Malware problem?

Hello there. My Malwarebytes Anti-Malware program is broken again and there is something definitely wrong with my pc. It may be the same problem I had before, but I'm not all that computer savvy. Any help on clearing this up would be greatly appreciated.

Please download the current version of HijackThis from HERE

• Double click and run the installer.
  
• It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  
• After installing, you should get the user agreement, press accept and Hijack This will run.
  
• Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.
  

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:24:09 PM, on 12/4/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\winupdate86.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3503
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3503
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3503
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3503
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3503
F2 - REG:system.ini: Shell=Explorer.exe logon.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\winlogon86.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Anti-Phishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1259418501\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [libobazof] Rundll32.exe "c:\windows\system32\hisozopa.dll",a
O4 - HKLM\..\Run: [winupdate86.exe] C:\WINDOWS\system32\winupdate86.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [Power2GoExpress] NA (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Power2GoExpress] NA (User 'Default user')
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: wojujive.dll c:\windows\system32\hisozopa.dll
O21 - SSODL: rivapesij - {e2129dd3-ce80-4200-a193-2c291c807c59} - c:\windows\system32\hisozopa.dll
O22 - SharedTaskScheduler: gahurihor - {e2129dd3-ce80-4200-a193-2c291c807c59} - c:\windows\system32\hisozopa.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

--
End of file - 7489 bytes

Hello.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  F2 - REG:system.ini: Shell=Explorer.exe logon.exe
  F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\winlogon86.exe
  O4 - HKLM\..\Run: [libobazof] Rundll32.exe "c:\windows\system32\hisozopa.dll",a
  O4 - HKLM\..\Run: [winupdate86.exe] C:\WINDOWS\system32\winupdate86.exe
  O20 - AppInit_DLLs: wojujive.dll c:\windows\system32\hisozopa.dll
  O21 - SSODL: rivapesij - {e2129dd3-ce80-4200-a193-2c291c807c59} - c:\windows\system32\hisozopa.dll
  O22 - SharedTaskScheduler: gahurihor - {e2129dd3-ce80-4200-a193-2c291c807c59} - c:\windows\system32\hisozopa.dll
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

I ran the Hijack This again and did as instructed, then redownloaded the Malware Antibytes, but when it was running, it only appeared for a second before disappearing again. I opened up the Hijack This and redid the first part again, and the same this I'd checked before to fix are still there.

Hello.

• Download combofix from here
  Link 1
  Link 2
  
  1. If you are using Firefox, make sure that your download settings are as follows:
  
  * Tools->Options->Main tab
  * Set to "Always ask me where to Save the files".
  
  2. During the download, rename Combofix to Combo-Fix as follows:
  
  
  
  
  
  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
  
• We need to disable your local AV (Anti-virus) before running Combofix.
  
• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
  
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
  
  
  
• The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
  
  
  
  
• Allow ComboFix to download the Recovery Console.
  
• Accept the End-User License Agreement.
  
• The Recovery Console will be installed.
  
• You will then get this next prompt that asks if you want to continue the malware scan, select yes
  
  
  
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

ComboFix 09-12-04.05 - Owner 12/05/2009 12:06.1.1 - x86
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall Plus *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-4142028275-1974730795-1873161700-500
c:\windows\kb913800.exe
c:\windows\system32\11478.exe
c:\windows\system32\15724.exe
c:\windows\system32\18467.exe
c:\windows\system32\19169.exe
c:\windows\system32\26500.exe
c:\windows\system32\41.exe
c:\windows\system32\6334.exe
c:\windows\system32\AVR10.exe
c:\windows\system32\biyosoru.dll
c:\windows\system32\critical_warning.html
c:\windows\system32\fayololu.dll
c:\windows\system32\feyavezi.dll
c:\windows\system32\fijiveni.dll
c:\windows\system32\hisozopa.dll
c:\windows\system32\jikotato.dll
c:\windows\system32\jirohowu.dll
c:\windows\system32\lavusita.dll
c:\windows\system32\logon.exe
c:\windows\system32\metitalu.dll
c:\windows\system32\netojeke.dll
c:\windows\system32\pihuzura.dll
c:\windows\system32\pirivazu.dll
c:\windows\system32\winhelper86.dll
c:\windows\system32\winlogon86.exe
c:\windows\system32\winupdate86.exe
c:\windows\system32\wojujive.dll
c:\windows\system32\yetugayu.dll
c:\windows\system32\yinazeku.dll
c:\windows\system32\zujaviwi.dll
c:\windows\Tasks\jdnilpwo.job
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-11-05 to 2009-12-05 )))))))))))))))))))))))))))))))
.

