MBAM not working and maybe others

[Drunkn_azn]

So basically my MBAM isn't working again. I used combofix last time and it worked this time ... no.

Here's my OTL logs:

OTL logfile created on: 12/28/2009 10:57:25 PM - Run 1

OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Compaq_Owner\Desktop

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.00 Mb Total Physical Memory | 151.00 Mb Available Physical Memory | 34.00% Memory free

1.00 Gb Paging File | 1.00 Gb Available in Paging File | 60.00% Paging File free

Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 104.71 Gb Total Space | 70.25 Gb Free Space | 67.09% Space Free | Partition Type: NTFS

Drive D: | 7.05 Gb Total Space | 0.37 Gb Free Space | 5.24% Space Free | Partition Type: FAT32

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: COMPACT06

Current User Name: Compaq_Owner

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Documents and Settings\Compaq_Owner\Desktop\Fire\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

PRC - C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe ()

PRC - C:\Program Files\Comodo\COMODO Internet Security\cfp.exe ()

PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (ScanSoft, Inc.)

PRC - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe ()

PRC - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)

PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)

PRC - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)

PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)

PRC - C:\WINDOWS\system32\BRSVC01A.EXE (brother Industries Ltd)

PRC - C:\WINDOWS\system32\BRSS01A.EXE (brother Industries Ltd)

PRC - C:\WINDOWS\system\hpsysdrv.exe (Hewlett-Packard Company)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\hebebore.dll ()

MOD - C:\Program Files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll (ScanSoft, Inc.)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\linkinfo.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (PSEXESVC) -- File not found

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

SRV - (cmdAgent) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe ()

SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)

SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)

SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (Brother XP spl Service) -- C:\WINDOWS\system32\BRSVC01A.EXE (brother Industries Ltd)

========== Driver Services (SafeList) ==========

DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (PsSdk41) -- C:\WINDOWS\system32\drivers\pssdk41.sys (microOLAP Technologies LTD)

DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)

DRV - (ezplay) -- C:\WINDOWS\system32\drivers\ezplay.sys (VSO Software)

DRV - (pcouffin) -- C:\WINDOWS\system32\drivers\pcouffin.sys (VSO Software)

DRV - (cmdGuard) -- C:\WINDOWS\system32\drivers\cmdguard.sys (COMODO)

DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)

DRV - (cmdHlp) -- C:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO)

DRV - (RegGuard) -- C:\WINDOWS\system32\drivers\regguard.sys (Greatis Software)

DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

DRV - (CO_Mon) -- C:\WINDOWS\system32\drivers\CO_Mon.sys ()

DRV - (AegisP) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\AegisP.sys (Meetinghouse Data Communications)

DRV - (npkcrypt) -- C:\Program Files\Wizet\MapleStory\npkcrypt.sys (INCA Internet Co., Ltd.)

DRV - (libusb0) -- C:\WINDOWS\system32\drivers\libusb0.sys (http://libusb-win32.sourceforge.net)

DRV - (RTLWUSB) -- C:\WINDOWS\system32\drivers\wg111v2.sys (NETGEAR Inc.)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)

DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )

DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)

DRV - (RT61) -- C:\WINDOWS\system32\drivers\RT61.sys (Ralink Technology Inc.)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows ® Server 2003 DDK provider)

DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)

DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)

DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications)

DRV - (SoC PC-Camera Service) Mini-Cam USB Camera (SC-120) -- C:\WINDOWS\system32\drivers\pfc027.sys ()

DRV - (SONYPVU1) Sony USB Filter Driver (SONYPVU1) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS (Sony Corporation)

DRV - (BrPar) -- C:\WINDOWS\System32\drivers\BrPar.sys (Brother Industries Ltd.)

