SP3 Slow Boot (pauses) before and after login

Hi everyone,

I'm new to the forum and have been reading a lot (lurking) for days now about the pausing of SP3. I just recently have encountered this type of problem and I believe it may be a driver problem but I am not sure when it started as my computer is usually on 24/7. I am running XP SP3 on a WD Raptor 74gb drive connected via SATA on an ASUS P5AD2-E Premium motherboard. I currently have a dual boot system setup; another raptor drive has linux on it. I currently use linux's boot loader GRUB to select and boot Windows XP. I don't believe this problem has anything to do with that though as this setup has been functioning fine for weeks. Now, onto what is actually occurring.

When I select to boot Windows XP the normal Windows XP splash comes up with the blue bar moving, after a normal amount of time the splash goes away and the screen goes black, this is the first pause. No hard drive activity and it will pause for at least a minute or two. Once it get's past this I see the login screen (I have autologin enabled) it logs in and my wallpaper is displayed. At this point the computer's hard drive activity is again idle and no icons/start bar are shown. I can run the Task Manager and start programs fine, but it will be another 2 minutes before the normal desktop items show up. Also, when I try to access My Computer, or any dialog that displays or connects to the drives, there is the same long pause before anything shows. Once the system is up and running everything works fine! I do not have any firewall software installed as I am behind a properly configured router. (This cuts out the pausing issue with ZA) I have run ATF-Cleaner, Spybot, AdAware, HiJackThis VundoFix, CCleaner, and a full system virus scan in Safe Mode; none of these turn up anything. If I had to guess when this problem started, it might have been after I was playing around with my Creative Audigy 2 ZS drivers to try to rectify a crackle that I'm getting in some of the sound (This is a common issue with these cards). I have uninstalled and reinstalled this device with DriverCleaner and then the newest drivers. To get everyone caught up, here are some logs that may help:

 