2009-12-04 22:23 . 2009-12-04 22:23 -------- d-----w- c:\program files\Trend Micro
2009-12-04 21:29 . 2009-12-04 21:29 -------- d-----w- c:\windows\Sun
2009-12-04 21:06 . 2009-12-04 21:06 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2009-12-04 21:05 . 2009-12-03 21:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-04 21:05 . 2009-12-05 12:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-04 21:05 . 2009-12-04 21:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-04 21:05 . 2009-12-03 21:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-04 03:08 . 2009-12-04 03:08 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Help
2009-12-03 17:05 . 2009-12-03 17:05 -------- d-----w- c:\documents and settings\Owner\Application Data\Jasc
2009-12-03 17:04 . 2009-12-03 17:04 -------- d-----w- c:\program files\Jasc Software Inc
2009-12-03 16:14 . 2009-12-03 16:14 -------- d-----w- c:\program files\Quick Screenshot Maker
2009-12-03 16:14 . 2009-12-03 16:14 -------- d-----w- C:\Screenshots
2009-12-03 12:49 . 2009-12-03 12:49 128 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\fusioncache.dat
2009-12-02 22:03 . 2009-12-02 22:03 -------- d-----w- c:\documents and settings\Owner\Application Data\AnvSoft
2009-12-02 22:03 . 2009-12-02 22:03 -------- d-----w- c:\program files\AnvSoft
2009-12-02 22:00 . 2009-12-02 22:00 -------- d-----w- c:\documents and settings\Owner\Application Data\Any Video Converter
2009-11-30 15:13 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-30 15:13 . 2009-11-30 15:14 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-11-30 08:05 . 2009-11-30 08:05 -------- d-----w- c:\windows\ServicePackFiles
2009-11-30 08:03 . 2009-11-30 08:03 -------- d-----w- c:\program files\MSXML 4.0
2009-11-29 08:42 . 2009-11-29 09:10 -------- d-----w- c:\windows\system32\CatRoot_bak
2009-11-29 08:39 . 2008-05-01 14:30 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-11-29 08:39 . 2008-10-24 11:10 453632 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-11-29 08:38 . 2009-03-06 14:44 283648 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-11-29 08:38 . 2009-02-09 10:20 399360 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-11-29 08:38 . 2009-02-06 16:54 35328 -c----w- c:\windows\system32\dllcache\sc.exe
2009-11-29 08:38 . 2005-07-26 04:39 60416 -c----w- c:\windows\system32\dllcache\colbact.dll
2009-11-29 08:38 . 2009-02-09 10:20 616960 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-11-29 08:38 . 2009-02-09 10:20 473088 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-11-29 08:38 . 2009-02-09 10:20 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-11-29 08:38 . 2009-02-06 17:14 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-11-29 08:38 . 2009-02-06 16:39 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-11-29 08:38 . 2009-02-09 10:20 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-11-29 08:35 . 2009-06-05 07:42 655872 -c----w- c:\windows\system32\dllcache\mstscax.dll
2009-11-29 08:35 . 2009-07-31 04:57 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-11-29 08:35 . 2008-04-21 10:02 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-11-29 08:34 . 2008-06-13 13:10 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-11-29 08:34 . 2008-06-13 13:10 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-11-29 08:33 . 2009-06-21 22:04 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-11-29 08:32 . 2008-05-08 12:28 202752 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-11-29 08:32 . 2008-12-11 11:57 333184 -c----w- c:\windows\system32\dllcache\srv.sys