DRV - (ASPI32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.update: false

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429

FF - prefs.js..extensions.enabledItems: avg@igeared:2.609.002.003

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.16

FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/11 16:49:13 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/12/21 16:22:06 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/10/10 23:47:32 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Components: C:\Documents and Settings\Compaq_Owner\Desktop\Fire\components [2009/12/19 10:20:32 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Plugins: C:\Documents and Settings\Compaq_Owner\Desktop\Fire\plugins [2009/12/16 20:29:06 | 00,000,000 | ---D | M]

[2009/04/24 19:31:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions

[2008/07/18 12:19:44 | 00,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009/04/24 19:31:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions\mozswing@mozswing.org

[2009/12/28 22:25:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\pnp6wvto.default\extensions

[2009/09/30 16:09:42 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\pnp6wvto.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (no name) - {3ab11523-f952-48c0-8f3b-c30cd556b0c8} - C:\WINDOWS\System32\hebebore.dll ()

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()

O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\ShellBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()

O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\Comodo\COMODO Internet Security\cfp.exe ()

O4 - HKLM..\Run: [hpsysdrv] c:\WINDOWS\system\hpsysdrv.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [kazenobafa] File not found

O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)

O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()

O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [sSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktopChanges = [binary data]

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoActiveDesktop = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: NoSaveSettings = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: ClassicShell = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)

O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKCU\..Trusted Domains: sbcglobal.net ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: sbcglobal.net ([]http in Trusted sites)

O15 - HKCU\..Trusted Domains: sbcglobal.net ([]https in Trusted sites)

O15 - HKCU\..Trusted Domains: yahoo.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: yahoo.com ([]http in Trusted sites)

O15 - HKCU\..Trusted Domains: yahoo.com ([]https in Trusted sites)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1171503614296 (MUWebControl Class)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O20 - AppInit_DLLs: (bidatemi.dll) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll ()

O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/12/04 17:50:26 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2001/07/27 15:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (206158430208)

========== Files/Folders - Created Within 30 Days ==========

[2009/12/28 22:14:58 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2009/12/28 22:14:56 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2009/12/28 22:14:54 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2009/12/28 22:10:17 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Compaq_Owner\Recent

[2009/12/28 22:10:17 | 00,000,000 | -HSD | C] -- C:\RECYCLER

[2009/12/28 21:31:07 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft

[2009/12/28 21:31:07 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft

[2009/12/28 21:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft

[2009/12/28 21:31:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft

[2009/12/27 18:01:47 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe

[2009/12/25 13:50:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\dvdcss

[2009/12/23 01:06:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\The B.L.A.D Source Files

[2009/12/20 16:57:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\SCII

[2009/12/20 10:05:06 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2009/12/20 10:05:05 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2009/12/20 10:05:05 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2009/12/20 10:05:05 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2009/12/19 21:50:21 | 01,394,000 | ---- | C] (Malwarebytes Corporation) -- C:\Documents and Settings\Compaq_Owner\Desktop\2UfdgWC4x.exe

[2009/12/19 17:10:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\ASD

[2009/12/11 22:00:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\Flash Work

[2009/12/09 00:01:31 | 00,040,960 | ---- | C] (DGP) -- C:\WINDOWS\System32\MDec.ocx

[2009/12/09 00:01:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer

[2009/12/08 23:43:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2009/12/08 23:43:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Apple

[2009/12/08 23:42:53 | 00,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2009/12/08 23:42:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple

[2009/12/08 23:42:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Apple Computer

[2009/11/29 11:42:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\PPT2DVD

[2009/11/29 11:36:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\PPT2DVD Log Files

[2009/11/29 11:35:52 | 00,000,000 | ---D | C] -- C:\Program Files\Wondershare

[2008/12/22 22:23:23 | 00,094,208 | ---- | C] (VSO Software) -- C:\Documents and Settings\Compaq_Owner\Application Data\ezplay.sys

[2008/12/22 22:22:09 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Compaq_Owner\Application Data\pcouffin.sys

[2006/11/19 20:03:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia

[2006/11/19 20:03:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google

[2006/11/19 20:03:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google

[2006/11/19 20:02:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Help

[2006/11/19 20:02:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Help

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/28 23:10:27 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\lasodili

[2009/12/28 22:14:59 | 00,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2009/12/28 22:13:10 | 00,119,356 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20091228_221306.reg

[2009/12/28 22:07:17 | 00,000,186 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT

[2009/12/28 22:06:45 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009/12/28 22:05:56 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2009/12/28 22:05:50 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2009/12/28 22:05:47 | 46,824,2432 | -HS- | M] () -- C:\hiberfil.sys

[2009/12/28 22:04:52 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\ntuser.ini

[2009/12/28 22:04:51 | 06,553,600 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\ntuser.dat

[2009/12/28 21:48:07 | 00,000,244 | ---- | M] () -- C:\WINDOWS\system.ini

[2009/12/28 21:47:41 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2009/12/28 00:19:32 | 15,728,6400 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Immoral.Sisters.Blossoming.uploaded.by.xter.for.da-forums.info.part1.rar