-- Files created between 2008-05-21 and 2008-06-21 -----------------------------

2008-06-21 12:40:02 0 dr-h----- C:\Documents and Settings\Travis\Recent
2008-06-21 03:36:49 0 d-------- C:\Program Files\Lavasoft
2008-06-21 03:36:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-21 02:34:47 0 d-------- C:\WINDOWS\BDOSCAN8
2008-06-21 00:27:34 0 d-------- C:\Documents and Settings\Travis\Application Data\Help
2008-06-21 00:06:22 0 d-------- C:\Program Files\Greatis
2008-06-20 23:55:35 0 d-------- C:\Program Files\CCleaner
2008-06-20 23:41:51 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-06-20 23:10:59 0 d-------- C:\WINDOWS\nvidia icons
2008-06-20 23:10:48 0 d-------- C:\WINDOWS\nview
2008-06-20 23:10:35 0 d-------- C:\NVIDIA
2008-06-20 20:40:51 0 d-------- C:\Documents and Settings\Travis\Application Data\Microsoft Games
2008-06-20 19:27:35 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-06-20 19:24:47 0 d-------- C:\Program Files\Intel
2008-06-20 16:50:03 0 d-------- C:\Program Files\Microsoft Bootvis
2008-06-20 12:56:41 0 d-------- C:\Program Files\Active SMART
2008-06-20 12:56:41 0 d--h----- C:\Documents and Settings\All Users\Application Data\ActiveSMART
2008-06-19 10:45:15 0 d-------- C:\WINDOWS\Installing Adobe Acrobat Reader
2008-06-18 12:30:40 0 d-------- C:\Documents and Settings\Travis\Application Data\Hamachi
2008-06-18 12:30:23 0 d-------- C:\Program Files\Hamachi
2008-06-17 22:34:36 86016 --a------ C:\WINDOWS\system32\cttele.dll <Not Verified; Creative Technology Ltd; Creative Common Proxy Stud>
2008-06-17 22:21:32 10752 --a------ C:\WINDOWS\system32\CT20XSPI.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-06-17 18:51:27 0 d-------- C:\Documents and Settings\Travis\Application Data\gtk-2.0
2008-06-17 17:58:37 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-17 17:58:36 0 d-------- C:\Documents and Settings\Travis\Application Data\Mozilla
2008-06-17 17:35:55 0 d-------- C:\Documents and Settings\Travis\Application Data\DAEMON Tools Pro
2008-06-15 00:48:23 0 d-------- C:\Program Files\PowerMenu
2008-06-12 02:22:06 0 d-------- C:\Program Files\Trend Micro
2008-06-12 01:43:58 739176 --ahs---- C:\WINDOWS\system32\vwyHRqru.ini2
2008-06-12 00:54:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-11 16:43:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
2008-06-11 13:54:50 0 d-------- C:\Program Files\MSBuild
2008-06-11 13:51:41 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-06-11 13:51:05 0 d-------- C:\Program Files\Reference Assemblies
2008-06-11 12:35:17 741087 --ahs---- C:\WINDOWS\system32\EhPponpo.ini2
2008-06-10 23:53:36 0 d-------- C:\WINDOWS\Logs
2008-06-10 22:52:28 566624 --a------ C:\WINDOWS\system32\d3d10.dll
2008-06-10 22:28:51 94208 --a------ C:\WINDOWS\system32\msstkprp.dll <Not Verified; Microsoft Corporation; msprop32>
2008-06-10 01:12:29 0 d-------- C:\Program Files\FAVC
2008-06-10 01:12:09 0 d-------- C:\Program Files\AviSynth 2.5
2008-06-10 00:02:32 0 d-------- C:\Program Files\MKVtoolnix
2008-06-04 18:33:33 0 d-------- C:\Documents and Settings\Travis\Application Data\Media Player Classic
2008-06-04 18:32:27 0 d-------- C:\Program Files\Combined Community Codec Pack
2008-06-04 01:13:41 0 d-------- C:\Documents and Settings\Travis\Application Data\.BitTornado
2008-06-04 00:59:45 0 d-------- C:\Program Files\BitTornado
2008-06-03 20:50:32 0 d-------- C:\Program Files\Playlist Creator 3
2008-06-02 20:57:11 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-06-02 20:57:11 0 d-------- C:\Documents and Settings\Travis\Application Data\skypePM
2008-06-02 20:56:38 0 d-------- C:\Documents and Settings\Travis\Application Data\Skype
2008-06-02 20:56:31 0 d-------- C:\Program Files\Skype
2008-06-02 20:56:30 0 d-------- C:\Program Files\Common Files\Skype
2008-06-02 20:56:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-06-02 14:00:06 0 d-------- C:\Program Files\SHOUTcast
2008-06-02 13:58:16 0 d-------- C:\Program Files\Winamp
2008-06-02 13:58:16 0 d-------- C:\Documents and Settings\Travis\Application Data\Winamp
2008-05-31 10:23:25 0 d-------- C:\Documents and Settings\Travis\Application Data\.purple
2008-05-31 10:13:42 0 d-------- C:\Program Files\Aspell
2008-05-31 10:12:23 0 d-------- C:\Program Files\Pidgin
2008-05-31 10:12:20 0 d-------- C:\Program Files\Common Files\GTK
2008-05-30 15:23:03 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-05-30 15:09:06 0 d-------- C:\WINDOWS\system32\AGEIA
2008-05-30 15:09:05 0 d-------- C:\Program Files\AGEIA Technologies
2008-05-30 15:08:53 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-30 14:51:45 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-05-30 14:51:36 271360 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2008-05-30 14:51:35 18048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2008-05-30 14:14:13 0 d-------- C:\Program Files\RealVNC
2008-05-30 14:09:50 0 d-------- C:\Documents and Settings\Travis\Application Data\Bioshock
2008-05-30 14:09:44 0 dr-h----- C:\Documents and Settings\Travis\Application Data\SecuROM
2008-05-30 11:36:56 0 d-------- C:\Program Files\Windows Media Connect 2
2008-05-30 11:36:02 0 d-------- C:\WINDOWS\system32\LogFiles
2008-05-30 11:36:02 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-30 11:25:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-05-30 11:23:22 0 d-------- C:\WINDOWS\system32\PreInstall
2008-05-30 11:23:21 0 d--h----- C:\WINDOWS\$hf_mig$
2008-05-30 11:08:43 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-05-30 11:08:01 0 d--hs---- C:\Documents and Settings\Travis\UserData
2008-05-30 11:05:47 0 d-------- C:\Program Files\Microsoft Works
2008-05-30 11:04:10 0 d-------- C:\WINDOWS\SHELLNEW
