Can't run mbam!!

[sesshy]

I did what you guys told me to do so here is my result DDS (Ver_09-10-26.01) - NTFSx86

Run by ILSPGIFT at 21:53:27.67 on Mon 11/09/2009

Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_16

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.981.343 [GMT -8:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Dell 968 AIO Printer\dldomon.exe

C:\Program Files\Dell 968 AIO Printer\memcard.exe

C:\Program Files\PDF Suite\PDFServiceEngine.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Intel\ASF Agent\ASFAgent.exe

C:\WINDOWS\system32\dldocoms.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\PSIService.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\System32\mshta.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\ILSPGIFT\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = www.google.com

uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6080408

uSearch Bar =

mDefault_Page_URL = hxxp://www.dell.com

mStart Page = hxxp://www.dell.com

uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com

BHO: precisead: {0ee92235-8be8-8be8-4d99-49532b5d6b81} - c:\windows\system32\nsi51.dll

BHO: adHlpr Object: {2f21736a-8fe5-4a29-b517-563ed11a3554} - c:\windows\system32\vkrcjfyt.dll

BHO: MessengerUpdate Class: {5948a52a-ba3a-49a8-bcaf-d578502bda9d} - c:\documents and settings\ilspgift\application data\messenger\drivers\MsgUpdate.dll

BHO: gooochi browser enhancer: {a065b499-294e-9a0e-5978-c8689e6fcd47} - c:\windows\system32\pjsofcyawug.dll

BHO: precisead search enhancer: {a7a8d107-a246-d6a6-1dfa-14b30558eecb} - c:\windows\system32\wqdwtnzvrkgsh.dll

BHO: BHO: {b6d223f6-c185-49a2-ba7e-a03e84744702} - c:\windows\system32\iehelper.dll

BHO: Antivirus Plus BHO: {c2b5aab8-2183-4be7-81a6-f11493c45872} - c:\documents and settings\ilspgift\application data\antivirus plus\AntiVirus Plus.70367.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

EB: Search panel: {643754ba-37fd-01b9-339e-9d6b707354ce} - c:\windows\system32\wqdwtnzvrkgsh.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [igfxSys] rundll32.exe "c:\documents and settings\ilspgift\application data\messenger\drivers\IgfxSys.dll",StartProtector

uRun: [calc] rundll32.exe c:\docume~1\networ~1\ntuser.dll,_IWMPEvents@0

uRun: [A00F91D58E.exe] c:\docume~1\ilspgift\locals~1\temp\_A00F91D58E.exe

uRun: [wow64main.exe] c:\docume~1\ilspgift\locals~1\temp\wow64main.exe

uRun: [backUp Windows 2009] c:\docume~1\ilspgift\locals~1\temp\uxn8fmncy5.exe

uRun: [winhbt.exe] c:\docume~1\ilspgift\locals~1\temp\winhbt.exe

uRun: [qdvaylan] c:\documents and settings\ilspgift\local settings\application data\jnhjmt\odnssysguard.exe

uRun: [fontatmgfx] rundll32.exe "c:\documents and settings\ilspgift\local settings\application data\fontatmgfx\fontatmgfx.dll", DllInit

uRun: [Yjafosi8kdf98winmdkmnkmfnwe] c:\docume~1\ilspgift\locals~1\temp\mdm.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [dldomon.exe] "c:\program files\dell 968 aio printer\dldomon.exe"

mRun: [MemoryCardManager] "c:\program files\dell 968 aio printer\memcard.exe"

mRun: [Dell 968 AIO Printer Fax Server] "c:\program files\dell 968 aio printer\fm3032.exe" /s

mRun: [PDFServiceEngine] c:\program files\pdf suite\PDFServiceEngine.exe

mRun: [calc] rundll32.exe c:\windows\system32\calc.dll,_IWMPEvents@0

mRun: [qdvaylan] c:\documents and settings\ilspgift\local settings\application data\jnhjmt\odnssysguard.exe

mRun: [79481534] c:\docume~1\alluse~1\applic~1\79481534\79481534.exe

mRun: [43754730] c:\documents and settings\all users\application data\43754730\43754730.exe

mRun: [zezokiziv] Rundll32.exe "c:\windows\system32\zerarapo.dll",a

mRun: [bltufpizfheb] c:\windows\system32\regsvr32.exe /s "c:\windows\system32\pjsofcyawug.dll"

mRun: [Corel Photo Downloader] c:\program files\corel\corel snapfire plus\Corel Photo Downloader.exe

