Malware bytes won't run

[mattn]

I have the "security tool" and various other problems on my PC. I downloaded malware bytes, however, it cannot find "mbam.exe" when I try to run the program. Please help !! I ran a "combo fix" and got this log:

ComboFix 09-10-14.01 - Todd Boyce 14/10/2009 18:20.1.1 - NTFSx86 NETWORK

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.478.292 [GMT -4:00]

Running from: c:\documents and settings\Todd Boyce\Desktop\Combo-Fix.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

c:\recycler\S-1-5-21-1708537768-308236825-839522115-1003

c:\recycler\S-1-5-21-469419311-136563276-3912834752-1003

c:\windows\Installer\3ac8c9c.msp

c:\windows\Installer\577f6.msp

c:\windows\system32\bincd32.dat

c:\windows\system32\bulawasi.dll.tmp

c:\windows\system32\bumokoju.dll

c:\windows\system32\fofugapi.dll

c:\windows\system32\hegarosa.dll

c:\windows\system32\huholapu.dll

c:\windows\system32\Ijl11.dll

c:\windows\system32\images

c:\windows\system32\images\i1.gif

c:\windows\system32\images\i2.gif

c:\windows\system32\images\i3.gif

c:\windows\system32\images\j1.gif

c:\windows\system32\images\j2.gif

c:\windows\system32\images\j3.gif

c:\windows\system32\images\jj1.gif

c:\windows\system32\images\jj2.gif

c:\windows\system32\images\jj3.gif

c:\windows\system32\images\l1.gif

c:\windows\system32\images\l2.gif

c:\windows\system32\images\l3.gif

c:\windows\system32\images\pix.gif

c:\windows\system32\images\t1.gif

c:\windows\system32\images\t2.gif

c:\windows\system32\images\up1.gif

c:\windows\system32\images\up2.gif

c:\windows\system32\images\w1.gif

c:\windows\system32\images\w11.gif

c:\windows\system32\images\w2.gif

c:\windows\system32\images\w3.gif

c:\windows\system32\images\w3.jpg

c:\windows\system32\images\wt1.gif

c:\windows\system32\images\wt2.gif

c:\windows\system32\images\wt3.gif

c:\windows\system32\jonijono.dll

c:\windows\system32\kaholisa.dll

c:\windows\system32\kowipali.dll

c:\windows\system32\lunaladu.dll

c:\windows\system32\matedibu.dll

c:\windows\system32\nuar.old

c:\windows\system32\pozayeda.dll

c:\windows\system32\sakalimo.dll

c:\windows\system32\schtml

c:\windows\system32\schtml\dbsinit.exe

c:\windows\system32\schtml\images\i1.gif

c:\windows\system32\schtml\images\i2.gif

c:\windows\system32\schtml\images\i3.gif

c:\windows\system32\schtml\images\j1.gif

c:\windows\system32\schtml\images\j2.gif

c:\windows\system32\schtml\images\j3.gif

c:\windows\system32\schtml\images\jj1.gif

c:\windows\system32\schtml\images\jj2.gif

c:\windows\system32\schtml\images\jj3.gif

c:\windows\system32\schtml\images\l1.gif

c:\windows\system32\schtml\images\l2.gif

c:\windows\system32\schtml\images\l3.gif

c:\windows\system32\schtml\images\pix.gif

c:\windows\system32\schtml\images\t1.gif

c:\windows\system32\schtml\images\t2.gif

c:\windows\system32\schtml\images\up1.gif

c:\windows\system32\schtml\images\up2.gif

c:\windows\system32\schtml\images\w1.gif

c:\windows\system32\schtml\images\w11.gif

c:\windows\system32\schtml\images\w2.gif

c:\windows\system32\schtml\images\w3.gif

c:\windows\system32\schtml\images\w3.jpg

c:\windows\system32\schtml\images\wt1.gif

c:\windows\system32\schtml\images\wt2.gif

c:\windows\system32\schtml\images\wt3.gif

c:\windows\system32\schtml\wispex.html

c:\windows\system32\surujesu.dll

c:\windows\system32\suwumuwo.dll

c:\windows\system32\togaruyu.dll

c:\windows\system32\totemoze.dll.tmp

c:\windows\system32\wispex.html

c:\windows\wf3.dat

c:\windows\wf4.dat

----- BITS: Possible infected sites -----

hxxp://82.98.235.208

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_ANTIPOL

((((((((((((((((((((((((( Files Created from 2009-09-14 to 2009-10-14 )))))))))))))))))))))))))))))))

.