2008-05-30 11:03:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-05-30 11:03:47 0 dr-h----- C:\MSOCache
2008-05-30 10:57:44 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-05-30 01:20:44 0 d-------- C:\Program Files\Games
2008-05-30 01:20:07 0 d-------- C:\Program Files\7-Zip
2008-05-29 01:40:48 0 d-------- C:\Documents and Settings\Travis\Application Data\Adobe
2008-05-29 00:45:21 0 d-------- C:\WINDOWS\pss
2008-05-28 21:06:12 0 d-------- C:\WINDOWS\system32\appmgmt
2008-05-27 22:09:12 0 d-------- C:\.Trash-panther
2008-05-27 11:13:42 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-05-27 11:13:36 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-05-27 11:13:36 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-05-27 11:13:36 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-05-27 11:13:36 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-05-27 11:13:36 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-05-27 11:13:35 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-05-27 11:13:35 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-05-27 11:13:35 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-05-27 11:13:35 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-05-27 11:13:35 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-05-27 11:13:35 1835008 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-05-27 11:13:35 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-05-27 11:13:35 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-05-27 11:13:35 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-05-27 09:36:49 717296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-05-27 09:36:48 0 d-------- C:\Documents and Settings\Travis\Application Data\DAEMON Tools
2008-05-27 03:25:18 0 d-------- C:\WINDOWS\Sun
2008-05-27 02:48:07 0 d-------- C:\Documents and Settings\Travis\Application Data\Sun
2008-05-27 02:35:34 8 --a------ C:\WINDOWS\system32\nvModes.dat
2008-05-27 02:29:57 0 d-------- C:\WINDOWS\system32\Defaults
2008-05-27 02:29:25 0 d-------- C:\Documents and Settings\Travis\Application Data\Creative
2008-05-27 02:29:23 0 d-------- C:\WINDOWS\system32\Data
2008-05-27 02:29:23 3072 --a------ C:\WINDOWS\CTXFIRES.DLL <Not Verified; ; CTxfiRes Dynamic Link Library>
2008-05-27 02:29:22 0 d-------- C:\Program Files\Creative
2008-05-27 02:29:16 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-27 02:29:15 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-27 02:21:40 0 d-------- C:\Program Files\hp photosmart
2008-05-27 02:21:23 40448 --a------ C:\WINDOWS\system32\hpfinsta.exe <Not Verified; Hewlett-Packard; hp photosmart>
2008-05-27 02:21:23 36864 --a------ C:\WINDOWS\hpfsched.exe
2008-05-27 02:21:18 184832 --a------ C:\WINDOWS\system32\hpfinst.dll <Not Verified; Hewlett-Packard; hp photosmart>
2008-05-27 02:17:09 0 d-------- C:\Documents and Settings\Travis\Application Data\Macromedia
2008-05-27 02:12:01 0 d-------- C:\Documents and Settings\Travis\Application Data\Identities
2008-05-27 02:11:17 0 d--h----- C:\Documents and Settings\Travis\Templates
2008-05-27 02:11:17 0 dr------- C:\Documents and Settings\Travis\Start Menu
2008-05-27 02:11:17 0 dr-h----- C:\Documents and Settings\Travis\SendTo
2008-05-27 02:11:17 0 d--h----- C:\Documents and Settings\Travis\PrintHood
2008-05-27 02:11:17 5242880 --ah----- C:\Documents and Settings\Travis\NTUSER.DAT
2008-05-27 02:11:17 0 d--h----- C:\Documents and Settings\Travis\NetHood
2008-05-27 02:11:17 0 dr------- C:\Documents and Settings\Travis\My Documents
2008-05-27 02:11:17 0 d--h----- C:\Documents and Settings\Travis\Local Settings
2008-05-27 02:11:17 0 dr------- C:\Documents and Settings\Travis\Favorites
2008-05-27 02:11:17 0 d-------- C:\Documents and Settings\Travis\Desktop
2008-05-27 02:11:17 0 d--hs---- C:\Documents and Settings\Travis\Cookies
2008-05-27 02:11:17 0 dr-h----- C:\Documents and Settings\Travis\Application Data
2008-05-27 02:10:08 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-05-27 02:09:58 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-05-27 02:09:58 0 d-------- C:\WINDOWS\Prefetch
2008-05-27 02:09:57 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-05-27 02:09:57 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-05-27 02:09:57 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-05-27 02:09:57 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-05-27 02:09:57 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-05-27 02:09:45 262144 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-05-27 02:09:45 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-05-27 02:09:45 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-05-27 02:09:45 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-05-27 02:09:45 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-05-27 02:06:48 0 d-------- C:\WINDOWS\system32\xircom
2008-05-27 02:06:48 0 d-------- C:\Program Files\microsoft frontpage
2008-05-27 02:06:40 237568 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-05-27 02:06:35 0 -rahs---- C:\MSDOS.SYS
2008-05-27 02:06:35 0 -rahs---- C:\IO.SYS
2008-05-27 02:06:35 0 --a------ C:\CONFIG.SYS
2008-05-27 02:06:35 0 --a------ C:\AUTOEXEC.BAT
2008-05-27 02:05:43 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-05-27 02:05:35 0 dr------- C:\WINDOWS\Offline Web Pages
2008-05-27 02:05:35 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-05-27 02:05:07 0 d-------- C:\WINDOWS\system32\DirectX
2008-05-27 02:04:46 0 d---s---- C:\WINDOWS\Tasks
2008-05-27 02:04:45 0 d-------- C:\Program Files\Common Files\MSSoap
2008-05-27 02:04:41 0 d-------- C:\WINDOWS\system32\Macromed
2008-05-27 02:04:41 0 d-------- C:\WINDOWS\srchasst
2008-05-27 02:04:33 0 d-------- C:\Program Files\Movie Maker
2008-05-27 02:04:09 0 d-------- C:\WINDOWS\system32\Restore