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\documents and settings\ilspgift\start menu\programs\startup\scandisk.dll

StartupFolder: c:\docume~1\ilspgift\startm~1\programs\startup\scandisk.lnk - c:\windows\system32\rundll32.exe

uPolicies-explorer: NoFolderOptions = 1 (0x1)

uPolicies-system: EnableProfileQuota = 1 (0x1)

mPolicies-system: EnableLUA = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper20073151.dll

DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

TCP: {DFF1B151-E31C-444B-9681-E75EF0443B79} = 77.74.48.113

Notify: igfxcui - igfxdev.dll

Notify: __c003F699 - c:\windows\system32\__c003F699.dat

AppInit_DLLs: lenoruta.dll

SSODL: veyilirok - {5a5e5c8c-ed28-4e3f-94c8-240d88eea70b} - c:\windows\system32\berijona.dll

SSODL: gudisiroh - {59cf2fe7-078f-453f-a933-ae523078867a} - c:\windows\system32\pohuzowo.dll

SSODL: fojatutik - {b66e3dfc-c8c6-416f-8225-3e4367b82f3e} - c:\windows\system32\zerarapo.dll

STS: mujuzedij: {5a5e5c8c-ed28-4e3f-94c8-240d88eea70b} - c:\windows\system32\berijona.dll

STS: kupuhivus: {59cf2fe7-078f-453f-a933-ae523078867a} - c:\windows\system32\pohuzowo.dll

STS: jugezatag: {b66e3dfc-c8c6-416f-8225-3e4367b82f3e} - c:\windows\system32\zerarapo.dll

LSA: Notification Packages = scecli seruyone.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\ilspgift\applic~1\mozilla\firefox\profiles\gvyedfrq.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.dymasearch.com/search.php?src=tops&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.dymasearch.com/

FF - prefs.js: keyword.URL - hxxp://www.dymasearch.com/search.php?src=tops&q=

FF - component: c:\documents and settings\ilspgift\application data\mozilla\firefox\profiles\gvyedfrq.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll

FF - component: c:\program files\mozilla firefox\components\wqdwtnzvrkgsh.dll

FF - plugin: c:\documents and settings\ilspgift\application data\mozilla\firefox\profiles\gvyedfrq.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll

FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

FF - user.js: google.toolbar.linkdoctor.enabled - false

FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-10-14 64288]

R2 ASFAgent;ASF Agent;c:\program files\intel\asf agent\ASFAgent.exe [2007-1-23 133968]

R2 dldo_device;dldo_device;c:\windows\system32\dldocoms.exe -service --> c:\windows\system32\dldocoms.exe -service [?]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-9-24 1179232]

S2 dldoCATSCustConnectService;dldoCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\dldoserv.exe [2007-10-5 99568]

S2 gupdate1ca611cf4ad7a4e;Google Update Service (gupdate1ca611cf4ad7a4e);c:\program files\google\update\GoogleUpdate.exe [2009-11-9 133104]

=============== Created Last 30 ================

2009-11-10 04:42:27 0 d-----w- c:\program files\common files\Scanner

2009-11-10 04:42:22 0 d-----w- c:\program files\CA Yahoo! Anti-Spy

2009-11-10 04:10:26 12032 ------w- c:\windows\system32\iehelper.dll

2009-11-10 03:48:03 0 d-----w- c:\program files\CCleaner

2009-11-10 02:59:45 0 d-----w- c:\program files\yon sing

2009-11-10 00:15:48 53760 --sh--w- c:\windows\system32\bosurezo.dll

2009-11-09 11:18:06 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2009-11-09 09:13:49 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}

2009-11-09 09:13:38 0 d-----w- c:\program files\Lavasoft

2009-11-09 08:57:26 0 d-----w- c:\docume~1\ilspgift\applic~1\QuickScan

2009-11-09 08:36:42 0 d-----w- c:\docume~1\ilspgift\applic~1\Malwarebytes

2009-11-09 07:43:45 0 d--h--w- c:\windows\PIF

2009-11-09 03:29:44 3051 --sh--w- c:\windows\system32\yefajamu.dll

2009-11-09 03:29:44 3051 --sh--w- c:\windows\system32\juvokose.dll

2009-11-09 03:29:44 3051 --sh--w- c:\windows\system32\gogaroho.dll

2009-11-09 03:20:58 53760 ----a-w- c:\windows\system32\sagopise.dll

2009-11-08 11:22:25 0 d-----w- c:\windows\SxsCaPendDel

2009-11-08 10:34:54 0 d-----w- c:\windows\system32\appmgmt

2009-11-08 09:53:46 3244 ----a-w- c:\windows\system32\wbem\Outlook_01ca60595d3585a8.mof

