Solved bsod, no sound

[Resolved] bsod, no sound

dont know what is wrong but something is. want to check for malware to count that out.so could someone please look at these for me?
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6366

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

4/15/2011 12:23:36 AM
mbam-log-2011-04-15 (00-23-36).txt

Scan type: Quick scan
Objects scanned: 158353
Time elapsed: 4 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

here is gmer
GMER 1.0.15.15570 - http://www.gmer.net
Rootkit scan 2011-04-15 01:28:59
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e Maxtor_6L160M0 rev.BANC1G10
Running: qqsl9ebd.exe; Driver: C:\DOCUME~1\JANROB~1\LOCALS~1\Temp\fgdyapog.sys


---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\DRIVERS\mohfilt.sys entry point in "init" section [0xF78E9760]

---- Devices - GMER 1.0.15 ----

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----

 

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000003d

Kernel Drivers (total 154):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E5000 \WINDOWS\system32\hal.dll
0xF7A3E000 \WINDOWS\system32\KDCOM.DLL
0xF794E000 \WINDOWS\system32\BOOTVID.dll
0xF740F000 ACPI.sys
0xF7A40000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF73FE000 pci.sys
0xF753E000 isapnp.sys
0xF7B06000 pciide.sys
0xF77BE000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF754E000 MountMgr.sys
0xF73DF000 ftdisk.sys
0xF7A42000 dmload.sys
0xF73B9000 dmio.sys
0xF77C6000 PartMgr.sys
0xF755E000 VolSnap.sys
0xF73A1000 atapi.sys
0xF756E000 disk.sys
0xF757E000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7381000 fltmgr.sys
0xF736F000 sr.sys
0xF735A000 drvmcdb.sys
0xF77CE000 PxHelp20.sys
0xF7343000 KSecDD.sys
0xF72B6000 Ntfs.sys
0xF7289000 NDIS.sys
0xF758E000 ohci1394.sys
0xF759E000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF726F000 Mup.sys
0xF6B00000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF6465000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xF6451000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF6429000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF78D6000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF6405000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF78DE000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF63AB000 \SystemRoot\system32\drivers\ctaud2k.sys
0xF6387000 \SystemRoot\system32\drivers\portcls.sys
0xF6AF0000 \SystemRoot\system32\drivers\drmk.sys
0xF6364000 \SystemRoot\system32\drivers\ks.sys
0xF6338000 \SystemRoot\system32\drivers\ctoss2k.sys
0xF7A6C000 \SystemRoot\System32\drivers\ctprxy2k.sys
0xF7A26000 \SystemRoot\system32\DRIVERS\gameenum.sys
0xF6AE0000 \SystemRoot\system32\DRIVERS\IntelC53.sys
0xF6211000 \SystemRoot\system32\DRIVERS\IntelC51.sys
0xF617C000 \SystemRoot\system32\DRIVERS\IntelC52.sys
0xF78E6000 \SystemRoot\system32\DRIVERS\mohfilt.sys
0xF78EE000 \SystemRoot\System32\Drivers\Modem.SYS
0xF6156000 \SystemRoot\system32\DRIVERS\e100b325.sys
0xF78F6000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF6AD0000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7A6E000 \SystemRoot\system32\drivers\sscdbhk5.sys
0xF6AC0000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF6AB0000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF78FE000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF7C43000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF6AA0000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7A32000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF613F000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF6A90000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF6A80000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7906000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF612E000 \SystemRoot\system32\DRIVERS\psched.sys
0xF75BE000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF790E000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7916000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF60FE000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF75CE000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF791E000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7926000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7A70000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF60A0000 \SystemRoot\system32\DRIVERS\update.sys
0xF722E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF75DE000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF79E6000 \SystemRoot\system32\drivers\MODEMCSA.sys
0xAA774000 \SystemRoot\system32\drivers\sthda.sys
0xF760E000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7A78000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xAA727000 \SystemRoot\System32\drivers\hap16v2k.sys
0xAA64A000 \SystemRoot\System32\drivers\ha10kx2k.sys
0xAA628000 \SystemRoot\System32\drivers\emupia2k.sys
0xAA608000 \SystemRoot\System32\drivers\ctsfm2k.sys
0xAA56A000 \SystemRoot\System32\drivers\ctac32k.sys
0xF792E000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xF6530000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xF7936000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xF79EA000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF761E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF793E000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xAA543000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0xF7806000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xF7A96000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7B63000 \SystemRoot\System32\Drivers\Null.SYS
0xF7A98000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7816000 \SystemRoot\system32\drivers\ssrtln.sys