2008-05-27 02:03:29 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-05-27 02:03:18 0 d-------- C:\WINDOWS\Registration
2008-05-27 02:03:12 0 d-------- C:\Program Files\Online Services
2008-05-27 02:03:07 0 d-------- C:\Program Files\Messenger
2008-05-27 02:03:03 0 d-------- C:\Program Files\MSN Gaming Zone
2008-05-27 02:02:20 0 d-------- C:\Program Files\Windows NT
2008-05-27 02:02:16 0 d-------- C:\WINDOWS\system32\MsDtc
2008-05-27 02:02:14 0 d-------- C:\WINDOWS\system32\Com
2008-05-26 21:54:28 0 d--hs---- C:\WINDOWS\Installer
2008-05-26 21:54:25 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-05-26 21:54:24 0 dr------- C:\Program Files
2008-05-26 21:54:24 0 d-------- C:\Program Files\Common Files
2008-05-26 21:53:58 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-05-26 21:53:58 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-05-26 21:53:58 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-05-26 21:53:58 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-05-26 21:53:58 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-05-26 21:53:58 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-05-26 21:53:58 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-05-26 21:53:58 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-05-26 21:53:58 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-05-26 21:53:58 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-05-26 21:53:58 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-05-26 21:53:58 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-05-26 21:53:58 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-05-26 21:53:58 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-05-26 21:53:58 0 dr------- C:\Documents and Settings\All Users\Documents
2008-05-26 21:53:58 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-05-26 21:53:47 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-05-26 21:53:47 0 d-------- C:\WINDOWS\system32\CatRoot
2008-05-26 21:53:41 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-05-26 21:53:41 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-05-26 21:53:41 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-05-26 21:53:41 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-05-26 21:53:16 0 d--hs---- C:\System Volume Information
2008-05-26 21:53:16 0 d-------- C:\Documents and Settings
2008-05-26 21:42:45 0 d-------- C:\WINDOWS
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\WinSxS
2008-05-26 21:42:45 0 dr------- C:\WINDOWS\Web
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\twain_32
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\wins
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\wbem
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\usmt
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\spool
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\ShellExt
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\Setup
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\scripting
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\ras
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\oobe
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\npp
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\mui
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\inetsrv
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\IME
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\icsxml
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\ias
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\export
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\en
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\drivers
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-05-26 21:42:45 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\dhcp
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\config
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\3076
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\2052
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\1054
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\1042
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\1041
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\1037
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\1033
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\1031
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\1028
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system32\1025
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\system
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\security
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\Resources
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\repair
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\Provisioning
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\PeerNet
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\pchealth
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\Network Diagnostic
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\mui
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\msapps
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\msagent
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\Media
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\L2Schemas
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\java
2008-05-26 21:42:45 0 d--h----- C:\WINDOWS\inf
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\ime
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\Help
2008-05-26 21:42:45 0 dr--s---- C:\WINDOWS\Fonts
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\ehome
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\Driver Cache
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\Debug