2009-11-08 09:31:24 0 d-----w- c:\docume~1\ilspgift\applic~1\AntiVirus Plus

2009-11-08 09:31:17 1276960 --sh--w- c:\windows\system32\fubuveva.exe

2009-11-08 09:29:36 4102 ----a-w- C:\xcrashdump.dat

2009-11-08 09:25:27 825 ----a-w- c:\windows\system32\wininit.dll

2009-11-08 09:25:17 15000 ----a-w- c:\windows\system32\nlrxe0h4.dll

2009-11-08 09:25:12 27648 ----a-w- c:\windows\system32\__c003F699.dat

2009-11-08 09:25:08 37376 ----a-w- C:\oqbkddrr.exe

2009-11-08 09:25:05 52736 ----a-w- C:\luobk.exe

2009-11-08 09:25:04 0 --sha-w- C:\-1870918105

2009-11-08 08:56:13 58341 ----a-w- c:\windows\system32\u_wqdwtnzvrkgsh.dll.exe

2009-11-08 08:56:02 48279 ----a-w- c:\windows\system32\xxlxszkpkhipc.exe

2009-11-08 08:56:00 0 d-----w- c:\docume~1\ilspgift\applic~1\Smart-Ads-Solutions

2009-11-08 08:55:59 0 d-----w- c:\docume~1\ilspgift\applic~1\Messenger

2009-11-08 08:55:52 60026 ----a-w- c:\windows\system32\wqdwtnzvrkgsh.dll-uninst.exe

2009-11-08 08:55:51 85733 ----a-w- c:\windows\system32\fd2e4366-4d5f-c8f2-a6a7-12f530177676.exe

2009-11-08 07:10:05 0 d-----w- c:\docume~1\ilspgift\applic~1\LimeWire

2009-11-07 04:31:28 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2009-11-04 06:09:25 0 d-----w- c:\program files\PDF Suite

2009-10-23 08:04:13 0 d-----w- c:\program files\JRE

2009-10-23 08:04:04 0 d-----w- c:\program files\OpenOffice.org 3

2009-10-23 08:03:56 73728 ----a-w- c:\windows\system32\javacpl.cpl

2009-10-23 08:03:56 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-10-17 03:28:27 0 dc-h--w- c:\docume~1\alluse~1\applic~1\~0

2009-10-15 04:35:00 15880 ----a-w- c:\windows\system32\lsdelete.exe

2009-10-15 04:23:50 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys

2009-10-15 04:06:10 0 d-s---w- c:\documents and settings\ilspgift\UserData

2009-10-15 03:58:16 0 d-----w- c:\program files\Yahoo!

2009-10-15 03:58:02 0 d-----w- C:\2Wire_DSL_Setup_Tool

==================== Find3M ====================

2009-10-11 02:17:12 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys

2009-09-18 12:33:16 486400 ----a-w- c:\windows\system32\_pjsofcyawug.dll

2009-08-10 00:16:19 53760 --sha-w- c:\windows\system32\fimijole.dll

2009-08-08 09:31:01 22528 --sha-w- c:\windows\system32\gigivada.exe

2009-08-10 00:16:19 53760 --sha-w- c:\windows\system32\lenoruta.dll

2009-08-10 00:16:19 53760 --sha-w- c:\windows\system32\seruyone.dll

2009-08-08 09:31:01 15360 --sha-w- c:\windows\system32\tufemivu.exe

2009-08-10 00:12:38 60928 --sha-w- c:\windows\system32\visoboja.dll

============= FINISH: 21:53:39.54 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-26.01)

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 12/5/2008 10:31:19 AM

System Uptime: 11/9/2009 8:21:56 PM (1 hours ago)

Motherboard: Dell Inc. | | 0DR845

Processor: Intel® Core2 Duo CPU E4500 @ 2.20GHz | CPU | 2194/800mhz

Processor: Intel® Core2 Duo CPU E4500 @ 2.20GHz | CPU | 2194/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 74 GiB total, 53.56 GiB free.

