUp!"=CleanUp!
"Color Finesse"=Color Finesse
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1"=Acrobat.com
"Cycore FX 1.0.1 for After Effects"=Cycore FX 1.0.1 for After Effects
"Defcon_is1"=Defcon v1.43
"DVD Shrink_is1"=DVD Shrink 3.2
"EphPod"=EphPod
"Ghost Recon Advanced Warfighter Patch_is1"=GRAW Patch 1.35
"HijackThis"=HijackThis 2.0.2
"HP Document Viewer"=HP Document Viewer 7.0
"HP Imaging Device Functions"=HP Imaging Device Functions 7.0
"HP Photo & Imaging"=HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools"=HP Solution Center 7.0
"HPOCR"=OCR Software by I.R.I.S 7.0
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}"=Call of Duty® 4 - Modern Warfare™ 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}"=Call of Duty® 4 - Modern Warfare™ 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}"=Call of Duty® 4 - Modern Warfare™ 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}"=Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}"=Call of Duty® 4 - Modern Warfare™
"Kaspersky Online Scanner"=Kaspersky Online Scanner
"KB835221WXP"=High Definition Audio Driver Package - KB835221
"Keylight 1.2v2 for After Effects 7.0_is1"=Keylight 1.2v2 for After Effects 7.0
"Lock On 1.1"=Lock On 1.1
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"MDT"=Battlefield Mod Development Toolkit 2.0 Beta
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.1)"=Mozilla Firefox (3.0.1)
"NeroMultiInstaller!UninstallKey"=Nero Suite
"NVIDIA Drivers"=NVIDIA Drivers
"OpenAL"=OpenAL
"Project Reality 0.61 Full_is1"=Project Reality Mini-Mod 0.61
"PunkBusterSvc"=PunkBuster Services
"ShockwaveFlash"=Adobe Flash Player 9 ActiveX
"SMAC 2.0"=SMAC 2.0
"U.S. Robotics Wireless MAXg Adapter"=U.S. Robotics Wireless MAXg Adapter
"Vue 6 Infinite PLE 32bit"=Vue 6 Infinite PLE 32bit
"WinRAR archiver"=WinRAR archiver
"Xfire"=Xfire (remove only)
"XviD"=XviD MPEG-4 Codec
"Xvid_is1"=Xvid 1.1.3 final uninstall
"Yahoo! Companion"=Yahoo! Toolbar
"Yahoo! Toolbar"=Yahoo! Toolbar
"YInstHelper"=Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/6/2008 8:08:26 PM | Computer Name = HAL | Source = MsiInstaller | ID = 11314
Description = Product: Need for Speed™ ProStreet -- Error 1314. The specified path
'//Electronic Arts\Need for Speed ProStreet\' is unavailable.

Error - 7/6/2008 8:31:07 PM | Computer Name = HAL | Source = Application Error | ID = 1000
Description = Faulting application nfs.exe, version 0.0.0.0, faulting module nfs.exe,
version 0.0.0.0, fault address 0x002c3331.

Error - 7/6/2008 8:31:54 PM | Computer Name = HAL | Source = Application Error | ID = 1000
Description = Faulting application nfs.exe, version 0.0.0.0, faulting module nfs.exe,
version 0.0.0.0, fault address 0x002c3331.

Error - 7/6/2008 8:32:44 PM | Computer Name = HAL | Source = Application Error | ID = 1000
Description = Faulting application nfs.exe, version 0.0.0.0, faulting module nfs.exe,
version 0.0.0.0, fault address 0x002c3331.

Error - 7/17/2008 5:34:26 PM | Computer Name = HAL | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 9.0.0.3250, faulting module
unknown, version 0.0.0.0, fault address 0x02842431.

Error - 7/19/2008 7:07:05 PM | Computer Name = HAL | Source = Application Hang | ID = 1002
Description = Hanging application AnyDVDtray.exe, version 6.4.5.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 7/19/2008 10:15:07 PM | Computer Name = HAL | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 9.0.0.3250, faulting module
unknown, version 0.0.0.0, fault address 0x026f018a.

Error - 7/21/2008 4:09:01 PM | Computer Name = HAL | Source = Application Hang | ID = 1002
Description = Hanging application iptray.exe, version 2.1.5.46, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 7/30/2008 5:55:59 PM | Computer Name = HAL | Source = Application Error | ID = 1000
Description = Faulting application wmplayer.exe, version 9.0.0.3250, faulting module
qdvd.dll, version 6.5.2600.2180, fault address 0x00035f1a.

Error - 7/31/2008 6:28:24 PM | Computer Name = HAL | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.8.20080.4669, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 9/19/2008 11:49:22 PM | Computer Name = HAL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Intel® Desktop Utilities
Service service to connect.

Error - 9/20/2008 1:47:14 AM | Computer Name = HAL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Intel® Desktop Utilities
Service service to connect.

Error - 9/20/2008 1:47:15 AM | Computer Name = HAL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Si3114r5

Error - 9/20/2008 1:47:46 AM | Computer Name = HAL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Intel® Desktop Utilities
Service service to connect.