0xF781E000 \SystemRoot\System32\drivers\vga.sys
0xF7A9A000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7A9C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7826000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF782E000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7A0A000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAA510000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAA4B7000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xAA48F000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAA469000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF763E000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xAA447000 \SystemRoot\System32\drivers\afd.sys
0xF764E000 \SystemRoot\system32\DRIVERS\netbios.sys
0xAA3F4000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAA384000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF783E000 \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{08191D59-4230-4B41-B9FB-114716DD76DF}\MpKsl3a0f00f9.sys
0xF609C000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xF766E000 \SystemRoot\System32\Drivers\Fips.SYS
0xF7B76000 \SystemRoot\System32\Drivers\BANTExt.sys
0xF769E000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF6088000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xF7846000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xF6080000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xAA344000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7AA2000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xAA758000 \SystemRoot\System32\drivers\Dxapi.sys
0xF784E000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7BC4000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF040000 \SystemRoot\System32\ialmdev5.DLL
0xBF070000 \SystemRoot\System32\ialmdd5.DLL
0xBF14C000 \SystemRoot\System32\ATMFD.DLL
0xF777E000 \SystemRoot\system32\drivers\drvnddm.sys
0xF7B53000 \SystemRoot\system32\dla\tfsndres.sys
0xAA19E000 \SystemRoot\system32\dla\tfsnifs.sys
0xAA240000 \SystemRoot\system32\dla\tfsnopio.sys
0xF7AAA000 \SystemRoot\system32\dla\tfsnpool.sys
0xF786E000 \SystemRoot\system32\dla\tfsnboio.sys
0xF778E000 \SystemRoot\system32\dla\tfsncofs.sys
0xF7B54000 \SystemRoot\system32\dla\tfsndrct.sys
0xAA185000 \SystemRoot\system32\dla\tfsnudf.sys
0xAA16C000 \SystemRoot\system32\dla\tfsnudfa.sys
0xAA1C0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA9D47000 \SystemRoot\system32\drivers\wdmaud.sys
0xA9E6C000 \SystemRoot\system32\drivers\sysaudio.sys
0xA9CF9000 \SystemRoot\system32\drivers\kmixer.sys
0xA97EC000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7A66000 \SystemRoot\System32\Drivers\ASCTRM.SYS
0xA95CB000 \SystemRoot\System32\Drivers\HTTP.sys
0xA9523000 \SystemRoot\system32\DRIVERS\srv.sys
0xA941C000 \??\C:\WINDOWS\system32\drivers\PfModNT.sys
0xA8C84000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xA8A8B000 \??\C:\DOCUME~1\JANROB~1\LOCALS~1\Temp\fgdyapog.sys
0xF7866000 \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{914086EA-EDA3-42C7-ABE1-9FBDCC8DD95A}\MpKsl3f5df5e8.sys
0xAA264000 \??\C:\DOCUME~1\JANROB~1\LOCALS~1\Temp\mbr.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 62):
0 System Idle Process
4 System
604 C:\WINDOWS\system32\smss.exe
660 csrss.exe
684 C:\WINDOWS\system32\winlogon.exe
728 C:\WINDOWS\system32\services.exe
740 C:\WINDOWS\system32\lsass.exe
960 C:\WINDOWS\system32\svchost.exe
1076 svchost.exe
1180 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
1220 C:\WINDOWS\system32\svchost.exe
1316 svchost.exe
1516 svchost.exe
1672 C:\WINDOWS\system32\spoolsv.exe
1772 C:\WINDOWS\explorer.exe
1992 C:\WINDOWS\ehome\ehtray.exe
2000 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2036 C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
164 C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
180 C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
192 C:\WINDOWS\system32\CTHELPER.EXE
220 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
256 C:\Program Files\Real\RealPlayer\realplay.exe
268 C:\WINDOWS\system32\dla\tfswctrl.exe
304 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
328 C:\WINDOWS\system32\hkcmd.exe
420 C:\WINDOWS\system32\igfxpers.exe
436 C:\WINDOWS\stsystra.exe
468 C:\Program Files\Google\Google Talk\googletalk.exe
516 C:\Program Files\Dell V310-V510 Series\dleamon.exe
536 C:\Program Files\Dell V310-V510 Series\ezprint.exe
588 C:\Program Files\Microsoft Security Client\msseces.exe
1016 C:\Program Files\iTunes\iTunesHelper.exe
1156 C:\Program Files\Dell Support\DSAgnt.exe
1172 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
1380 C:\WINDOWS\system32\ctfmon.exe
476 svchost.exe
1360 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1384 C:\Program Files\Bonjour\mDNSResponder.exe
1468 C:\WINDOWS\system32\CTSVCCDA.EXE
1536 C:\WINDOWS\system32\spool\drivers\w32x86\3\dleaserv.exe
1624 C:\WINDOWS\system32\dleacoms.exe
1828 C:\WINDOWS\ehome\ehrecvr.exe
1944 C:\WINDOWS\ehome\ehSched.exe
2236 C:\Program Files\Java\jre6\bin\jqs.exe
2384 C:\PROGRA~1\McAfee\SITEAD~1\McSACore.exe
2940 svchost.exe
3044 C:\WINDOWS\system32\svchost.exe
3248 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
3384 mcrdsvc.exe
2332 C:\WINDOWS\system32\rundll32.exe
2584 C:\Program Files\iPod\bin\iPodService.exe
2788 C:\WINDOWS\system32\dllhost.exe
3684 C:\WINDOWS\ehome\ehmsas.exe
3780 alg.exe
3800 C:\Program Files\Internet Explorer\iexplore.exe
1728 C:\Program Files\Internet Explorer\iexplore.exe
3648 C:\WINDOWS\system32\notepad.exe
948 C:\Program Files\Internet Explorer\iexplore.exe
2620 C:\WINDOWS\system32\notepad.exe
3168 C:\WINDOWS\system32\notepad.exe
3572 C:\Documents and Settings\jan roberts\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`036e8e00 (NTFS)