D: is CDROM (CDFS)

E: is Removable

F: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

Ad-Aware

Adobe Flash Player 10 Plugin

Adobe Flash Player ActiveX

AT&T Yahoo! Internet Mail

CA Yahoo! Anti-Spy (remove only)

Canon Camera Access Library

Canon Camera Support Core Library

Canon G.726 WMP-Decoder

Canon MovieEdit Task for ZoomBrowser EX

Canon RAW Image Task for ZoomBrowser EX

Canon Utilities CameraWindow

Canon Utilities CameraWindow DC

Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX

Canon Utilities EOS Utility

Canon Utilities MyCamera

Canon Utilities MyCamera DC

Canon Utilities PhotoStitch

Canon Utilities RemoteCapture Task for ZoomBrowser EX

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

CCleaner

Contextual Tool Precisead

Corel Snapfire Plus

Dell 968 AIO Printer

Dell ETS Factory Installation

Google Chrome

Google Desktop

Google Update Helper

High Definition Audio Driver Package - KB835221

Hotfix for Windows XP (KB908673)

Hotfix for Windows XP (KB909095)

Hotfix for Windows XP (KB924455)

Hotfix for Windows XP (KB934428-v2)

Hotfix for Windows XP (KB935448)

Intel® Graphics Media Accelerator Driver

Intel® Matrix Storage Manager

Intel® PRO Alerting Agent

Intel® PRO Network Connections 12.1.12.4

J2SE Runtime Environment 5.0 Update 6

Java 6 Update 16

Messenger Update

Microsoft .NET Framework 1.1

Microsoft .NET Framework 2.0

Microsoft Office Small Business Edition 2003

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Mozilla Firefox (3.5.5)

MSN

OpenOffice.org 3.1

PDF Suite v9.0.5.22

PowerDVD

RON Too1 Gooochi

Search Assistant Precisead

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 (KB936782)

Security Update for Windows XP (KB896358)

Security Update for Windows XP (KB896423)

Security Update for Windows XP (KB899588)

Security Update for Windows XP (KB899591)

Security Update for Windows XP (KB901214)

Security Update for Windows XP (KB904706)

Security Update for Windows XP (KB908519)

Security Update for Windows XP (KB908531)

Security Update for Windows XP (KB911562)

Security Update for Windows XP (KB914388)

Security Update for Windows XP (KB917344)

Security Update for Windows XP (KB917422)

Security Update for Windows XP (KB918118)

Security Update for Windows XP (KB918439)

Security Update for Windows XP (KB919007)

Security Update for Windows XP (KB920213)

Security Update for Windows XP (KB920670)

Security Update for Windows XP (KB920683)

Security Update for Windows XP (KB920685)

Security Update for Windows XP (KB921503)

Security Update for Windows XP (KB923191)

Security Update for Windows XP (KB923414)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB923980)

Security Update for Windows XP (KB924191)

Security Update for Windows XP (KB924270)

Security Update for Windows XP (KB924496)

Security Update for Windows XP (KB924667)

Security Update for Windows XP (KB925902)

Security Update for Windows XP (KB926255)

Security Update for Windows XP (KB926436)

Security Update for Windows XP (KB927802)

Security Update for Windows XP (KB928255)

Security Update for Windows XP (KB928843)

Security Update for Windows XP (KB929123)

Security Update for Windows XP (KB930178)

Security Update for Windows XP (KB931261)

Security Update for Windows XP (KB931784)

Security Update for Windows XP (KB932168)

Security Update for Windows XP (KB933729)

Security Update for Windows XP (KB935839)

Security Update for Windows XP (KB935840)

Security Update for Windows XP (KB936021)

Security Update for Windows XP (KB937894)

Security Update for Windows XP (KB938127)

Security Update for Windows XP (KB938829)

Security Update for Windows XP (KB941202)

Security Update for Windows XP (KB941568)

Security Update for Windows XP (KB941644)

Security Update for Windows XP (KB942615)

Security Update for Windows XP (KB943460)

Security Update for Windows XP (KB943485)

Security Update for Windows XP (KB944653)

Update for Windows XP (KB896256)

Update for Windows XP (KB912945)

Update for Windows XP (KB933360)

Update for Windows XP (KB936357)

Update for Windows XP (KB938828)

Update for Windows XP (KB942763)

Update for Windows XP (KB946627)

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

WebFldrs XP

Windows Installer 3.1 (KB893803)

Windows XP Hotfix - KB873339

Windows XP Hotfix - KB885250

Windows XP Hotfix - KB885835

Windows XP Hotfix - KB887472

Windows XP Hotfix - KB889673

Windows XP Hotfix - KB891781

WinRAR archiver

Yahoo! Install Manager

==== Event Viewer Messages From Past Week ========

11/9/2009 4:48:55 PM, error: Service Control Manager [7034] - The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).