[2009/12/27 21:47:24 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\LOG.doc

[2009/12/27 20:22:53 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Yaya is fat.doc

[2009/12/27 18:01:48 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe

[2009/12/27 14:25:59 | 03,867,118 | R--- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe

[2009/12/27 10:38:45 | 47,117,356 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm

[2009/12/27 10:38:45 | 00,128,036 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg

[2009/12/19 21:50:40 | 01,394,000 | ---- | M] (Malwarebytes Corporation) -- C:\Documents and Settings\Compaq_Owner\Desktop\2UfdgWC4x.exe

[2009/12/19 17:02:24 | 00,473,400 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2009/12/19 17:02:24 | 00,402,736 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2009/12/19 17:02:24 | 00,063,220 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2009/12/19 16:50:39 | 00,217,656 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009/12/19 16:48:33 | 00,059,392 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/12/14 21:41:12 | 00,043,418 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Science Fair Packet 2009-2010.docx

[2009/12/09 22:54:07 | 00,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe

[2009/11/29 11:37:08 | 00,056,040 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/28 22:14:59 | 00,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2009/12/28 22:13:08 | 00,119,356 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\cc_20091228_221306.reg

[2009/12/27 23:34:29 | 15,728,6400 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Immoral.Sisters.Blossoming.uploaded.by.xter.for.da-forums.info.part1.rar

[2009/12/27 21:47:24 | 00,019,968 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\LOG.doc

[2009/12/27 20:22:52 | 00,019,968 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Yaya is fat.doc

[2009/12/20 10:05:06 | 00,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2009/12/20 10:05:06 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2009/12/20 10:05:05 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2009/12/20 10:05:05 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2009/12/20 10:05:05 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2009/12/20 10:01:04 | 03,867,118 | R--- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe

[2009/12/19 12:49:23 | 50,586,4537 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Disgaea 2 USA [5.50 Gen-B] Patched.cso

[2009/12/14 21:41:07 | 00,043,418 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Science Fair Packet 2009-2010.docx

[2009/12/09 00:01:31 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\mp3dec.dll

[2009/09/28 19:22:41 | 00,045,568 | -HS- | C] () -- C:\WINDOWS\System32\fokituge.dll

[2009/09/28 19:22:41 | 00,039,424 | -HS- | C] () -- C:\WINDOWS\System32\gowabosi.dll

[2009/09/27 23:46:52 | 00,054,272 | -HS- | C] () -- C:\WINDOWS\System32\hebebore.dll

[2009/09/27 23:46:14 | 00,054,272 | -HS- | C] () -- C:\WINDOWS\System32\damonufu.dll

[2009/09/27 23:46:14 | 00,000,003 | -HS- | C] () -- C:\WINDOWS\System32\wisolike.dll

[2009/08/22 09:59:43 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

[2009/04/23 21:45:56 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2009/04/23 21:45:45 | 00,564,224 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll

[2008/12/22 22:23:48 | 00,000,033 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\ezplay.log

[2008/12/22 22:23:23 | 00,007,861 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\ezplay.cat

[2008/12/22 22:23:23 | 00,001,104 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\ezplay.inf

[2008/12/22 22:23:23 | 00,000,125 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\ezplay.ini

[2008/12/22 22:23:18 | 00,000,033 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\pcouffin.log

[2008/12/22 22:22:09 | 00,007,887 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\pcouffin.cat

[2008/12/22 22:22:09 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\pcouffin.inf

[2008/11/08 08:58:08 | 00,143,096 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll

[2008/07/13 13:44:51 | 00,036,363 | ---- | C] () -- C:\WINDOWS\CSTBox.INI

[2008/07/13 13:32:00 | 00,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI

[2007/07/06 14:28:09 | 01,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2007/07/06 14:28:09 | 00,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2007/07/06 14:28:08 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2007/07/06 14:28:06 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2007/07/06 14:28:06 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2007/04/03 20:13:18 | 00,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2007/04/03 20:13:18 | 00,000,088 | RHS- | C] () -- C:\WINDOWS\System32\359FC04E19.sys

[2007/03/19 19:27:35 | 00,000,044 | ---- | C] () -- C:\WINDOWS\liveup.ini

[2007/03/19 17:50:06 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\CO_Mon.sys