Error - 9/20/2008 1:48:16 AM | Computer Name = HAL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Intel® Desktop Utilities
Service service to connect.

Error - 9/20/2008 2:06:47 PM | Computer Name = HAL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Intel® Desktop Utilities
Service service to connect.

Error - 9/20/2008 2:06:48 PM | Computer Name = HAL | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Si3114r5

Error - 9/20/2008 2:07:18 PM | Computer Name = HAL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Intel® Desktop Utilities
Service service to connect.

Error - 9/20/2008 2:07:48 PM | Computer Name = HAL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Intel® Desktop Utilities
Service service to connect.

Error - 9/20/2008 2:08:20 PM | Computer Name = HAL | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Intel® Desktop Utilities
Service service to connect.


< End of report >

Please visit this web page for instructions for downloading and running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

This includes installing the Windows XP Recovery Console in case you have not installed it yet.

For more information on the Windows XP Recovery Console read http://support.microsoft.com/kb/314058.

Once you install the Recovery Console, when you reboot your computer, you'll see the option for the Recovery Console now as well. Don't select Recovery Console as we don't need it. By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows. That is normal.

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

Please go ahead and follow my fix above.

I'm sorry i have not replied for a while. Here are the logs.

ComboFix 08-09-28.05 - Jake 2008-09-30 12:00:58.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1499 [GMT -7:00]
Running from: C:\Documents and Settings\Jake\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\tdssinit.dll
C:\WINDOWS\system32\tdssservers.dat

.
((((((((((((((((((((((((( Files Created from 2008-08-28 to 2008-09-30 )))))))))))))))))))))))))))))))
.

2008-09-21 11:16 . 2008-09-21 11:16 <DIR> d-------- C:\Documents and Settings\Jake\Application Data\vlc
2008-09-21 11:03 . 2008-09-21 11:03 <DIR> d-------- C:\Program Files\VideoLAN
2008-09-17 12:56 . 2008-09-17 12:56 <DIR> d-------- C:\Program Files\iTunes
2008-09-17 12:56 . 2008-09-17 12:56 <DIR> d-------- C:\Program Files\iPod
2008-09-17 12:56 . 2008-09-17 12:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-17 12:55 . 2008-09-17 12:55 <DIR> d-------- C:\Program Files\QuickTime
2008-09-17 12:55 . 2008-09-17 12:55 <DIR> d-------- C:\Program Files\Bonjour
2008-09-17 12:37 . 2008-09-17 12:37 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-17 12:37 . 2008-09-17 12:37 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-08-29 10:18 . 2008-08-29 10:18 87,336 --a------ C:\WINDOWS\system32\dns-sd.exe
2008-08-29 09:53 . 2008-08-29 09:53 61,440 --a------ C:\WINDOWS\system32\dnssd.dll
2008-08-27 20:04 . 2008-09-23 21:55 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-12 15:08 . 2008-08-12 15:08 42,320 --a------ C:\WINDOWS\system32\xfcodec.dll
2008-08-01 10:56 . 2008-08-12 22:14 <DIR> d-------- C:\Program Files\Celtx
2008-08-01 10:56 . 2008-08-01 10:56 <DIR> d-------- C:\Documents and Settings\Jake\Application Data\Greyfirst

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-30 19:05 1,936 ----a-w C:\WINDOWS\bcmwltrytmp.reg
2008-09-30 18:50 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-25 02:04 --------- d-----w C:\Program Files\ESET
2008-09-17 19:55 --------- d-----w C:\Program Files\Common Files\Apple
2008-09-17 19:54 --------- d-----w C:\Program Files\Apple Software Update
2008-09-03 23:36 --------- d-----w C:\Program Files\Java
2008-09-03 00:34 139,600 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-08-31 18:55 --------- d-----w C:\Documents and Settings\Jake\Application Data\Xfire
2008-08-21 02:25 --------- d-s---w C:\Program Files\Xfire
2008-07-29 04:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-05-29 03:11 22,328 ----a-w C:\Documents and Settings\Jake\Application Data\PnkBstrK.sys
2007-12-17 01:33 38,736 ----a-w C:\Documents and Settings\Jake\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [2008-06-17 2137024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"U.S. Robotics Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY" [X]
"ipTray.exe"="C:\Program Files\Intel\IDU\iptray.exe" [2005-04-29 1267200]
"awTray.exe"="C:\Program Files\Intel\IDU\awtray.exe" [2005-03-11 1910784]
"IntelAudioStudio"="C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" [2006-09-21 9138176]
"GameDrive"="C:\Program Files\FarStone\GameDrive\GDP\GDTask.exe" [2005-08-09 139264]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-02 13529088]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-02 86016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168]
"nwiz"="nwiz.exe" [2008-05-02 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"= 1 (0x1)
"AllowUnhashedWebView"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"AGEIA PhysX SysTray"=C:\Program Files\AGEIA Technologies\TrayIcon.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"DiskeeperSystray"="C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"=
"C:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program