PhysicalDrive0 Model Number: Maxtor6L160M0, Rev: BANC1G10

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: E66C176942DF42CCFE7A0113EAFF39E82F8B0047


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

 

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by jan roberts at 1:33:46.50 on Fri 04/15/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.430 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Dell V310-V510 Series\dleamon.exe
C:\Program Files\Dell V310-V510 Series\ezprint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\dleaserv.exe
C:\WINDOWS\system32\dleacoms.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\PROGRA~1\mcafee\SITEAD~1\McSACore.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\jan roberts\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/ig
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe "
uRun: [Google Update] "c:\documents and settings\jan roberts\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /r
mRun: [CTDVDDET] "c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDET.EXE "
mRun: [CTHelper] CTHELPER.EXE
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe "
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [dleamon.exe] "c:\program files\dell v310-v510 series\dleamon.exe "
mRun: [EzPrint] "c:\program files\dell v310-v510 series\ezprint.exe "
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\janrob~1\applic~1\mozilla\firefox\profiles\n8r5g06o.default\
FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJPI142_03.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R1 MpKsl3a0f00f9;MpKsl3a0f00f9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{08191d59-4230-4b41-b9fb-114716dd76df}\mpksl3a0f00f9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{08191d59-4230-4b41-b9fb-114716dd76df}\MpKsl3a0f00f9.sys [?]
R1 MpKsl3f5df5e8;MpKsl3f5df5e8;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{914086ea-eda3-42c7-abe1-9fbdcc8dd95a}\MpKsl3f5df5e8.sys [2011-4-15 28752]
R2 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe -service --> c:\windows\system32\dleacoms.exe -service [?]
R2 dleaCATSCustConnectService;dleaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\dleaserv.exe [2011-3-11 193192]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\McSACore.exe [2011-2-28 88176]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S1 MpKsl7f9be5b9;MpKsl7f9be5b9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{53b91153-338a-4f41-8907-696363ef8590}\mpksl7f9be5b9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{53b91153-338a-4f41-8907-696363ef8590}\MpKsl7f9be5b9.sys [?]
S1 MpKsld5b81f04;MpKsld5b81f04;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{22720e55-48da-4ece-bebd-83372900ce5d}\mpksld5b81f04.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{22720e55-48da-4ece-bebd-83372900ce5d}\MpKsld5b81f04.sys [?]
S1 MpKsled446535;MpKsled446535;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eebdedfc-67f9-43a5-a5a5-9ab47e51304c}\mpksled446535.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{eebdedfc-67f9-43a5-a5a5-9ab47e51304c}\MpKsled446535.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-28 136176]
.
=============== Created Last 30 ================
.
2011-04-15 05:27:02 28752 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{914086ea-eda3-42c7-abe1-9fbdcc8dd95a}\MpKsl3f5df5e8.sys
2011-04-15 05:26:52 6792528 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{914086ea-eda3-42c7-abe1-9fbdcc8dd95a}\mpengine.dll
2011-04-15 02:21:46 -------- d-----w- c:\windows\system32\XPSViewer
2011-04-15 02:21:14 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-04-15 02:20:49 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-04-15 02:20:49 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-04-15 02:20:49 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-04-15 02:20:49 117760 ------w- c:\windows\system32\prntvpt.dll
2011-04-15 02:20:48 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-04-15 02:20:48 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-04-15 02:20:48 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-04-15 02:20:48 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2011-04-15 02:20:45 -------- d-----w- C:\b1d68499e55e15f4eaca
2011-04-15 01:30:24 -------- d-----w- c:\docume~1\janrob~1\applic~1\ElevatedDiagnostics
2011-03-26 00:23:59 -------- d-----w- c:\docume~1\janrob~1\locals~1\applic~1\Audible
2011-03-26 00:03:27 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-03-26 00:03:27 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-03-26 00:02:24 -------- d-----w- c:\program files\iPod
2011-03-26 00:02:21 -------- d-----w- c:\program files\iTunes
2011-03-26 00:00:26 -------- d-----w- c:\program files\Bonjour
2011-03-21 13:00:42 6792528 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-03-18 20:03:50 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-03-18 20:01:41 -------- d-----w- c:\program files\Microsoft Security Client
.
==================== Find3M ====================
.
2011-03-11 17:47:14 103784 ----a-w- c:\documents and settings\jan roberts\GoToAssistDownloadHelper.exe
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-28 22:03:12 255352 ----a-w- c:\windows\system32\awrdscdc.ax
2011-02-28 17:46:45 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-28 17:46:45 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ------w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ------w- c:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 13:25:52 229888 ----a-w- c:\windows\system32\fxscover.exe
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-04 22:48:32 456192 ----a-w- c:\windows\system32\encdec.dll
2011-02-04 22:48:30 291840 ----a-w- c:\windows\system32\sbe.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
.
============= FINISH: 1:34:17.64 ===============