2009-10-14 22:14 . 2009-09-10 18:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-10-14 22:14 . 2009-09-10 18:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-10-14 21:20 . 2009-10-14 21:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-10-14 21:16 . 2009-10-14 21:16 -------- d-----w- c:\documents and settings\Todd Boyce\Application Data\Malwarebytes

2009-10-11 22:39 . 2009-10-11 22:39 1152 ----a-w- c:\windows\system32\windrv.sys

2009-10-11 22:39 . 2009-10-14 22:15 -------- d-----w- c:\program files\SpyNoMore

2009-10-11 18:57 . 2009-10-14 22:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-10-07 20:59 . 2009-10-07 20:59 36092 ---ha-w- c:\windows\system32\mlfcache.dat

2009-09-25 20:08 . 2009-10-14 21:14 -------- d-----w- c:\documents and settings\Todd Boyce\Local Settings\Application Data\Yahoo!

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-10-14 22:12 . 2008-11-19 06:48 -------- d-----w- c:\documents and settings\Todd Boyce\Application Data\U3

2009-10-14 21:15 . 2006-11-13 15:53 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-10-11 18:14 . 2006-06-09 19:51 -------- d-----w- c:\documents and settings\Todd Boyce\Application Data\Lavasoft

2009-10-07 22:37 . 2007-06-02 04:57 5347363 ----a-w- c:\windows\system32\mshcache.dll

2009-10-07 20:56 . 2005-05-28 12:23 -------- d-----w- c:\documents and settings\Todd Boyce\Application Data\Apple Computer

2009-08-23 14:26 . 2005-07-13 17:20 43232 -c--a-w- c:\documents and settings\Todd Boyce\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-08-22 07:45 . 2009-08-22 07:45 -------- d-----w- c:\program files\MSBuild

2009-08-22 07:45 . 2009-08-22 07:45 -------- d-----w- c:\program files\Reference Assemblies

2009-08-06 23:24 . 2004-08-04 08:00 327896 ----a-w- c:\windows\system32\wucltui.dll

2009-08-06 23:24 . 2004-08-04 08:00 209632 ----a-w- c:\windows\system32\wuweb.dll

2009-08-06 23:24 . 2005-06-23 18:11 35552 ----a-w- c:\windows\system32\wups.dll

2009-08-06 23:24 . 2005-05-26 08:16 44768 ----a-w- c:\windows\system32\wups2.dll

2009-08-06 23:24 . 2004-08-04 08:00 53472 ----a-w- c:\windows\system32\wuauclt.exe

2009-08-06 23:24 . 2004-08-04 08:00 96480 ----a-w- c:\windows\system32\cdm.dll

2009-08-06 23:23 . 2004-08-04 08:00 575704 ----a-w- c:\windows\system32\wuapi.dll

2009-08-06 23:23 . 2006-10-17 13:58 274288 ----a-w- c:\windows\system32\mucltui.dll

2009-08-06 23:23 . 2005-05-26 08:19 215920 ----a-w- c:\windows\system32\muweb.dll

2009-08-06 23:23 . 2004-08-04 08:00 1929952 ----a-w- c:\windows\system32\wuaueng.dll

2009-08-05 09:01 . 2004-08-04 08:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll

2009-07-17 19:01 . 2004-08-04 08:00 58880 ----a-w- c:\windows\system32\atl.dll

2009-07-14 22:07 . 2009-07-14 22:07 51712 --sha-w- c:\windows\system32\dubunide.dll

2009-07-11 23:31 . 2009-07-11 23:31 1011385 --sha-w- c:\windows\system32\hohokaza.exe

2009-07-09 16:05 . 2009-07-09 16:05 1011298 --sha-w- c:\windows\system32\nirepuna.exe

2009-07-07 19:23 . 2009-07-07 19:23 1050147 --sha-w- c:\windows\system32\vumasege.exe

2009-07-14 22:07 . 2009-07-14 22:07 51712 --sha-w- c:\windows\system32\wijuhalu.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cadfad17-dcc0-4f48-94e9-2718f7538987}]

2009-07-14 22:07 51712 --sha-w- c:\windows\system32\wijuhalu.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-30 68856]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]

"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 98394]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 688218]

"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2005-05-28 26112]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-06-17 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-06-17 118784]

"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-09-18 290816]

"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-10-14 229438]

"ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2004-09-23 94208]

"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 139320]

"Network Associates Error Reporting Service"="c:\program files\Common Files\Network Associates\TalkBack\tbmon.exe" [2003-10-07 147514]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-21 177472]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]

"SNM"="c:\program files\SpyNoMore\SNM.exe" [2009-10-08 1067472]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-4-15 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program Files\\iTunes\\iTunesHelper.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\WINDOWS\\explorer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [16/03/2006 2:23 PM 58464]

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [25/03/2007 9:58 AM 24652]

S0 sfloppex;sfloppex; [x]

S1 irdant;irdant; [x]

S1 tcpip2k;tcpip2k; [x]

.