2009-11-29 08:32 . 2009-07-10 13:42 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-11-29 08:32 . 2008-04-11 18:50 683520 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-11-29 08:32 . 2009-08-04 12:49 2142720 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-11-29 08:32 . 2009-08-04 12:51 2185984 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-11-29 08:32 . 2009-08-04 12:02 2020864 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-11-29 08:32 . 2009-08-04 12:02 2062976 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-11-29 08:31 . 2008-10-15 16:57 332800 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-11-29 08:29 . 2009-11-29 08:29 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee.com Personal Firewall
2009-11-29 00:15 . 2009-11-29 00:15 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-29 00:15 . 2009-11-29 11:09 -------- d-----w- c:\program files\DivX
2009-11-28 20:36 . 2009-11-28 20:36 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Graboid_Inc
2009-11-28 20:35 . 2009-11-28 20:36 -------- d-----w- c:\documents and settings\Owner\Application Data\MozillaControl
2009-11-28 20:35 . 2009-11-28 20:40 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Graboid
2009-11-28 20:34 . 2009-11-28 20:34 -------- d-----w- c:\program files\Mozilla ActiveX Control v1.7.12
2009-11-28 20:29 . 2009-11-28 20:29 -------- d-----w- c:\documents and settings\Owner\Application Data\vlc
2009-11-28 20:22 . 2009-11-28 20:22 -------- d-----w- c:\program files\VideoLAN
2009-11-28 20:22 . 2009-11-28 20:34 -------- d-----w- c:\program files\Graboid
2009-11-28 17:02 . 2009-11-28 17:03 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Adobe
2009-11-28 15:05 . 2009-11-28 12:53 -------- d-----w- c:\windows\system32\config\systemprofile\WINDOWS
2009-11-28 14:52 . 2009-11-28 14:52 -------- d-----w- c:\windows\system32\Lang
2009-11-28 14:51 . 2009-11-28 14:51 -------- d-----w- c:\windows\system32\LogFiles
2009-11-28 14:43 . 2009-11-28 14:43 -------- d-----w- c:\documents and settings\Administrator\Application Data\AOL
2009-11-28 14:32 . 2009-11-28 14:32 -------- d-----w- c:\program files\McAfee
2009-11-28 14:32 . 2009-11-28 14:32 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-11-28 14:32 . 2005-11-12 00:43 80640 ----a-w- c:\windows\system32\drivers\MpFirewall.sys
2009-11-28 14:32 . 2005-11-12 00:38 9216 ----a-w- c:\windows\system32\MpfApi.dll
2009-11-28 14:32 . 2009-12-05 16:56 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee.com Personal Firewall
2009-11-28 14:31 . 2005-08-10 19:22 114464 ----a-w- c:\windows\system32\drivers\naiavf5x.sys
2009-11-28 14:31 . 2009-11-28 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee.com
2009-11-28 14:31 . 2009-11-28 14:32 -------- d-----w- c:\program files\McAfee.com
2009-11-28 14:31 . 2005-12-19 01:01 349760 ----a-w- c:\windows\system32\mcinsctl.dll
2009-11-28 14:31 . 2005-12-19 01:01 288320 ----a-w- c:\windows\system32\mcgdmgr.dll
2009-11-28 14:30 . 2003-03-25 13:00 67072 ----a-w- c:\windows\POWERCFG.EXE
2009-11-28 14:30 . 2006-01-18 11:41 80512 ----a-w- c:\windows\system32\drivers\Rtnicxp.sys
2009-11-28 14:28 . 2001-11-21 18:15 102400 ----a-w- c:\windows\system32\SimpleRegistry.dll
2009-11-28 14:27 . 2009-11-28 14:27 -------- d-----w- c:\program files\Microsoft Works
2009-11-28 14:26 . 2009-11-28 14:26 -------- d-----w- c:\program files\MSN Encarta Plus
2009-11-28 14:26 . 2009-11-28 14:26 4 ----a-w- c:\windows\Pix11.dat
2009-11-28 14:26 . 2009-11-28 14:26 -------- d-----w- c:\program files\Microsoft Digital Image 2006
2009-11-28 14:24 . 2006-03-09 10:45 364544 ----a-w- c:\windows\RtlUpd.exe
2009-11-28 14:24 . 2006-02-20 10:00 86016 ----a-w- c:\windows\SoundMan.exe