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 2/28/2011 9:37:15 AM
System Uptime: 4/15/2011 12:17:12 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0RD203
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 144 GiB total, 107.519 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1: 2/28/2011 9:37:19 AM - System Checkpoint
RP2: 2/28/2011 10:06:06 AM - Installed Windows XP KB835221WXP.
RP3: 2/28/2011 10:06:14 AM - Installed SigmaTel Audio
RP4: 2/28/2011 10:23:10 AM - Removed Norton Security Center
RP5: 2/28/2011 10:27:27 AM - Removed Musicmatch for Windows Media Player
RP6: 2/28/2011 10:28:37 AM - Removed MyWay Search Assistant
RP7: 2/28/2011 10:28:48 AM - Removed NetZeroInstallers
RP8: 2/28/2011 11:03:45 AM - Removed EarthLink setup files
RP9: 2/28/2011 11:07:25 AM - Removed WordPerfect Office 12
RP10: 2/28/2011 11:46:36 AM - Removed QuickBooks
RP11: 2/28/2011 11:51:20 AM - Removed Dell Picture Studio v3.0
RP12: 2/28/2011 11:52:02 AM - Removed Get High Speed Internet!
RP13: 2/28/2011 11:54:09 AM - Removed EducateU
RP14: 2/28/2011 12:26:42 PM - Removed Jasc Paint Shop Photo Album 5
RP15: 2/28/2011 12:46:39 PM - Installed Java(TM) 6 Update 24
RP16: 2/28/2011 12:50:06 PM - Software Distribution Service 3.0
RP17: 2/28/2011 1:02:51 PM - Software Distribution Service 3.0
RP18: 2/28/2011 1:37:55 PM - Software Distribution Service 3.0
RP19: 2/28/2011 2:42:00 PM - Installed Windows Internet Explorer 8.
RP20: 2/28/2011 2:42:54 PM - Software Distribution Service 3.0
RP21: 2/28/2011 2:53:06 PM - Software Distribution Service 3.0
RP22: 2/28/2011 3:27:37 PM - Installed Windows Internet Explorer 8.
RP23: 2/28/2011 3:28:23 PM - Software Distribution Service 3.0
RP24: 2/28/2011 3:33:23 PM - Software Distribution Service 3.0
RP25: 2/28/2011 3:43:32 PM - Installed Security Update for CAPICOM (KB931906)
RP26: 2/28/2011 4:07:20 PM - Removed Jasc Paint Shop Pro Studio, Dell Editon
RP27: 2/28/2011 4:51:43 PM - Installed iTunes
RP28: 2/28/2011 9:02:54 PM - Installed OverDrive Media Console
RP29: 3/1/2011 10:27:14 PM - Windows Media Center Update
RP30: 3/1/2011 10:27:45 PM - Installed Windows Media Player 10 KB903157.
RP31: 3/1/2011 10:29:57 PM - Installed Windows XP Media Center Edition 2005 Update Rollup 2.
RP32: 3/1/2011 10:39:41 PM - Installed Windows Media Player 11
RP33: 3/1/2011 10:40:26 PM - Installed Windows XP Media Center Edition 2005 KB925766.
RP34: 3/1/2011 10:41:08 PM - Installed Windows XP Wudf01000.
RP35: 3/1/2011 10:43:28 PM - Installed Windows XP MSCompPackV1.
RP36: 3/2/2011 12:21:08 AM - Software Distribution Service 3.0
RP37: 3/2/2011 3:37:59 PM - Removed Apple Mobile Device Support
RP38: 3/2/2011 3:38:52 PM - Removed Apple Software Update
RP39: 3/2/2011 3:39:25 PM - Removed Bonjour
RP40: 3/2/2011 3:41:36 PM - Removed iTunes
RP41: 3/2/2011 3:45:47 PM - Removed QuickTime
RP42: 3/4/2011 4:14:43 PM - System Checkpoint
RP43: 3/5/2011 5:11:31 PM - System Checkpoint
RP44: 3/9/2011 7:42:14 AM - Software Distribution Service 3.0
RP45: 3/10/2011 12:01:18 PM - System Checkpoint
RP46: 3/14/2011 5:05:46 PM - System Checkpoint
RP47: 3/18/2011 4:03:50 PM - Software Distribution Service 3.0
RP48: 3/19/2011 6:00:50 PM - Software Distribution Service 3.0
RP49: 3/20/2011 8:31:42 AM - Software Distribution Service 3.0
RP50: 3/21/2011 9:00:24 AM - Software Distribution Service 3.0
RP51: 3/22/2011 9:28:07 AM - Software Distribution Service 3.0
RP52: 3/23/2011 5:45:58 PM - Software Distribution Service 3.0
RP53: 3/24/2011 4:49:05 AM - Software Distribution Service 3.0
RP54: 3/24/2011 8:37:32 AM - Software Distribution Service 3.0
RP55: 3/25/2011 8:59:48 AM - Software Distribution Service 3.0
RP56: 3/25/2011 8:02:13 PM - Installed iTunes
RP57: 3/26/2011 9:12:43 AM - Software Distribution Service 3.0
RP58: 3/27/2011 8:50:53 AM - Software Distribution Service 3.0
RP59: 3/28/2011 8:44:02 AM - Software Distribution Service 3.0
RP60: 3/29/2011 8:46:34 AM - Software Distribution Service 3.0
RP61: 3/30/2011 9:29:19 AM - Software Distribution Service 3.0
RP62: 3/31/2011 8:59:50 AM - Software Distribution Service 3.0
RP63: 4/1/2011 9:11:32 AM - Software Distribution Service 3.0
RP64: 4/2/2011 9:57:51 AM - Software Distribution Service 3.0
RP65: 4/3/2011 9:13:47 AM - Software Distribution Service 3.0
RP66: 4/4/2011 9:11:02 AM - Software Distribution Service 3.0
RP67: 4/5/2011 10:59:59 AM - Software Distribution Service 3.0
RP68: 4/5/2011 9:58:22 PM - Removed Microsoft IntelliPoint 6.3
RP69: 4/6/2011 3:42:39 PM - Software Distribution Service 3.0
RP70: 4/7/2011 9:26:03 AM - Software Distribution Service 3.0
RP71: 4/8/2011 11:02:43 AM - Software Distribution Service 3.0
RP72: 4/9/2011 8:53:58 AM - Software Distribution Service 3.0
RP73: 4/10/2011 9:10:45 AM - Software Distribution Service 3.0
RP74: 4/11/2011 8:43:00 AM - Software Distribution Service 3.0
RP75: 4/12/2011 9:58:22 AM - Software Distribution Service 3.0
RP76: 4/13/2011 8:59:41 AM - Software Distribution Service 3.0
RP77: 4/14/2011 5:01:40 AM - Software Distribution Service 3.0
RP78: 4/14/2011 12:09:27 PM - Software Distribution Service 3.0
RP79: 4/14/2011 9:27:40 PM - Installed %1 %2.
RP80: 4/14/2011 10:16:06 PM - Software Distribution Service 3.0
RP81: 4/14/2011 10:34:56 PM - Software Distribution Service 3.0
RP82: 4/14/2011 11:04:08 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Acrobat - Reader 6.0.2 Update
Adobe Flash Player 10 ActiveX
Adobe Reader 6.0.1
AOLIcon
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
Audible Download Manager
AudibleManager
Belarc Advisor 8.1
Bonjour
Creative MediaSource
Dell Driver Reset Tool
Dell Support 3.1
Dell System Restore
Dell V310-V510 Series
Google Chrome
Google Talk (remove only)
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
Intel(R) 537EP V9x DF PCI Modem
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
Internet Explorer Default Page
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 24
Macromedia Flash Player
Malwarebytes' Anti-Malware
McAfee SiteAdvisor
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Modem Event Monitor
Modem Helper
Modem On Hold
Mozilla Firefox (3.6.13)
OverDrive Media Console
PowerDVD 5.5
Qualxserve Service Agreement
QuickTime
RealPlayer Basic
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
SigmaTel Audio
Sonic DLA
Sonic Encoders
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sound Blaster Audigy 2 ZS
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
4/15/2011 12:13:39 AM, error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).
4/15/2011 12:13:39 AM, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).
4/15/2011 12:13:39 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
4/15/2011 12:13:39 AM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
4/15/2011 12:13:39 AM, error: Service Control Manager [7034] - The dleaCATSCustConnectService service terminated unexpectedly. It has done this 1 time(s).
4/15/2011 12:13:39 AM, error: Service Control Manager [7034] - The dlea_device service terminated unexpectedly. It has done this 1 time(s).
4/15/2011 12:13:39 AM, error: Service Control Manager [7034] - The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s).
4/15/2011 12:13:39 AM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
4/15/2011 12:13:39 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/15/2011 12:13:38 AM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
.
==== End Of File ===========================