[2007/03/13 20:29:00 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\fscheck.dll

[2007/03/13 20:29:00 | 00,001,618 | ---- | C] () -- C:\WINDOWS\System32\funshion.ini

[2006/09/02 15:33:10 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll

[2006/08/06 07:05:24 | 00,037,888 | ---- | C] () -- C:\WINDOWS\System32\setupnt.dll

[2006/08/03 12:34:53 | 00,002,584 | ---- | C] () -- C:\WINDOWS\wavemix.ini

[2006/08/03 12:34:53 | 00,001,476 | ---- | C] () -- C:\WINDOWS\winntu.ini

[2006/08/03 12:34:53 | 00,000,070 | ---- | C] () -- C:\WINDOWS\mission.ini

[2006/08/01 14:58:09 | 00,000,026 | ---- | C] () -- C:\WINDOWS\System32\droiyan.ini

[2006/07/19 16:57:11 | 00,000,075 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2006/07/19 12:50:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\bw5140.ini

[2006/07/19 12:50:37 | 00,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini

[2006/07/19 12:50:36 | 00,000,023 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI

[2006/07/19 12:50:36 | 00,000,012 | ---- | C] () -- C:\WINDOWS\Brownie.ini

[2006/07/19 12:50:36 | 00,000,011 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI

[2006/07/19 12:50:16 | 00,000,447 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI

[2006/07/19 12:50:16 | 00,000,038 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI

[2006/07/19 12:50:14 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\BRSS01A.ini

[2006/07/17 11:49:34 | 00,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat

[2006/07/16 19:57:18 | 00,059,392 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/05/19 14:38:40 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006/05/19 14:13:29 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys

[2006/05/19 14:07:44 | 00,012,993 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS

[2006/05/19 14:07:37 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll

[2006/05/19 14:05:14 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI

[2006/05/19 14:03:53 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2006/05/19 13:51:33 | 00,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2006/05/19 13:49:52 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini

[2006/05/19 13:44:33 | 00,001,375 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log

[2006/05/19 13:43:06 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2006/05/19 13:24:22 | 00,000,788 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2006/05/19 13:20:38 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll

[2006/05/03 17:44:32 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\RtlGina2.dll

[2004/08/03 22:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll

[2004/06/15 08:38:00 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2004/03/24 09:22:26 | 00,138,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\pfc027.sys

[2004/01/08 09:30:22 | 00,011,170 | ---- | C] () -- C:\WINDOWS\System32\PA207Usd.dll

[2002/08/13 17:18:32 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\NavLogon.dll

[1998/06/09 23:00:00 | 00,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL

========== LOP Check ==========

[2006/08/06 08:44:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis

[2009/07/02 17:33:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar

[2008/12/22 21:50:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound

[2008/07/13 13:31:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft

[2009/04/23 21:47:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP

[2007/09/19 16:40:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoYoGames

[2008/07/13 13:43:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Canon

[2009/11/22 21:09:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GeoVid

[2008/11/17 18:37:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GetRightToGo

[2008/06/06 15:04:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\gtk-2.0

[2006/08/24 16:07:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech

[2008/12/23 15:13:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\log

[2006/11/27 18:39:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Netscape

[2007/11/10 21:26:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nexon

[2009/07/12 21:09:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Red Kawa

[2008/07/13 13:31:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ScanSoft

[2009/04/29 20:28:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sony Setup

[2009/02/19 19:58:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SystemRequirementsLab

[2008/07/12 14:19:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\uTorrent

[2008/12/24 23:37:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Vso

[2007/08/31 17:34:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WinBatch

[2009/07/30 12:10:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\XLink Kai

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

[2005/10/31 09:56:00 | 00,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe

< MD5 for: AGP440.SYS >

[2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys

< MD5 for: ATAPI.SYS >

[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys

[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys

[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys

[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >

[2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll

[2004/08/03 22:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ERDNT\cache\eventlog.dll

[2004/08/03 22:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll

[2004/08/03 22:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: IASTOR.SYS >

[2005/06/17 00:33:40 | 00,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\hp\drivers\Intel_5_1_0_1022_PV\iastor.sys

[2005/06/17 00:33:40 | 00,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: NETLOGON.DLL >

[2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll

[2004/08/03 22:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\ERDNT\cache\netlogon.dll