2009-11-28 14:24 . 2006-03-14 08:49 9711104 ----a-w- c:\windows\RTLCPL.exe
2009-11-28 14:24 . 2006-04-06 07:20 4258816 ----a-w- c:\windows\system32\drivers\RtkHDAud.Sys
2009-11-28 14:24 . 2006-04-04 10:44 16120832 ----a-w- c:\windows\RTHDCPL.exe
2009-11-28 14:24 . 2006-03-10 12:32 2158592 ----a-w- c:\windows\MicCal.exe
2009-11-28 14:24 . 2009-11-28 14:30 -------- d-----w- c:\program files\Realtek
2009-11-28 14:24 . 2006-03-14 08:45 2809344 ----a-w- c:\windows\alcwzrd.exe
2009-11-28 14:24 . 2005-05-03 11:43 69632 ----a-w- c:\windows\Alcmtr.exe
2009-11-28 14:24 . 2005-04-16 15:20 487424 ----a-w- c:\windows\RtlExUpd.dll
2009-11-28 14:24 . 2006-01-26 16:57 520192 ----a-w- c:\windows\system32\ati2sgag.exe
2009-11-28 14:23 . 2004-09-04 00:07 20480 ----a-w- c:\windows\system32\Marker32.exe
2009-11-28 14:22 . 2009-11-28 14:23 -------- d-----w- c:\program files\Java
2009-11-28 14:22 . 2009-11-28 14:22 -------- d-----w- c:\program files\Common Files\Java
2009-11-28 14:22 . 2009-11-28 14:22 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150020}
2009-11-28 14:22 . 2006-01-31 19:54 94208 ----a-w- c:\windows\system32\bae.dll
2009-11-28 14:22 . 2004-07-15 22:08 471300 ----a-w- c:\windows\wallpe.exe
2009-11-28 14:22 . 2009-11-28 14:22 -------- d-----w- c:\program files\Digital Media Reader
2009-11-28 14:22 . 2009-11-28 14:22 -------- d-----w- c:\windows\Downloaded Installations
2009-11-28 14:20 . 2009-11-28 12:53 -------- d-----w- c:\documents and settings\Default User\WINDOWS
2009-11-28 14:19 . 2004-03-22 22:17 25840 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2009-11-28 14:19 . 2004-03-22 22:17 24816 ----a-w- c:\windows\system32\mdimon.dll
2009-11-28 14:19 . 2009-11-28 14:19 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-11-28 14:19 . 2009-11-28 14:19 -------- d-----w- c:\windows\SHELLNEW
2009-11-28 14:18 . 2009-11-28 14:18 -------- d-----w- c:\program files\Microsoft.NET
2009-11-28 14:18 . 2009-11-28 14:18 -------- d-----r- C:\MSOCache
2009-11-28 14:18 . 2009-11-28 14:18 -------- d-----w- c:\program files\Google
2009-11-28 14:15 . 2009-11-28 14:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-28 14:15 . 2009-11-28 14:16 -------- d-----w- c:\program files\CyberLink
2009-11-28 14:15 . 2009-11-28 14:23 -------- d-----w- c:\program files\Common Files\InstallShield
2009-11-28 14:13 . 2009-11-28 14:13 -------- d-----w- c:\program files\Common Files\New Boundary
2009-11-28 14:13 . 2009-11-28 14:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Prism Deploy
2009-11-28 14:09 . 2009-11-28 14:09 -------- d-----w- c:\program files\CONEXANT
2009-11-28 14:08 . 2004-08-04 06:31 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
2009-11-28 14:08 . 2004-08-04 08:56 7168 ----a-w- c:\windows\system32\hccoin.dll
2009-11-28 14:08 . 2004-08-04 07:08 26624 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-11-28 14:08 . 2004-08-04 07:08 17024 ----a-w- c:\windows\system32\drivers\usbohci.sys
2009-11-28 12:58 . 2009-11-28 14:33 -------- d-----w- c:\windows\creator
2009-11-28 12:57 . 2004-03-17 03:04 13059 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2009-11-28 12:57 . 2004-03-17 03:00 86016 ----a-w- c:\windows\system32\mdmxsdk.dll
2009-11-28 12:57 . 2005-03-17 00:51 1033600 ----a-w- c:\windows\system32\drivers\HSF_DPV.sys
2009-11-28 12:57 . 2005-03-17 00:50 221440 ----a-w- c:\windows\system32\drivers\HSFHWBS2.sys
2009-11-28 12:57 . 2005-03-17 00:50 705280 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2009-11-28 12:57 . 2005-02-23 06:02 42858 ----a-w- c:\windows\system32\hsfci014.dll
2009-11-28 12:57 . 2009-11-28 14:28 -------- d-----w- c:\windows\SMINST