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\Cursors
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\Connection Wizard
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\Config
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\AppPatch
2008-05-26 21:42:45 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2008-05-26 21:53:58 62 --ahs---- C:\Documents and Settings\Travis\Application Data\desktop.ini
2008-05-07 01:07:00 7481359 --a------ C:\WINDOWS\system32\AppSetup.exe <Not Verified; Creative Technology Ltd; Creative Self-Extracting>
2008-05-05 13:34:44 43520 --a------ C:\WINDOWS\system32\CTBurst.dll <Not Verified; ; CTBurst Module>
2008-05-05 13:33:22 11776 --a------ C:\WINDOWS\system32\ac3api.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:33:04 37888 --a------ C:\WINDOWS\system32\psconv.exe
2008-05-05 13:33:02 19456 --a------ C:\WINDOWS\system32\CtHelper.exe <Not Verified; Creative Technology Ltd; CtHelper Application>
2008-05-05 13:33:02 8704 --a------ C:\WINDOWS\system32\ctagent.dll <Not Verified; Creative Technology Ltd; ctagent>
2008-05-05 13:33:00 43520 --a------ C:\WINDOWS\system32\ctspkhlp.dll <Not Verified; Creative Technology Ltd; CtSpkHlp Dynamic Link Library>
2008-05-05 13:33:00 56832 --a------ C:\WINDOWS\system32\CTpcmcia.dll <Not Verified; Creative Technology Ltd; CTPCMCIA Dynamic Link Library>
2008-05-05 13:33:00 13312 --a------ C:\WINDOWS\system32\ctmmep.dll <Not Verified; Creative Technology Ltd; Ctmmep Dynamic Link Library>
2008-05-05 13:32:54 32768 --a------ C:\WINDOWS\system32\ctthxcal.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:32:54 9216 --a------ C:\WINDOWS\system32\ctpres.dll <Not Verified; Creative Technology Ltd; CtPanel Resource>
2008-05-05 13:32:54 9216 --a------ C:\WINDOWS\CTPRES.DLL <Not Verified; Creative Technology Ltd; CtPanel Resource>
2008-05-05 13:32:52 41472 --a------ C:\WINDOWS\system32\ctscal.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:32:52 131072 --a------ C:\WINDOWS\system32\ctdcifce.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:32:50 330752 --a------ C:\WINDOWS\system32\ctdc0001.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:32:50 227840 --a------ C:\WINDOWS\system32\ctdc0000.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:32:48 10240 --a------ C:\WINDOWS\system32\ctdcres.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:32:48 10240 --a------ C:\WINDOWS\CTDCRES.DLL <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:23:50 386852 --a------ C:\WINDOWS\system32\ctdnlstr.dat
2008-05-05 13:23:50 51787 --a------ C:\WINDOWS\system32\ctdlang.dat
2008-05-05 13:23:26 196096 --a------ C:\WINDOWS\system32\ctemupia.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:21:22 176128 --a------ C:\WINDOWS\system32\ct_oal.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:21:20 49152 --a------ C:\WINDOWS\system32\ctdproxy.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:21:20 46592 --a------ C:\WINDOWS\system32\ctasio.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:21:00 69120 --a------ C:\WINDOWS\system32\ctosuser.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:20:58 6144 --a------ C:\WINDOWS\system32\sfman32.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:20:56 125952 --a------ C:\WINDOWS\system32\sfms32.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:20:52 13312 --a------ C:\WINDOWS\system32\regplib.exe
2008-05-05 13:20:50 64512 --a------ C:\WINDOWS\system32\piaproxy.dll <Not Verified; Creative Technology Ltd; E-mu PIA>
2008-05-05 13:20:16 149838 --a------ C:\WINDOWS\system32\ctbas2w.dat
2008-05-05 13:18:32 274587 --a------ C:\WINDOWS\system32\ctsbas2w.dat
2008-05-05 13:18:24 241084 --a------ C:\WINDOWS\system32\CTSBASW.DAT
2008-05-05 13:18:24 115166 --a------ C:\WINDOWS\system32\CTBASICW.DAT
2008-05-05 13:18:06 5120 --a------ C:\WINDOWS\system32\enlocstr.exe
2008-05-05 13:18:06 313207 --a------ C:\WINDOWS\system32\ctstatic.dat
2008-05-05 13:18:06 53932 --a------ C:\WINDOWS\system32\ctdaught.dat
2008-05-05 13:18:02 10240 --a------ C:\WINDOWS\system32\killapps.exe <Not Verified; ; killapps>
2008-05-05 13:17:50 28672 --a------ C:\WINDOWS\system32\MIDIDEF.EXE <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 13:17:48 32768 --a------ C:\WINDOWS\system32\devreg.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-02 22:46:00 1630208 --a------ C:\WINDOWS\system32\nwiz.exe
2008-05-02 22:46:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2008-05-02 22:46:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2008-05-02 22:46:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2008-05-02 22:46:00 1486848 --a------ C:\WINDOWS\system32\nview.dll
2008-05-02 22:46:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2008-05-02 22:46:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2008-05-02 22:46:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
2008-04-30 16:55:10 585326 --a------ C:\WINDOWS\system32\APOIM32.exe <Not Verified; Creative Technology Ltd; Creative Audio Processing Object Interface Module>
2008-04-28 11:11:16 53248 --a------ C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll
2008-04-28 11:11:16 53248 --a------ C:\WINDOWS\system32\AgCPanelSwedish.dll
2008-04-28 11:11:16 53248 --a------ C:\WINDOWS\system32\AgCPanelSpanish.dll
2008-04-28 11:11:16 53248 --a------ C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll
2008-04-28 11:11:16 53248 --a------ C:\WINDOWS\system32\AgCPanelPortugese.dll
2008-04-28 11:11:16 53248 --a------ C:\WINDOWS\system32\AgCPanelKorean.dll
2008-04-28 11:11:16 53248 --a------ C:\WINDOWS\system32\AgCPanelJapanese.dll
2008-04-28 11:11:16 53248 --a------ C:\WINDOWS\system32\AgCPanelGerman.dll
2008-04-28 11:11:16 53248 --a------ C:\WINDOWS\system32\AgCPanelFrench.dll