 

broni the mcafee is gone this time for sure,i hope here is the bsod thingie
==================================================
Dump File : Mini041411-01.dmp
Crash Time : 4/14/2011 9:47:53 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0xf6a76c7a
Parameter 2 : 0x00000002
Parameter 3 : 0x00000008
Parameter 4 : 0xf6a76c7a
Caused By Driver : USBPORT.SYS
Caused By Address : USBPORT.SYS+9a19
File Description : USB 1.1 & 2.0 Port Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2108)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini041411-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================

 

yes just once
heres combo fix
ComboFix 11-04-14.03 - jan roberts 04/15/2011 15:35:45.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.587 [GMT -4:00]
Running from: c:\documents and settings\jan roberts\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\data
c:\data\default\us_sres.data
c:\documents and settings\jan roberts\GoToAssistDownloadHelper.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-03-15 to 2011-04-15 )))))))))))))))))))))))))))))))
.
.
2011-04-15 19:02 . 2011-04-15 19:02 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FDB58D48-2278-43B4-955B-84BB9B93D85B}\MpKsla8194736.sys
2011-04-15 13:32 . 2011-03-15 04:05 6792528 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FDB58D48-2278-43B4-955B-84BB9B93D85B}\mpengine.dll
2011-04-15 01:30 . 2011-04-15 01:30 -------- d-----w- c:\documents and settings\jan roberts\Application Data\ElevatedDiagnostics
2011-04-06 15:26 . 2011-04-06 15:26 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2011-03-26 00:23 . 2011-03-26 13:04 -------- d-----w- c:\documents and settings\jan roberts\Local Settings\Application Data\Audible
2011-03-26 00:03 . 2009-05-18 17:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-03-26 00:03 . 2008-04-17 16:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-03-26 00:02 . 2011-03-26 00:02 -------- d-----w- c:\program files\iPod
2011-03-26 00:02 . 2011-03-26 00:03 -------- d-----w- c:\program files\iTunes
2011-03-26 00:00 . 2011-03-26 00:00 -------- d-----w- c:\program files\Bonjour
2011-03-21 13:00 . 2011-03-15 04:05 6792528 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-03-18 20:03 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-03-18 20:01 . 2011-03-18 20:02 -------- d-----w- c:\program files\Microsoft Security Client
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2004-08-19 21:04 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37 . 2004-08-19 20:49 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2004-08-19 20:49 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-28 22:03 . 2011-02-28 22:03 255352 ----a-w- c:\windows\system32\awrdscdc.ax
2011-02-28 17:46 . 2011-02-28 17:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-28 17:46 . 2011-02-28 17:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-22 23:06 . 2004-08-19 20:49 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06 . 2004-08-19 20:49 43520 ------w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06 . 2004-08-19 20:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2004-08-19 20:49 385024 ------w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2005-10-09 11:56 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2005-10-09 11:56 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2011-02-28 17:55 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2004-08-19 20:49 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 13:25 . 2004-08-19 21:01 229888 ----a-w- c:\windows\system32\fxscover.exe
2011-02-08 13:33 . 2004-08-19 20:49 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2004-08-19 20:49 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-04 22:48 . 2004-08-19 20:49 456192 ----a-w- c:\windows\system32\encdec.dll
2011-02-04 22:48 . 2004-08-19 20:49 291840 ----a-w- c:\windows\system32\sbe.dll
2011-02-02 07:58 . 2004-08-19 21:01 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2004-08-19 21:01 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2004-08-19 20:49 439296 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport "= "c:\program files\Dell Support\DSAgnt.exe" [2005-05-15 332800]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-02-28 39408]
"Google Update "= "c:\documents and settings\jan roberts\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2011-02-28 136176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray "= "c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"SunJavaUpdateSched "= "c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"ATIPTA "= "c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-30 339968]
"IntelMeM "= "c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"CTSysVol "= "c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET "= "c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
"CTHelper "= "CTHELPER.EXE" [2004-03-11 28672]
"UpdReg "= "c:\windows\UpdReg.EXE" [2000-05-11 90112]
"DVDLauncher "= "c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"RealTray "= "c:\program files\Real\RealPlayer\RealPlay.exe" [2005-10-09 26112]
"dla "= "c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup "= "c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler "= "c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"IgfxTray "= "c:\windows\system32\igfxtray.exe" [2005-04-06 94208]
"HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
"Persistence "= "c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
"SigmatelSysTrayApp "= "stsystra.exe" [2005-03-23 339968]
"googletalk "= "c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"dleamon.exe "= "c:\program files\Dell V310-V510 Series\dleamon.exe" [2010-08-09 770728]
"EzPrint "= "c:\program files\Dell V310-V510 Series\ezprint.exe" [2010-08-09 139944]
"MSC "= "c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"QuickTime Task "= "c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=" "
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@= "Service "
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe "=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Messenger\\msmsgs.exe "=
"c:\\WINDOWS\\system32\\dleacoms.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=
.
R1 MpKsla8194736;MpKsla8194736;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FDB58D48-2278-43B4-955B-84BB9B93D85B}\MpKsla8194736.sys [4/15/2011 3:02 PM 28752]
R2 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe -service --> c:\windows\system32\dleacoms.exe -service [?]
R2 dleaCATSCustConnectService;dleaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\dleaserv.exe [3/11/2011 1:56 PM 193192]
S1 MpKsl7f9be5b9;MpKsl7f9be5b9;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{53B91153-338A-4F41-8907-696363EF8590}\MpKsl7f9be5b9.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{53B91153-338A-4F41-8907-696363EF8590}\MpKsl7f9be5b9.sys [?]
S1 MpKsld5b81f04;MpKsld5b81f04;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{22720E55-48DA-4ECE-BEBD-83372900CE5D}\MpKsld5b81f04.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{22720E55-48DA-4ECE-BEBD-83372900CE5D}\MpKsld5b81f04.sys [?]
S1 MpKsled446535;MpKsled446535;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EEBDEDFC-67F9-43A5-A5A5-9AB47E51304C}\MpKsled446535.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EEBDEDFC-67F9-43A5-A5A5-9AB47E51304C}\MpKsled446535.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/28/2011 12:59 PM 136176]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLA8194736
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50]
.
2011-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-28 16:58]
.
2011-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-28 16:58]
.
2011-04-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1948461421-2004685971-4226772609-1005Core.job
- c:\documents and settings\jan roberts\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-28 16:58]
.
2011-04-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1948461421-2004685971-4226772609-1005UA.job
- c:\documents and settings\jan roberts\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-28 16:58]
.
2011-04-15 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 16:26]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/ig
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\jan roberts\Application Data\Mozilla\Firefox\Profiles\n8r5g06o.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-15 15:39
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\docume~1\JANROB~1\LOCALS~1\Temp\catchme.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled "=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@= "c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker4 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
Completion time: 2011-04-15 15:41:43
ComboFix-quarantined-files.txt 2011-04-15 19:41
.
Pre-Run: 115,309,617,152 bytes free
Post-Run: 115,276,357,632 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug= "do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS= "Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 5594B47C03C801DE2701324E97E4F6D2

 

here's rkill
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 04/15/2011 at 15:47:18.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:



Rkill completed on 04/15/2011 at 15:47:23.

 

computer still has no sound but seems to be okay the bsod was huge suprise to me was in process of uninstalling soundblaster in device manager next thing to appear was bsod.

 

OTL logfile created on: 4/15/2011 3:58:12 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\jan roberts\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 417.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 107.39 Gb Free Space | 74.41% Space Free | Partition Type: NTFS

Computer Name: D8T09M81 | User Name: jan roberts | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/15 15:53:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jan roberts\Desktop\OTL.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/08/09 11:32:48 | 000,770,728 | ---- | M] () -- C:\Program Files\Dell V310-V510 Series\dleamon.exe
PRC - [2010/05/21 19:19:52 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\dleacoms.exe
PRC - [2010/05/21 19:19:46 | 000,193,192 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\dleaserv.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/01 17:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2005/10/09 08:30:31 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2005/05/15 03:04:12 | 000,332,800 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2005/03/23 01:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2003/09/17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe


========== Modules (SafeList) ==========

MOD - [2011/04/15 15:53:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jan roberts\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/05/21 19:19:52 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dleacoms.exe -- (dlea_device)
SRV - [2010/05/21 19:19:46 | 000,193,192 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dleaserv.exe -- (dleaCATSCustConnectService)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/04/15 15:42:34 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F29394BC-96EB-44E0-89A9-29F2CDA8B922}\MpKsl4a538d94.sys -- (MpKsl4a538d94)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/02/27 14:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2005/10/09 08:30:34 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/06/14 23:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2005/03/30 06:03:06 | 001,035,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/12 21:40:50 | 000,904,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2004/08/06 23:29:14 | 000,006,656 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pfmodnt.sys -- (PfModNT)
DRV - [2004/08/06 16:43:26 | 000,366,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2004/07/13 16:15:48 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2004/07/13 16:13:14 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2004/07/13 16:12:36 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/07/13 16:11:58 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2004/07/13 16:11:28 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2004/07/13 16:09:32 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2004/06/16 04:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/06 05:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/11/13 03:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ig
IE - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========



FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/02/28 12:59:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/25 20:01:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/14 11:58:35 | 000,000,000 | ---D | M]

[2011/02/28 10:57:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jan roberts\Application Data\Mozilla\Extensions
[2011/02/28 13:21:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jan roberts\Application Data\Mozilla\Firefox\Profiles\n8r5g06o.default\extensions
[2011/02/28 13:21:30 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\jan roberts\Application Data\Mozilla\Firefox\Profiles\n8r5g06o.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/03/01 10:41:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/28 13:46:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/02/28 13:46:45 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/04/15 15:39:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [dleamon.exe] C:\Program Files\Dell V310-V510 Series\dleamon.exe ()
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Dell V310-V510 Series\ezprint.exe ()
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1948461421-2004685971-4226772609-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Santa Fe Stucco.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Santa Fe Stucco.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/19 17:07:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave3 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)