11/9/2009 4:48:55 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

11/9/2009 4:48:55 PM, error: Service Control Manager [7034] - The Canon Camera Access Library 8 service terminated unexpectedly. It has done this 1 time(s).

11/9/2009 4:48:55 PM, error: Service Control Manager [7034] - The ASF Agent service terminated unexpectedly. It has done this 1 time(s).

11/9/2009 4:48:55 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).

11/9/2009 3:13:00 AM, error: Service Control Manager [7034] - The PC Tools Auxiliary Service service terminated unexpectedly. It has done this 1 time(s).

11/9/2009 1:07:58 AM, error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: The system cannot find the path specified.

11/8/2009 4:14:27 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.ATL. Reference error message: The referenced assembly is not installed on your system. .

11/8/2009 4:14:27 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll. Reference error message: The operation completed successfully. .

11/8/2009 4:14:27 AM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.ATL could not be found and Last Error was The referenced assembly is not installed on your system.

11/8/2009 4:13:36 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Lavasoft Ad-Aware Service service to connect.

11/8/2009 4:13:36 AM, error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/8/2009 2:33:07 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the dldoCATSCustConnectService service to connect.

11/8/2009 2:33:07 AM, error: Service Control Manager [7000] - The dldoCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/8/2009 2:05:34 AM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\regsvr32.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.2180.

11/8/2009 1:25:33 AM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file regsvr32.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.2180.

11/3/2009 11:09:40 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. .

11/3/2009 11:09:40 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\PDF Suite\addin07\PDFManagerWordPlugIn2007.dll. Reference error message: The operation completed successfully. .

11/3/2009 11:09:40 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\PDF Suite\addin07\PDFManagerPublisherPlugIn2007.dll. Reference error message: The operation completed successfully. .

11/3/2009 11:09:40 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\PDF Suite\addin07\PDFManagerPowerPointPlugIn2007.dll. Reference error message: The operation completed successfully. .

11/3/2009 11:09:40 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\PDF Suite\addin07\PDFManagerOutlookPlugIn2007.dll. Reference error message: The operation completed successfully. .

11/3/2009 11:09:40 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\PDF Suite\addin07\PDFManagerExcelPlugIn2007.dll. Reference error message: The operation completed successfully. .

11/3/2009 11:09:40 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\PDF Suite\addin\PDFManagerWordPlugIn2003.dll. Reference error message: The operation completed successfully. .

11/3/2009 11:09:40 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\PDF Suite\addin\PDFManagerPowerPointPlugIn2003.dll. Reference error message: The operation completed successfully. .

11/3/2009 11:09:40 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\PDF Suite\addin\PDFManagerOutlookPlugIn2003.dll. Reference error message: The operation completed successfully. .

11/3/2009 11:09:40 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\PDF Suite\addin\PDFManagerExcelPlugIn2003.dll. Reference error message: The operation completed successfully. .

11/3/2009 11:09:40 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.

==== End Of File ===========================

[miekiemoes]

Hi,

Your system is severly infected. Problem with these infections nowadays is, it causes a lot of damage. Even if we clean the malware off your system, I can't guarantee that your system will be clean afterwards, because these infections/bundles leave a lot of leftovers behind that most scanners won't even recognise and logs won't show.

Also, I can't promise you we can repair all the damage it caused... Even after cleaning the malware, you can still get errors afterwards because of the damage. Solving these is not always possible since it will be searching for a needle in a haystack to find the right cause and solution.

So, we can try to clean this up and do what we can, but keep in mind that we can't solve ALL problems this malware already caused.

In light of this it would be wise for you to back up any files and folders that you don't want to lose before we start. Reason I am telling this is because when a system is so terribly infected and we try to clean this up manually, the damage that is already present may interfere with our removal attempts.

To run malwarebytes when you get the error code 2 during install, or mbam.exe gets deleted, please see here:

http://www.malwarebytes.org/forums/index.php?showtopic=29028

In your case, you will need to rename the random file to explorer.exe

Once malwarebytes opens, click the "Update" tab, click "Check for Updates" in order to download the updates.

Then run the scan, let mbam quarantine/delete what it found and reboot afterwards.

After reboot, post the malwarebytes log together with a new HijackThislog.

[miekiemoes]

Due to the lack of feedback, this Topic is closed.

If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.