Contents of the 'Scheduled Tasks' folder

2009-04-07 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:34]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=Q105&bd=pavilion&pf=laptop

uDefault_Search_URL = hxxp://www.google.com/ie

mWindow Title = Microsoft Internet Explorer provided by Comcast

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = www.java.com;*.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000

.

.

------- File Associations -------

.

.

- - - - ORPHANS REMOVED - - - -

HKCU-Run-winlogonsys.exe - c:\documents and settings\Todd Boyce\My Documents\download\remmy343\Keylogger King Home\winlogonsys.exe

HKLM-Run-tumasewif - c:\windows\system32\pozayeda.dll

HKLM-Run-wasahujemu - sakalimo.dll

HKLM-Explorer_Run-application - c:\windows\Resources\Themes\Luna\Shell\ACSPMonitor\ASMonitor.exe

SharedTaskScheduler-{5fc0da56-3067-4e33-acc1-1b35e38797b1} - c:\windows\system32\sorubaro.dll

SharedTaskScheduler-{5b586e9b-f4e3-4ec5-8b21-fa0fc458eef2} - c:\windows\system32\wudiyopi.dll

SharedTaskScheduler-{384d30dd-887e-4933-96e0-908620156a6b} - c:\windows\system32\wudiyopi.dll

SharedTaskScheduler-{1458fce0-f3ab-4140-9e64-469858ef9872} - c:\windows\system32\wudiyopi.dll

SharedTaskScheduler-{2a381006-dadb-49cd-81a7-5ad72fe8a906} - c:\windows\system32\wujatedi.dll

SharedTaskScheduler-{b696346d-8b33-4296-885a-2cb9d1a6046c} - c:\windows\system32\wudiyopi.dll

SharedTaskScheduler-{6931056c-93f1-49e5-97fe-f3fde2bb791b} - c:\windows\system32\hikagazu.dll

SharedTaskScheduler-{53666de1-2d55-45f2-9232-eb185e0d3645} - c:\windows\system32\pozayeda.dll

SSODL-sokokolav-{5fc0da56-3067-4e33-acc1-1b35e38797b1} - c:\windows\system32\sorubaro.dll

SSODL-husosajum-{5b586e9b-f4e3-4ec5-8b21-fa0fc458eef2} - c:\windows\system32\wudiyopi.dll

SSODL-besibitah-{384d30dd-887e-4933-96e0-908620156a6b} - c:\windows\system32\wudiyopi.dll

SSODL-butebepop-{1458fce0-f3ab-4140-9e64-469858ef9872} - c:\windows\system32\wudiyopi.dll

SSODL-nevipepit-{2a381006-dadb-49cd-81a7-5ad72fe8a906} - c:\windows\system32\wujatedi.dll

SSODL-gufujazov-{b696346d-8b33-4296-885a-2cb9d1a6046c} - c:\windows\system32\wudiyopi.dll

SSODL-varanubay-{6931056c-93f1-49e5-97fe-f3fde2bb791b} - c:\windows\system32\hikagazu.dll

SSODL-nawuhiwus-{53666de1-2d55-45f2-9232-eb185e0d3645} - c:\windows\system32\pozayeda.dll

AddRemove-StreetPlugin - c:\program files\Learn2.com\StRunner\stuninst.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-10-14 18:28

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????7?0?4?6??@???? ???B?????????????H<C? ??????

scanning hidden files ...

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(736)

c:\windows\system32\EntApi.dll

c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(2448)

c:\windows\system32\WININET.dll

c:\windows\system32\EntApi.dll

c:\windows\system32\wijuhalu.dll

c:\windows\system32\ieframe.dll

c:\program files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

c:\program files\Malwarebytes' Anti-Malware\mbamext.dll

c:\program files\Network Associates\VirusScan\shext.dll

c:\program files\Network Associates\VirusScan\RES09\ShExtRes.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Network Associates\Common Framework\FrameworkService.exe

c:\program files\Network Associates\VirusScan\mcshield.exe

c:\progra~1\NETWOR~1\COMMON~1\naPrdMgr.exe

c:\program files\Network Associates\VirusScan\vstskmgr.exe

c:\windows\system32\wdfmgr.exe

c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe

c:\progra~1\MICROS~1\rapimgr.exe

c:\program files\iPod\bin\iPodService.exe

c:\windows\system32\taskmgr.exe

.

**************************************************************************

.

Completion time: 2009-10-14 18:42 - machine was rebooted

ComboFix-quarantined-files.txt 2009-10-14 22:41

Pre-Run: 18,325,684,224 bytes free

Post-Run: 18,001,600,512 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

284 --- E O F --- 2009-09-13 07:15

[sUBs]

Run ComboFix once more but this time keep your internet connection running. It shall ask to update. Allow it and then show me the log which it produces