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz "= "nwiz.exe" [05/02/2008 10:46 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter "= "C:\WINDOWS\system32\NvMcTray.dll" [05/02/2008 10:46 PM]
"NvCplDaemon "= "C:\WINDOWS\system32\NvCpl.dll" [05/02/2008 10:46 PM]
"HPHmon03 "= "C:\WINDOWS\system32\hphmon03.exe" [01/13/2006 02:46 AM]
"HPDJ Taskbar Utility "= "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe" [01/13/2006 02:46 AM]
"CTHelper "= "CTHELPER.EXE" [05/05/2008 01:33 PM C:\WINDOWS\system32\CtHelper.exe]
"ActiveSMART "= "C:\Program Files\Active SMART\\ActiveSMART.exe" [08/07/2007 12:14 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 08:00 AM]

C:\Documents and Settings\Travis\Start Menu\Programs\Startup\
Active SMART.lnk - C:\Program Files\Active SMART\ActiveSMART.exe [6/20/2008 12:56:41 PM]
PowerMenu.lnk - C:\Program Files\PowerMenu\PowerMenu.exe [12/19/2002 7:17:56 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages "= msv1_0 C:\WINDOWS\system32\urqRHywv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@= "Service "

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c6685c1-2e77-11dd-bb71-0011d8cb1071}]
AutoRun\command- G:\Launch.exe /run




-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8744 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-06-21 14:30:20 ------------

 

I'm very sorry about that Pete, I did not mean anything by it. I hope this doesn't mean you won't assist me!

Also I posted the logs before I saw your response. They were posted to that other thread that I mistakenly hijacked.

 

Pete,

Sorry about that I see what you're talking about, those are SpyBot immunize entries in my hosts file. I just copied and pasted the DDS log not even realizing those would be links. I apologize again about that.

-Travis

P.S.: Glad to hear you aren't too angry with my incompetence. I apologize.

Is what I posted sufficient information or should I create some more logs? The extra.txt log created by DDS perhaps?

Also, I do notice that there are some left over files from an infection that I had, but I looked for those and don't see them anywhere. So, still a possible infection of some kind?

More information: I also located the LSA Authentication Regedit entry and deleted it as I know this is dangerous.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages "= msv1_0 C:\WINDOWS\system32\urqRHywv

 

Alright, I apologize if I wasted anyone's time on this issue already, but please close this thread for me. I learned that there was more to this issue than I thought. I found that many files on my computer were corrupted and I'm guessing it had something to do with a virus I used to have. I have completely formatted and everything is working fine. I'm greatful for Pete being so kind to welcome me and I hope you didn't dig into this issue too much. I believe it was a virus that had embedded itself in my critical windows applications (lsass.exe, winlogon, etc.). Problem rectified by format. Thanks again everyone!