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-28 15:25 . 2005-01-10 01:26 33904 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-28 14:43 . 2009-11-28 15:06 -------- d-----w- c:\documents and settings\Owner\Application Data\AOL
2009-11-28 14:30 . 2009-11-28 14:29 -------- d-----w- c:\program files\Microsoft Money 2006
2009-11-28 14:29 . 2009-11-28 14:28 -------- d-----w- c:\program files\America Online 9.0
2009-11-28 14:29 . 2009-11-28 14:28 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2009-11-28 14:29 . 2009-11-28 14:28 -------- d-----w- c:\program files\Common Files\AOL
2009-11-28 14:29 . 2009-11-28 15:06 -------- d-----w- c:\documents and settings\Owner\Application Data\You've Got Pictures Screensaver
2009-11-28 14:29 . 2009-11-28 14:29 -------- d-----w- c:\documents and settings\Administrator\Application Data\You've Got Pictures Screensaver
2009-11-28 14:29 . 2009-11-28 14:29 -------- d-----w- c:\program files\Common Files\Nullsoft
2009-11-28 14:29 . 2009-11-28 14:28 -------- d-----w- c:\program files\Common Files\aolshare
2009-11-28 14:29 . 2009-11-28 14:29 -------- d-----w- c:\program files\QuickTime
2009-11-28 14:29 . 2009-11-28 14:29 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickTime
2009-11-28 14:29 . 2009-11-28 14:29 8552 ----a-w- c:\windows\system32\drivers\asctrm.sys
2009-11-28 14:29 . 2009-11-28 14:29 -------- d-----w- c:\program files\Common Files\Real
2009-11-28 14:29 . 2009-11-28 14:29 -------- d-----w- c:\program files\Real
2009-11-28 14:25 . 2009-11-28 14:25 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-28 12:53 . 2005-01-10 01:13 -------- d-----w- c:\program files\microsoft frontpage
2009-11-28 12:53 . 2005-01-10 01:06 -------- d-----w- c:\program files\Windows Plus
2009-09-25 05:56 . 2008-05-25 08:39 662016 ----a-w- c:\windows\system32\wininet.dll
2009-09-25 05:56 . 2008-05-25 08:33 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-11 14:33 . 2008-05-25 08:36 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-09-03 04:01 . 2009-09-03 04:01 61952 --sha-w- c:\windows\system32\bozoyipo.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"readericon"="c:\program files\Digital Media Reader\readericon45G.exe" [2005-12-10 139264]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2005-02-26 966656]
"HostManager"="c:\program files\Common Files\AOL\1259418501\EE\AOLHostManager.exe" [2004-11-03 125528]
"AOL Spyware Protection"="c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [2004-10-19 79448]
"VSOCheckTask"="c:\progra~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-09 151552]
"OASClnt"="c:\program files\McAfee.com\VSO\oasclnt.exe" [2005-08-12 53248]
"MCAgentExe"="c:\progra~1\mcafee.com\agent\mcagent.exe" [2005-09-23 303104]
"MCUpdateExe"="c:\progra~1\mcafee.com\agent\McUpdate.exe" [2005-08-26 212992]
"MSKAGENTEXE"="c:\progra~1\McAfee\SPAMKI~1\MskAgent.exe" [2005-09-26 110592]
"MSKDetectorExe"="c:\progra~1\McAfee\SPAMKI~1\MSKDetct.exe" [2005-08-13 1121792]
"VirusScan Online"="c:\progra~1\mcafee.com\vso\mcvsshld.exe" [2005-08-10 163840]
"MPFExe"="c:\progra~1\McAfee.com\PERSON~1\MpfTray.exe" [2005-11-12 1005096]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-04-04 16120832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"="NA" [X]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
BigFix.lnk - c:\program files\BigFix\bigfix.exe [2009-11-28 2168360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1259418501\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=
"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=