[2004/08/03 22:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll

[2004/08/03 22:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >

[2004/08/03 22:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\ERDNT\cache\scecli.dll

[2004/08/03 22:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll

[2004/08/03 22:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll

[2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System\Wing32.dll:SummaryInformation

< End of report >

The Extras OTL log:

OTL Extras logfile created on: 12/28/2009 10:57:25 PM - Run 1

OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Compaq_Owner\Desktop

Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.00 Mb Total Physical Memory | 151.00 Mb Available Physical Memory | 34.00% Memory free

1.00 Gb Paging File | 1.00 Gb Available in Paging File | 60.00% Paging File free

Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 104.71 Gb Total Space | 70.25 Gb Free Space | 67.09% Space Free | Partition Type: NTFS

Drive D: | 7.05 Gb Total Space | 0.37 Gb Free Space | 5.24% Space Free | Partition Type: FAT32

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: COMPACT06

Current User Name: Compaq_Owner

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.chm [@ = chm.file] -- "%SYSTEMROOT%\hh.exe" %1

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Documents and Settings\Compaq_Owner\Desktop\Fire\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe"

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"FirewallDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)

"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0 -- File not found

"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found

"C:\Program Files\NCsoft\Exteel\System\Exteel.exe" = C:\Program Files\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)

"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer -- (LimeWire)

"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.)

"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)

"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)

"C:\WINDOWS\system32\taskmgr.exe" = C:\WINDOWS\system32\taskmgr.exe:*:Enabled:taskmgr -- (Microsoft Corporation)

"C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe" = C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe:*:Enabled:cmdagent -- ()

"C:\Program Files\Comodo\COMODO Internet Security\cfp.exe" = C:\Program Files\Comodo\COMODO Internet Security\cfp.exe:*:Enabled:cfp -- ()

"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin

"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter

"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 11

"{2773B836-AC66-4178-A414-C5A0F9F5D805}" = XLink Kai

"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2

"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder

"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support

"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works

"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings

"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3

"{63E88B74-6BE9-4F21-BDE6-2EE21D031C3B}" = Mini-Cam USB Camera (SC-120)

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3

"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3

"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5

"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3

"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage

"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps

"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings

"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0

"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0

"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2

"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = Canon CanoScan Toolbox 4.9

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files

"{D47087E7-AA15-4D1D-8C0A-60F7E446D597}" = PSP ISO Compressor

"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper

"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings

"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp

"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings

"{E0F252A6-DE85-4E93-A93B-DFC3537B3965}" = NETGEAR WG111v2 wireless USB 2.0 adapter

"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations

"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup

"87D46C3F73EF6B7F5CD27D922EEE14783E1AD3BF" = Windows Driver Package - Sony PSP Type B (11/20/2005 20051120)

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player

"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional

"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem

"ATI Display Driver" = ATI Display Driver

"Atomic Clock Sync" = Atomic Clock Sync

"AVG8Uninstall" = AVG Free 8.5

"AviSynth" = AviSynth 2.5

"Build Your Own Net Dream" = Build Your Own Net Dream (remove only)

"CCleaner" = CCleaner (remove only)

"COMODO Internet Security" = COMODO Internet Security

"HP Imaging Device Functions" = HP Imaging Device Functions 7.0

"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)

"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement

"InstallShield_{63E88B74-6BE9-4F21-BDE6-2EE21D031C3B}" = Mini-Cam USB Camera (SC-120)

"InstallShield_{E0F252A6-DE85-4E93-A93B-DFC3537B3965}" = NETGEAR WG111v2 wireless USB 2.0 adapter

"KLiteCodecPack_is1" = K-Lite Codec Pack 3.4.5 Full

"LiveUpdate1.7" = LiveUpdate 1.7 (Symantec Corporation)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0

"Mozilla Firefox (3.0.16)" = Mozilla Firefox (3.0.16)

"PSP Video 9" = PSP Video 9 4.08

"SystemRequirementsLab" = System Requirements Lab

"Visual Studio 6.0 Enterprise Edition" = Microsoft Visual Studio 6.0 Enterprise Edition

"VLC media player" = VideoLAN VLC media player 0.8.5

"WebPost" = Microsoft Web Publishing Wizard 1.53

"Windows Media Format Runtime" = Windows Media Format Runtime

"Windows Media Player" = Windows Media Player 10

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 11/30/2009 9:38:56 PM | Computer Name = COMPACT06 | Source = Application Error | ID = 1000

Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting

module mpegsplitter.ax, version 1.0.0.5, fault address 0x000249eb.