========== Files/Folders - Created Within 30 Days ==========

[2011/04/15 15:53:15 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jan roberts\Desktop\OTL.exe
[2011/04/15 15:34:34 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/04/15 15:33:01 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/04/15 15:33:01 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/04/15 15:33:01 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/04/15 15:33:01 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/04/15 15:32:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/04/15 15:32:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/04/15 15:08:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jan roberts\Desktop\bluescreenview
[2011/04/15 02:03:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jan roberts\Desktop\logs
[2011/04/14 22:51:53 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/04/14 22:21:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/04/14 22:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/04/14 22:21:31 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/04/14 22:20:45 | 000,000,000 | ---D | C] -- C:\b1d68499e55e15f4eaca
[2011/04/14 21:47:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/04/14 21:30:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jan roberts\Application Data\ElevatedDiagnostics
[2011/04/14 21:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2011/04/14 21:27:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2011/04/06 11:26:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2011/03/25 20:23:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jan roberts\Local Settings\Application Data\Audible
[2011/03/25 20:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/03/25 20:02:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/25 20:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/25 20:01:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/03/25 20:01:18 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/03/25 20:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/03/25 20:00:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/03/18 16:01:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/03/17 08:44:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jan roberts\Desktop\JUNK DRAWER TOO
[2011/03/11 13:56:30 | 000,442,368 | ---- | C] ( ) -- C:\WINDOWS\System32\dleacoin.dll
[2011/03/11 13:54:09 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\dleaserv.dll
[2011/03/11 13:54:09 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\dleausb1.dll
[2011/03/11 13:54:09 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\dleapmui.dll
[2011/03/11 13:54:09 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\dlealmpm.dll
[2011/03/11 13:54:09 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dleainpa.dll
[2011/03/11 13:54:09 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\DLEAhcp.dll
[2011/03/11 13:54:09 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\dleaiesc.dll
[2011/03/11 13:54:08 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\dleahbn3.dll
[2011/03/11 13:54:08 | 000,324,264 | ---- | C] ( ) -- C:\WINDOWS\System32\dleaih.exe
[2011/03/11 13:54:07 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\dleacomc.dll
[2011/03/11 13:54:07 | 000,598,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dleacoms.exe
[2011/03/11 13:54:07 | 000,373,416 | ---- | C] ( ) -- C:\WINDOWS\System32\dleacfg.exe
[2011/03/11 13:54:07 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\dleacomm.dll
[2005/10/09 08:23:54 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[2005/10/09 08:23:53 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll

========== Files - Modified Within 30 Days ==========

[2011/04/15 15:53:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jan roberts\Desktop\OTL.exe
[2011/04/15 15:46:14 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\rkill.com
[2011/04/15 15:39:42 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/04/15 15:34:42 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2011/04/15 15:32:36 | 004,932,601 | ---- | M] () -- C:\WINDOWS\{00000003-00000000-00000002-00001102-00000004-20061102}.CDF
[2011/04/15 15:31:09 | 004,321,723 | R--- | M] () -- C:\Documents and Settings\jan roberts\Desktop\ComboFix.exe
[2011/04/15 15:16:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1948461421-2004685971-4226772609-1005UA.job
[2011/04/15 15:07:43 | 000,059,456 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\bluescreenview.zip
[2011/04/15 15:07:43 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/04/15 15:04:01 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/15 15:02:31 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/15 15:02:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/15 15:02:22 | 1063,407,616 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/15 15:01:45 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000002-00001102-00000004-20061102}.rfx
[2011/04/15 15:01:45 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000003-00000000-00000002-00001102-00000004-20061102}.rfx
[2011/04/15 15:01:45 | 000,028,068 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000003-00000000-00000002-00001102-00000004-20061102}.rfx
[2011/04/15 15:01:45 | 000,028,068 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000003-00000000-00000002-00001102-00000004-20061102}.rfx
[2011/04/15 15:01:45 | 000,002,056 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2011/04/15 15:01:45 | 000,002,056 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2011/04/15 15:01:45 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000002-00001102-00000004-20061102}.dat
[2011/04/15 15:01:45 | 000,000,384 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000002-00001102-00000004-20061102}.dat
[2011/04/15 11:16:00 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1948461421-2004685971-4226772609-1005Core.job
[2011/04/15 09:12:34 | 000,011,795 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\iGoogle.url
[2011/04/15 02:08:38 | 000,000,985 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\Calculated Risk.url
[2011/04/15 02:07:05 | 000,000,221 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\IRIS Seismic Monitor.url
[2011/04/15 00:24:11 | 000,000,207 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\WindowsBBS.url
[2011/04/14 22:53:24 | 000,442,466 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/14 22:53:24 | 000,071,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/14 22:31:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/14 22:28:40 | 000,123,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/14 21:32:11 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\Fix it - Microsoft ATS.lnk
[2011/04/14 21:28:07 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/14 20:14:55 | 000,004,788 | ---- | M] () -- C:\WINDOWS\System32\CTHELPER.RPT
[2011/04/14 20:04:26 | 000,002,317 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OverDrive Media Console.lnk
[2011/04/14 18:55:00 | 000,004,291 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\YouTube.url
[2011/04/14 18:50:40 | 000,000,261 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\FedEx at Memphis.url
[2011/04/14 13:04:58 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\Yahoo!.url
[2011/04/14 06:16:53 | 000,000,258 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\Walmart MP3 Music.url
[2011/04/13 22:19:13 | 000,000,205 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\USGS.url
[2011/04/13 11:26:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/04/13 09:49:37 | 000,000,245 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\Wikipedia.url
[2011/04/12 23:06:58 | 000,000,211 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\Netflix.url
[2011/04/12 12:42:50 | 000,000,217 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\Storm Prediction Center.url
[2011/04/12 11:28:35 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\TIFTON WEATHER.url
[2011/04/09 20:04:02 | 000,000,243 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\Doppler Radar National Mosaic -.url
[2011/04/09 19:11:28 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\Audible.url
[2011/04/08 18:17:44 | 000,001,028 | ---- | M] () -- C:\msgr_on.bmp
[2011/04/08 18:17:44 | 000,000,288 | ---- | M] () -- C:\qsyma.bmp
[2011/04/04 21:39:37 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\AOL Music#-1.url
[2011/03/29 21:32:47 | 000,000,223 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\Twitter.url
[2011/03/25 20:03:31 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/03/25 20:01:47 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/03/24 23:18:08 | 000,002,330 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\Google Chrome.lnk
[2011/03/24 23:18:08 | 000,002,308 | ---- | M] () -- C:\Documents and Settings\jan roberts\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/24 06:31:05 | 000,000,300 | ---- | M] () -- C:\Documents and Settings\jan roberts\Desktop\world time.url
[2011/03/18 16:02:09 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif

========== Files Created - No Company Name ==========

[2011/04/15 15:46:10 | 001,006,778 | ---- | C] () -- C:\Documents and Settings\jan roberts\Desktop\rkill.com
[2011/04/15 15:34:42 | 000,000,209 | ---- | C] () -- C:\Boot.bak
[2011/04/15 15:34:38 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/04/15 15:33:01 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/04/15 15:33:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/04/15 15:33:01 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/04/15 15:33:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/04/15 15:33:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/15 15:31:05 | 004,321,723 | R--- | C] () -- C:\Documents and Settings\jan roberts\Desktop\ComboFix.exe
[2011/04/15 15:07:42 | 000,059,456 | ---- | C] () -- C:\Documents and Settings\jan roberts\Desktop\bluescreenview.zip
[2011/04/14 21:32:11 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\jan roberts\Desktop\Fix it - Microsoft ATS.lnk
[2011/04/10 08:40:01 | 000,004,788 | ---- | C] () -- C:\WINDOWS\System32\CTHELPER.RPT
[2011/04/08 18:17:44 | 000,001,028 | ---- | C] () -- C:\msgr_on.bmp
[2011/04/08 18:17:44 | 000,000,288 | ---- | C] () -- C:\qsyma.bmp
[2011/04/04 21:39:37 | 000,000,633 | ---- | C] () -- C:\Documents and Settings\jan roberts\Desktop\AOL Music#-1.url
[2011/03/29 13:01:45 | 000,000,243 | ---- | C] () -- C:\Documents and Settings\jan roberts\Desktop\Doppler Radar National Mosaic -.url
[2011/03/25 20:03:31 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/03/25 20:01:47 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/03/25 20:01:04 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/25 20:01:01 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2011/03/24 08:06:28 | 000,000,261 | ---- | C] () -- C:\Documents and Settings\jan roberts\Desktop\FedEx at Memphis.url
[2011/03/19 10:41:30 | 000,000,217 | ---- | C] () -- C:\Documents and Settings\jan roberts\Desktop\Storm Prediction Center.url
[2011/03/19 10:07:02 | 000,000,300 | ---- | C] () -- C:\Documents and Settings\jan roberts\Desktop\world time.url
[2011/03/18 16:07:00 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/03/18 16:02:09 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/03/18 16:01:49 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/03/11 13:56:35 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dleavs.dll
[2011/03/11 13:56:22 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\dleacuir.dll
[2011/03/11 13:56:22 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dleagcfg.dll
[2011/03/11 13:56:21 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\dleacui.dll
[2011/03/11 13:55:50 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\DLEAwupd.dll
[2011/03/11 13:55:50 | 000,213,672 | ---- | C] () -- C:\WINDOWS\System32\DLEAwupd.exe
[2011/03/11 13:54:09 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\DLEAinst.dll
[2011/03/11 13:54:08 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\dleains.dll
[2011/03/11 13:54:08 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\dleainsb.dll
[2011/03/11 13:54:08 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dleagrd.dll
[2011/03/11 13:54:08 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dleainsr.dll
[2011/03/11 13:54:08 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\dleacub.dll
[2011/03/11 13:54:08 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\dleajswr.dll
[2011/03/11 13:54:07 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\dleacu.dll
[2011/03/11 13:54:07 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dleacur.dll
[2011/03/11 13:54:06 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\DLEAcfg.dll
[2011/03/11 13:53:55 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\DLEAsm.dll
[2011/03/11 13:53:55 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\DLEAsmr.dll
[2011/02/28 16:03:38 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2011/02/28 12:02:23 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2011/02/28 11:07:20 | 000,000,384 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000002-00001102-00000004-20061102}.dat
[2011/02/28 11:07:20 | 000,000,384 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000002-00001102-00000004-20061102}.dat
[2011/02/28 10:37:30 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\jan roberts\Local Settings\Application Data\fusioncache.dat
[2005/10/09 08:41:55 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/09 08:39:59 | 000,000,384 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000003-00001102-00000004-20061102}.dat
[2005/10/09 08:39:59 | 000,000,384 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000003-00000000-00000003-00001102-00000004-20061102}.dat
[2005/10/09 08:32:29 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/09 08:29:45 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/09 08:24:23 | 001,247,400 | ---- | C] () -- C:\WINDOWS\System32\CTAA1.DAT
[2005/10/09 08:24:22 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2005/10/09 08:24:21 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2005/10/09 08:23:55 | 000,127,226 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2005/10/09 08:23:55 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2005/10/09 08:23:55 | 000,014,424 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Del.ini
[2005/10/09 08:23:55 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2005/10/09 08:23:54 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2005/10/09 08:23:54 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2005/10/09 08:23:54 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2005/10/09 08:23:28 | 000,000,136 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2005/10/09 07:58:06 | 000,264,466 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2005/10/09 07:58:06 | 000,140,643 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2005/10/09 07:57:56 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/09 07:57:52 | 000,081,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/10/09 07:57:28 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,123,728 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:51 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,442,466 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,071,732 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

========== LOP Check ==========

[2011/02/28 10:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2005/10/09 08:30:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/02/28 17:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/14 21:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jan roberts\Application Data\ElevatedDiagnostics
[2011/02/28 12:42:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jan roberts\Application Data\Leadertech
[2011/03/19 09:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jan roberts\Application Data\MP3Rocket
[2011/02/28 22:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jan roberts\Application Data\OverDrive
[2011/04/15 15:07:43 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Custom Scans ==========


< >

< >

< %SYSTEMDRIVE%\*.* >
[2004/08/19 17:07:14 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/02/28 10:37:09 | 000,000,209 | ---- | M] () -- C:\Boot.bak
[2011/04/15 15:34:42 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2011/03/14 22:02:11 | 000,001,406 | ---- | M] () -- C:\cayas2.ico
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2011/04/15 15:41:43 | 000,013,421 | ---- | M] () -- C:\ComboFix.txt
[2004/08/19 17:07:14 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2005/10/09 08:02:00 | 000,006,109 | RH-- | M] () -- C:\dell.sdr
[2011/04/15 15:02:22 | 1063,407,616 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/28 11:08:22 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/19 17:07:14 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2005/10/09 08:30:50 | 000,000,839 | -H-- | M] () -- C:\IPH.PH
[2004/08/19 17:07:14 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2011/04/08 18:17:44 | 000,001,028 | ---- | M] () -- C:\msgr_on.bmp
[2004/08/10 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011/02/28 14:58:47 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/04/15 15:02:18 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2011/04/08 18:17:44 | 000,000,288 | ---- | M] () -- C:\qsyma.bmp
[2011/04/15 15:47:23 | 000,000,359 | ---- | M] () -- C:\rkill.log
[2005/10/09 08:30:59 | 000,000,087 | ---- | M] () -- C:\SystemInfo.ini

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2004/08/19 17:06:24 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/11/04 10:14:19 | 000,157,696 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dleadrpp.dll
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2004/08/19 16:56:28 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/19 16:56:28 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/19 16:56:28 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2011/02/28 15:04:23 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/03/01 23:35:43 | 000,000,170 | -HS- | M] () -- C:\Documents and Settings\jan roberts\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/08/19 17:14:12 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\jan roberts\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2011/04/15 15:31:09 | 004,321,723 | R--- | M] () -- C:\Documents and Settings\jan roberts\Desktop\ComboFix.exe
[2011/04/15 15:53:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jan roberts\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/10 06:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2011/02/28 15:20:47 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\jan roberts\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/03/12 00:18:39 | 000,000,370 | ---- | M] () -- C:\Documents and Settings\All Users\dleaDiagnostics.log
[2011/04/15 14:44:48 | 000,002,550 | ---- | M] () -- C:\Documents and Settings\All Users\dleaJSW.log
[2011/04/15 15:02:42 | 000,024,836 | ---- | M] () -- C:\Documents and Settings\All Users\dleascan.log
[2011/03/11 13:58:15 | 000,000,252 | ---- | M] () -- C:\Documents and Settings\All Users\FastPics.log
[2011/04/15 14:50:50 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\LxWbGwLog.log
[2011/03/11 13:53:56 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\UpdaterLog.txt