.
Contents of the 'Scheduled Tasks' folder

2009-11-28 c:\windows\Tasks\ISP signup reminder 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-05-25 19:00]

2009-11-28 c:\windows\Tasks\ISP signup reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-05-25 19:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3503
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=W3503
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\gm5vbau3.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPOJI610.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -

BHO-{a5a7d690-5dd2-4229-99d4-43cb840e0ae5} - metitalu.dll
HKLM-Run-libobazof - c:\windows\system32\jirohowu.dll
HKLM-Run-puridagoja - lavusita.dll
SharedTaskScheduler-{e994d8d2-435d-4177-a6e5-0bd62dc966b0} - c:\windows\system32\jirohowu.dll
SSODL-pemefedey-{e994d8d2-435d-4177-a6e5-0bd62dc966b0} - c:\windows\system32\jirohowu.dll
AddRemove-PictureItSuiteTrial_v11 - c:\program files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe ADDREMOVE=1 SKU=TRIAL VERSION=11
AddRemove-RealPlayer 6.0 - c:\program files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-05 12:20
Windows 5.1.2600 Service Pack 2 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Windows Workflow Foundation 3.0.0.0]

.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(540)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2964)
c:\progra~1\McAfee\SPAMKI~1\mskoeplg.dll
c:\progra~1\mcafee.com\vso\McVSSkt.dll
c:\windows\system32\msls31.dll
c:\windows\system32\shdoclc.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\MSCTF.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\progra~1\COMMON~1\AOL\125941~1\EE\AOLHOS~1.EXE
c:\progra~1\COMMON~1\AOL\125941~1\EE\AOLServiceHost.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\progra~1\mcafee.com\vso\mcshield.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
c:\progra~1\mcafee.com\agent\mctskshd.exe
c:\progra~1\McAfee.com\PERSON~1\MpfService.exe
c:\program files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\progra~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\progra~1\McAfee\SPAMKI~1\MSKSrvr.exe
c:\windows\eHome\ehmsas.exe
c:\windows\SoftwareDistribution\Download\Install\dotnetfx35_x86.exe
c:\fe4bb4318b42d8885465365da918dd\dotnetfx35setup.exe
c:\c0c385864f5da17c5b\setup.exe
c:\\?\c:\windows\system32\WBEM\WMIADAP.EXE
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\MsiExec.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Completion time: 2009-12-05 12:40 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-05 17:40

Pre-Run: 52,901,031,936 bytes free
Post-Run: 53,172,768,768 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - 10B14E703536EFECE62210B34DC9EEE4

Please download the OTMoveIt by OldTimer.

• Save it to your desktop.
  
• Please double-click OTM.exe to run it.
  
• Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :files
  c:\windows\system32\bozoyipo.dll
  
  
  
• Return to OTMoveIt, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  
• Click the red Moveit! button.
  
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTMoveIt
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.

========== FILES ==========
DllUnregisterServer procedure not found in c:\windows\system32\bozoyipo.dll
c:\windows\system32\bozoyipo.dll moved successfully.

OTM by OldTimer - Version 3.1.2.2 log created on 12052009_130009

Okay, one more thing to remove/update, then were done.

• Open HijackThis.
  
• When Hijack This opens, click "Open the Misc Tools section"
  
• Then select "Open Uninstall Manager"
  
• Click on "Save List..." (generates uninstall_list.txt)
  
• Click Save, copy and paste the results in your next post.
  

Adobe Flash Player 10 Plugin
Adobe Reader 7.0
America Online (Choose which version to remove)
Any Video Converter 3.0.1
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Spyware Protection
AOL You've Got Pictures Screensaver
ATI Display Driver
BigFix
Browser Address Error Redirector
Digital Media Reader
DivX Web Player
DVD Solution
Graboid Video 1.65
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB910728)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB976098-v2)
J2SE Runtime Environment 5.0 Update 2
Jasc Animation Shop 3
K-Lite Codec Pack 5.4.4 (Basic)
Malwarebytes' Anti-Malware
McAfee Uninstall Wizard
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Money 2006
Microsoft Office Standard Edition 2003
Microsoft Works
Mozilla Firefox (3.5.5)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Power2Go 4.0
PowerDVD
Pure Networks Port Magic
Quick Screenshot Maker 2.1
QuickTime
REALTEK GbE & FE Ethernet PCI NIC Driver
Realtek High Definition Audio Driver
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Soft Data Fax Modem with SmartCP
Sonic Encoders
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB898461)
Update for Windows XP (KB910437)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update Rollup 2 for Windows XP Media Center Edition 2005
VC80CRTRedist - 8.0.50727.4053
VideoLAN VLC media player 0.8.6d
Viewpoint Media Player
Windows Backup Utility
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

J2SE Runtime Environment 5.0 Update 2
Viewpoint Media Player

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:

• Download the latest version of Java SE Runtime Environment (JRE) 6 Update 17.
  
• Select the first option where it says "This special release provides a few key fixes.".
  
• Click the "Download" button to the right.
  
• In the Window that opens, select your platform and language, check the "agree" box, and click Continue.
  
• Click on the link to download Windows Offline Installation and save to your desktop.
  
• Close any programs you may have running - especially your web browser.
  
• Then from your desktop double-click on jre-6u17-windows-i586-p.exe that you downloaded to install the newest version.
  

Download and install the updated version of VLC Media Player 1.0.3
When installing, it will ask if you want to uninstall the old version first before it can install the new version, so please select yes and allow it to install.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

How is the machine running now?

It seems to be doing much better. No more random pop-ups every minute or so, my background has been restored from the multi-changing system warning one, there's sound working again, my task manager works again and so does the Malware Antibytes.

By the way, I didn't see a jre-6u17-windows-i586-p.exe for that one, so I downloaded jre-6u17-windows-i586.exe. Is that all right?

Also, thank you so much for your help!

Yeah, they changed the filename a bit, I'll alter my speech to reflect that.