Error - 11/30/2009 10:42:33 PM | Computer Name = COMPACT06 | Source = Application Error | ID = 1000

Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting

module mpegsplitter.ax, version 1.0.0.5, fault address 0x000249eb.

Error - 11/30/2009 10:42:58 PM | Computer Name = COMPACT06 | Source = Application Error | ID = 1000

Description = Faulting application explorer.exe, version 6.0.2900.3156, faulting

module mpegsplitter.ax, version 1.0.0.5, fault address 0x000249eb.

Error - 12/16/2009 10:29:16 PM | Computer Name = COMPACT06 | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: An internal certificate chaining error has occurred.

Error - 12/16/2009 10:29:16 PM | Computer Name = COMPACT06 | Source = crypt32 | ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: An internal certificate chaining error has occurred.

Error - 12/16/2009 11:07:23 PM | Computer Name = COMPACT06 | Source = Application Error | ID = 1000

Description = Faulting application firefox.exe, version 1.9.0.3623, faulting module

unknown, version 0.0.0.0, fault address 0x014526eb.

Error - 12/22/2009 12:59:37 AM | Computer Name = COMPACT06 | Source = Application Error | ID = 1000

Description = Faulting application wg111v2.exe, version 2.0.0.0, faulting module

ntdll.dll, version 5.1.2600.2180, fault address 0x00001230.

Error - 12/22/2009 12:59:40 AM | Computer Name = COMPACT06 | Source = Application Error | ID = 1000

Description = Faulting application wg111v2.exe, version 2.0.0.0, faulting module

unknown, version 0.0.0.0, fault address 0x0000009a.

Error - 12/22/2009 12:59:43 AM | Computer Name = COMPACT06 | Source = Application Error | ID = 1000

Description = Faulting application wg111v2.exe, version 2.0.0.0, faulting module

unknown, version 0.0.0.0, fault address 0x0000009a.

Error - 12/28/2009 11:23:15 PM | Computer Name = COMPACT06 | Source = Application Error | ID = 1000

Description = Faulting application wg111v2.exe, version 2.0.0.0, faulting module

, version 0.0.0.0, fault address 0x00000000.

[ System Events ]

Error - 12/28/2009 8:23:13 PM | Computer Name = COMPACT06 | Source = Service Control Manager | ID = 7011

Description = Timeout (30000 milliseconds) waiting for a transaction response from

the StiSvc service.

Error - 12/28/2009 8:23:13 PM | Computer Name = COMPACT06 | Source = ipnathlp | ID = 32003

Description = The Network Address Translator (NAT) was unable to request an operation

of

the kernel-mode translation module. This may indicate misconfiguration, insufficient

resources, or an internal error. The data is the error code.

Error - 12/28/2009 11:24:59 PM | Computer Name = COMPACT06 | Source = DCOM | ID = 10005

Description = DCOM got error "%1058" attempting to start the service wuauserv with

arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 12/28/2009 11:47:27 PM | Computer Name = COMPACT06 | Source = Service Control Manager | ID = 7000

Description = The Parallel port driver service failed to start due to the following

error: %%1058

Error - 12/28/2009 11:47:27 PM | Computer Name = COMPACT06 | Source = Service Control Manager | ID = 7002

Description = The BrPar service depends on the Parallel arbitrator group and no

member of this group started.

Error - 12/28/2009 11:47:27 PM | Computer Name = COMPACT06 | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

ftsata2

Error - 12/28/2009 11:54:06 PM | Computer Name = COMPACT06 | Source = Service Control Manager | ID = 7016

Description = The BrSplService service has reported an invalid current state 0.

Error - 12/29/2009 12:06:12 AM | Computer Name = COMPACT06 | Source = Service Control Manager | ID = 7000

Description = The Parallel port driver service failed to start due to the following

error: %%1058

Error - 12/29/2009 12:06:12 AM | Computer Name = COMPACT06 | Source = Service Control Manager | ID = 7002

Description = The BrPar service depends on the Parallel arbitrator group and no

member of this group started.