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011/04/15 15:53:09 | 000,147,456 | -HS- | M] () -- C:\Documents and Settings\jan roberts\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2009/01/30 18:40:22 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 20:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 02:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 02:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 10:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 13:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 20:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 02:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 02:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 02:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 02:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 02:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< >

< End of report >

 

OTL Extras logfile created on: 4/15/2011 3:58:12 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\jan roberts\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 417.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 107.39 Gb Free Space | 74.41% Space Free | Partition Type: NTFS

Computer Name: D8T09M81 | User Name: jan roberts | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1948461421-2004685971-4226772609-1005\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\WINDOWS\system32\dleacoms.exe" = C:\WINDOWS\system32\dleacoms.exe:*:Enabled:V310-V510 Series Server -- ( )


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{548EEA8E-8299-497F-8057-811D2D7097DC}" = Dell Support 3.1
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel(R) PROSet for Wired Connections
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9E2514D9-DC24-4634-B348-61F3EF0F1628}" = Sound Blaster Audigy 2 ZS
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}" = OverDrive Media Console
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ATI Display Driver" = ATI Display Driver
"AudibleDownloadManager" = Audible Download Manager
"AudibleManager" = AudibleManager
"Belarc Advisor" = Belarc Advisor 8.1
"Dell V310-V510 Series" = Dell V310-V510 Series
"ie8" = Windows Internet Explorer 8
"Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PROSet" = Intel(R) PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer Basic
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1948461421-2004685971-4226772609-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/6/2011 2:02:01 PM | Computer Name = D8T09M81 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/6/2011 2:03:37 PM | Computer Name = D8T09M81 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/6/2011 2:03:45 PM | Computer Name = D8T09M81 | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.

Error - 4/6/2011 3:09:45 PM | Computer Name = D8T09M81 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/6/2011 3:10:51 PM | Computer Name = D8T09M81 | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 11.0.5721.5262, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/6/2011 3:10:55 PM | Computer Name = D8T09M81 | Source = Application Hang | ID = 1001
Description = Fault bucket 1928113026.

Error - 4/11/2011 6:58:22 PM | Computer Name = D8T09M81 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10m.ocx, version 10.2.152.26, fault address 0x00120363.

Error - 4/11/2011 6:58:54 PM | Computer Name = D8T09M81 | Source = Application Error | ID = 1001
Description = Fault bucket -1989013886.

Error - 4/11/2011 7:04:21 PM | Computer Name = D8T09M81 | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10m.ocx, version 10.2.152.26, fault address 0x00187fb2.

Error - 4/11/2011 7:04:28 PM | Computer Name = D8T09M81 | Source = Application Error | ID = 1001
Description = Fault bucket -1982052082.

[ System Events ]
Error - 4/15/2011 12:13:38 AM | Computer Name = D8T09M81 | Source = Service Control Manager | ID = 7031
Description = The Microsoft Antimalware Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
15000 milliseconds: Restart the service.

Error - 4/15/2011 12:13:39 AM | Computer Name = D8T09M81 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 4/15/2011 12:13:39 AM | Computer Name = D8T09M81 | Source = Service Control Manager | ID = 7034
Description = The Creative Service for CDROM Access service terminated unexpectedly.
It has done this 1 time(s).

Error - 4/15/2011 12:13:39 AM | Computer Name = D8T09M81 | Source = Service Control Manager | ID = 7034
Description = The dleaCATSCustConnectService service terminated unexpectedly. It
has done this 1 time(s).

Error - 4/15/2011 12:13:39 AM | Computer Name = D8T09M81 | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 4/15/2011 12:13:39 AM | Computer Name = D8T09M81 | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 4/15/2011 12:13:39 AM | Computer Name = D8T09M81 | Source = Service Control Manager | ID = 7034
Description = The dlea_device service terminated unexpectedly. It has done this
1 time(s).

Error - 4/15/2011 12:13:39 AM | Computer Name = D8T09M81 | Source = Service Control Manager | ID = 7034
Description = The Yahoo! Updater service terminated unexpectedly. It has done this
1 time(s).

Error - 4/15/2011 12:13:39 AM | Computer Name = D8T09M81 | Source = Service Control Manager | ID = 7034
Description = The McAfee SiteAdvisor Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 4/15/2011 12:13:39 AM | Computer Name = D8T09M81 | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).


< End of report >

 

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1948461421-2004685971-4226772609-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\S-1-5-21-1948461421-2004685971-4226772609-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UpdReg deleted successfully.
C:\WINDOWS\Updreg.EXE moved successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9Plus folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell\AOL9 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\UserShell folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome\BH00 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\Welcome folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Viewpoint folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: jan roberts
->Temp folder emptied: 132767 bytes
->Temporary Internet Files folder emptied: 7115923 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 767 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: NetworkService
->Temp folder emptied: 2430 bytes
->Temporary Internet Files folder emptied: 32835 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1892 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 7.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: jan roberts
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04152011_170653

Files\Folders moved on Reboot...
C:\Documents and Settings\jan roberts\Local Settings\Temp\~DF60F1.tmp moved successfully.
File\Folder C:\Documents and Settings\jan roberts\Local Settings\Temp\~DFBA17.tmp not found!
File\Folder C:\Documents and Settings\jan roberts\Local Settings\Temp\~DFBA26.tmp not found!
File\Folder C:\Documents and Settings\jan roberts\Local Settings\Temp\~DFBA8D.tmp not found!
File\Folder C:\Documents and Settings\jan roberts\Local Settings\Temp\~DFBAE6.tmp not found!
File\Folder C:\Documents and Settings\jan roberts\Local Settings\Temp\~DFBB73.tmp not found!
File\Folder C:\Documents and Settings\jan roberts\Local Settings\Temp\~DFBBA1.tmp not found!
C:\Documents and Settings\jan roberts\Local Settings\Temporary Internet Files\Content.IE5\12TXWQ5Q\98670-active-bsod-no-sound-2[1].html moved successfully.
C:\Documents and Settings\jan roberts\Local Settings\Temporary Internet Files\Content.IE5\12TXWQ5Q\iframescript[4].htm moved successfully.
C:\Documents and Settings\jan roberts\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

 

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 24
Java 2 Runtime Environment, SE v1.4.2_03
Out of date Java installed!
Adobe Flash Player
Adobe Reader 6.0.1
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````

 

C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP14\A0003333.dll Win32/Adware.HotBar.J application
C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP14\A0003335.dll a variant of Win32/Adware.HotBar.E application
C:\System Volume Information\_restore{3DBD88D2-9FFC-498B-A689-A4771362F918}\RP14\A0003338.dll Win32/Adware.HotBar.J application