Error - 12/29/2009 12:06:12 AM | Computer Name = COMPACT06 | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

ftsata2

< End of report >

[Drunkn_azn]

sorry here's my list of Symptoms:

Can't GOOGLE

Can't Uninstall AVG

Can't Use MBAM

more to come I'm sure

[Drunkn_azn]

my ComboFix log from last night:

ComboFix 09-12-26.05 - Compaq_Owner 12/28/2009 21:34:47.5.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.446.136 [GMT -6:00]

Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\Compaq_Owner\Desktop\Internet Security 2010.lnk

c:\documents and settings\Compaq_Owner\Start Menu\Internet Security 2010.lnk

c:\program files\InternetSecurity2010

c:\program files\InternetSecurity2010\IS2010.exe

c:\windows\system32\11478.exe

c:\windows\system32\15724.exe

c:\windows\system32\18467.exe

c:\windows\system32\19169.exe

c:\windows\system32\26500.exe

c:\windows\system32\41.exe

c:\windows\system32\6334.exe

c:\windows\system32\AVR10.exe

c:\windows\system32\bidatemi.dll

c:\windows\system32\botabedu.dll

c:\windows\system32\jeyitizo.dll

c:\windows\system32\merojoka.dll

c:\windows\system32\mivohilu.dll

c:\windows\system32\winhelper86.dll

c:\windows\system32\winlogon86.exe

c:\windows\system32\winupdate86.exe

c:\windows\Tasks\wdfyqkym.job

.

((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-29 )))))))))))))))))))))))))))))))

.

2009-12-25 19:50 . 2009-12-25 19:50 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\dvdcss

2009-12-09 06:01 . 1999-09-17 16:56 118784 ----a-w- c:\windows\system32\mp3dec.dll

2009-12-09 06:01 . 2009-12-09 06:01 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Apple Computer

2009-12-09 05:43 . 2009-12-09 05:43 -------- d-----w- c:\program files\Common Files\Apple

2009-12-09 05:43 . 2009-12-09 05:43 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Apple

2009-12-09 05:42 . 2009-12-09 05:42 -------- d-----w- c:\program files\Apple Software Update

2009-12-09 05:42 . 2009-12-09 05:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple

2009-12-09 05:42 . 2009-12-09 05:42 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Apple Computer

2009-11-29 17:35 . 2009-11-29 17:35 -------- d-----w- c:\program files\Wondershare

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-12-29 03:30 . 2009-07-01 23:44 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8

2009-12-10 03:15 . 2007-05-25 00:04 -------- d-----w- c:\program files\QuickTime

2009-11-29 17:37 . 2006-07-16 20:18 56040 ----a-w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-11-27 05:23 . 2009-11-27 05:23 -------- d-----w- c:\program files\DIFX

2009-11-23 22:46 . 2009-11-23 22:46 -------- d-----w- c:\program files\SetupInfo

2009-11-23 03:09 . 2009-11-23 03:09 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\GeoVid

2009-11-23 03:07 . 2009-11-23 03:07 -------- d-----w- c:\program files\Common Files\GeoVid

2008-08-15 21:00 . 2008-08-15 21:00 2 --shatr- c:\windows\winstart.bat

2007-04-04 02:16 . 2007-04-04 02:13 88 --sh--r- c:\windows\system32\359FC04E19.sys

2009-09-28 05:46 . 2009-09-28 05:46 54272 --sha-w- c:\windows\system32\damonufu.dll

2009-09-29 01:22 . 2009-09-29 01:22 45568 --sha-w- c:\windows\system32\fokituge.dll

2009-09-29 01:22 . 2009-09-29 01:22 39424 --sha-w- c:\windows\system32\gowabosi.dll

2009-09-28 05:46 . 2009-09-28 05:46 54272 --sha-w- c:\windows\system32\hebebore.dll

2007-04-04 02:17 . 2007-04-04 02:13 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys

2009-09-29 01:22 . 2009-09-29 01:22 23552 --sha-w- c:\windows\system32\lopewuse.exe

2009-09-27 17:44 . 2009-09-27 17:44 51712 --sha-w- c:\windows\system32\tunorelu.dll.tmp

2009-09-28 05:46 . 2009-09-28 05:46 3 --sha-w- c:\windows\system32\wisolike.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3ab11523-f952-48c0-8f3b-c30cd556b0c8}]

2009-09-28 05:46 54272 --sha-w- c:\windows\system32\hebebore.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2009-09-02 16:58 1107200 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-18 68856]

"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2006-03-08 16010240]

"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-11 136600]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]

"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-02-08 344064]

"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]

"COMODO Internet Security"="c:\program files\Comodo\COMODO Internet Security\cfp.exe" [2008-11-08 1797880]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-20 2043160]

"marusosis"="c:\windows\system32\botabedu.dll" [bU]

"kazenobafa"="jeyitizo.dll" [bU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"brastk"="c:\windows\system32\brastk.exe" [bU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]

"NoActiveDesktopChanges"="00000000" [X]

"NoActiveDesktop"="0 (0x0)" [X]

"NoSaveSettings"="0 (0x0)" [X]

"ClassicShell"="0 (0x0)" [X]

c:\documents and settings\Default User\Start Menu\Programs\Startup\

Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-5-19 27136]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

NETGEAR WG111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v2\WG111v2.exe [2006-5-17 2297856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoSimpleStartMenu"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-09-27 14:53 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=

"c:\\StubInstaller.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

"c:\\WINDOWS\\system32\\taskmgr.exe"=

"c:\\Program Files\\Comodo\\COMODO Internet Security\\cmdagent.exe"=

"c:\\Program Files\\Comodo\\COMODO Internet Security\\cfp.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [7/1/2009 5:44 PM 335240]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [7/1/2009 5:44 PM 108552]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [11/8/2008 8:58 AM 99856]

R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [11/8/2008 8:58 AM 31504]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [7/1/2009 5:44 PM 297752]

R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [3/27/2006 5:53 PM 167808]

S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;c:\windows\system32\drivers\libusb0.sys [11/26/2009 11:22 PM 29184]

S3 PSEXESVC;PsExec;c:\windows\PSEXESVC.EXE --> c:\windows\PSEXESVC.EXE [?]

S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [7/30/2009 11:48 AM 36928]

S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [8/15/2008 3:04 PM 25773]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

uSearch Page = hxxp://www.google.com

uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop

uSearch Bar = hxxp://www.google.com/ie

mDefault_Search_URL = hxxp://www.google.com/ie

mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

Trusted Zone: sbcglobal.net

Trusted Zone: yahoo.com

TCP: {7A1396C5-CF68-42F7-BF95-BA6BB978ABA3} = 193.104.110.38,4.2.2.1,192.168.1.254

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\pnp6wvto.default\

FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll

FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

.

- - - - ORPHANS REMOVED - - - -

HKCU-Run-Internet Security 2010 - c:\program files\InternetSecurity2010\IS2010.exe

SharedTaskScheduler-{e1f81220-9e67-4d52-af4b-416a69b46766} - c:\windows\system32\botabedu.dll

SSODL-femofipav-{e1f81220-9e67-4d52-af4b-416a69b46766} - c:\windows\system32\botabedu.dll

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-12-28 21:48

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

NoActiveDesktopChanges = 3F 00 00 00

NoActiveDesktop = 63

NoSaveSettings = 63

ClassicShell = 63

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(704)

c:\windows\system32\Ati2evxx.dll

c:\windows\system32\NavLogon.dll

- - - - - - - > 'explorer.exe'(3604)

c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\brss01a.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Comodo\COMODO Internet Security\cmdagent.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\wdfmgr.exe

c:\progra~1\AVG\AVG8\avgrsx.exe

c:\windows\system32\Ati2evxx.exe

c:\progra~1\AVG\AVG8\avgnsx.exe

c:\windows\system32\wscntfy.exe

c:\windows\RTHDCPL.EXE

.

**************************************************************************

.

Completion time: 2009-12-28 21:56:07 - machine was rebooted

ComboFix-quarantined-files.txt 2009-12-29 03:56

ComboFix2.txt 2009-12-27 20:54

ComboFix3.txt 2009-12-20 16:34

ComboFix4.txt 2008-11-07 03:49

ComboFix5.txt 2009-12-29 03:33

Pre-Run: 75,357,921,280 bytes free

Post-Run: 75,328,397,312 bytes free

- - End Of File - - 730E76DEDF54D7572BE6FDD3A3D082A6

[Drunkn_azn]

okay things have gotten worser now,

as of right now I got 2 fake "AntiVirus" and my Task Manager is disabled ...

and ALSO I'm getting waves of pop ups

[screen317]

Hi and welcome to Malwarebytes.

Do you still need help?

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!