Bankerfox.a & win32/nuqel.e NO FIXES WORK

OTL Extras logfile created on: 12/15/2009 12:26:25 AM - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Documents and Settings\Sean\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.17 Mb Total Physical Memory | 260.83 Mb Available Physical Memory | 51.13% Memory free
1.21 Gb Paging File | 0.39 Gb Available in Paging File | 32.55% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 46.56 Gb Total Space | 10.97 Gb Free Space | 23.57% Space Free | Partition Type: NTFS
Drive D: | 8.30 Gb Total Space | 1.31 Gb Free Space | 15.82% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SEAN
Current User Name: Sean
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\1154464176\ee\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1154464176\ee\AOLServiceHost.exe:*:Enabled:AOL Services -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- File not found
"C:\Program Files\Common Files\AOL\1154464176\ee\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1154464176\ee\AOLServiceHost.exe:*:Enabled:AOL Services -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Disabled:µTorrent -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Steam\steamapps\spcpb21\team fortress classic\hl.exe" = C:\Program Files\Steam\steamapps\spcpb21\team fortress classic\hl.exe:*:Disabled:Half-Life Launcher -- File not found
"C:\Program Files\Steam\steamapps\spcpb21\half-life\hl.exe" = C:\Program Files\Steam\steamapps\spcpb21\half-life\hl.exe:*:Disabled:Half-Life Launcher -- File not found
"C:\Program Files\Steam\steamapps\spcpb21\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\spcpb21\counter-strike\hl.exe:*:Disabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Steam\steamapps\hey_sup_1212@msn.com\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\hey_sup_1212@msn.com\counter-strike\hl.exe:*:Disabled:Half-Life Launcher -- File not found
"C:\Program Files\QuickTime\QuickTimePlayer.exe" = C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Disabled:QuickTime Player -- (Apple Inc.)
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:IEXPLORE -- (Microsoft Corporation)
"C:\Program Files\HP\HP Software Update\hpwuSchd2.exe" = C:\Program Files\HP\HP Software Update\hpwuSchd2.exe:*:Enabled:HPWuSchd2 -- (Hewlett-Packard Co.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{09D8492A-C8E2-421E-927D-46800FB327A3}" = Wireless Home Network Setup
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3580211E-3BB7-42C0-ADC3-9A8C1EFFF2CB}" = ArcSoft Media Card Companion
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 C1
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 2.0
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{52AE81CB-B786-490E-93CF-240A9891B392}" = HP User Guides 0025
"{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54266945-8A11-424D-B20F-4F747A714FBA}" = DV TS
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"{6505DF6D-C5E3-4BCD-8F87-014F292B5116}" = VZAccess Manager
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{76F8CB2B-6516-4E1E-B6F1-AED4ABDB4B0A}_is1" = Spy Sweeper
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI
"{7F2F3F8B-2D57-48A3-99D0-1AC23D594C89}" = LightScribe 1.4.56.1
"{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig
"{80FD852F-5AAC-4129-B931-06AAFFA43138}" = iTunes
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{848AC794-8B81-440A-81AE-6474337DB527}" = Symantec AntiVirus
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{93F599DF-519B-4706-A3F1-9530DF2590B4}" = ArcSoft PhotoImpression 5
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{A01FC76F-CC09-4658-9E37-5C2F635EE708}" = TourSetup
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B1B3A995-2FA8-46F1-9C3F-B3913CD0C3D4}" = iPodRip
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{BC96BBA7-C634-460E-AD18-A0A994213F80}" = HP User Guides--System Recovery
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C15B6175-689A-4D97-A42C-7225353F60A7}" = Linksys Updater
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.20 G1
"{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A}" = iPod for Windows 2005-10-12
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DE2EBD6F-81B6-4E9A-B137-C11FD6790CFF}" = PSShortcutsP
"{E5BD1F9C-8BBA-410E-837D-94D523269F8F}" = ArcSoft MediaConverter
"{E5D52570-5EF1-4576-A434-6CCD92268F0F}" = Google SketchUp 7
"{EFE26D3B-2789-4068-A5BB-77E389FAEB98}" = PSUsage
"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices
"074EEF5F-3BE8-4112-B253-C5D6CDE2924C" = Zuma Deluxe from Hewlett-Packard Laptops (remove only)
"0E5266B4-9069-401A-93AE-5FF9F1712016" = Insaniquarium Deluxe from Hewlett-Packard Laptops (remove only)
"103EFD47-9F2C-4490-95DD-AE6C442AFB92" = SCRABBLE from Hewlett-Packard Laptops (remove only)
"1C3FDBBA-EBF7-4CDB-AD8A-A1125734AF86" = Tradewinds from Hewlett-Packard Laptops (remove only)
"382C11F0-1A18-4F76-B8E0-15CA7F209C22" = Chuzzle Deluxe from Hewlett-Packard Laptops (remove only)
"384E0BF4-1E1F-45A6-B60E-42144A3F15CD" = Blackhawk Striker 2 from Hewlett-Packard Laptops (remove only)
"4C061F83-EE92-445A-A03F-184B0BD59242" = Jewel Quest from Hewlett-Packard Laptops (remove only)
"5658FB14-16A4-4DAE-946B-1457BE31572E" = Boggle Supreme from Hewlett-Packard Laptops (remove only)
"5758A0E8-A112-4A1D-82EC-EC72F7F16B88" = Lexibox Deluxe from Hewlett-Packard Laptops (remove only)
"6E377D95-DF37-4E67-B64B-68C314600BCB" = Bejeweled 2 Deluxe from Hewlett-Packard Laptops (remove only)
"6ECB6EE6-92E1-4525-AF3B-3CE51A7C5F89" = FATE from Hewlett-Packard Laptops (remove only)
"7948472C-423F-4134-B68F-48D660A05D71" = Big Kahuna Reef from Hewlett-Packard Laptops (remove only)
"7A940E33-6993-404B-ABA6-ED62E8FBE615" = Bounce Symphony from Hewlett-Packard Laptops (remove only)
"7ED8A70C-9597-40BE-AEA0-0573182F1F51" = Super Granny from Hewlett-Packard Laptops (remove only)
"7F8C5718-1BA9-4AAE-96D2-2B04D05F2D54" = Polar Bowler from Hewlett-Packard Laptops (remove only)
"9F3399B2-9ED6-4339-84A2-686432638B86" = Blasterball 2 from Hewlett-Packard Laptops (remove only)
"Adobe Shockwave Player" = Adobe Shockwave Player
"AOL Explorer" = AOL Explorer
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Toolbar" = AOL Toolbar 2.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AskSBar Uninstall" = Ask Toolbar
"ATI Display Driver" = ATI Display Driver
"B0202B33-E73D-4FCD-AC88-0B2971AFC116" = Slyder from Hewlett-Packard Laptops (remove only)
"B0769D17-E72A-4E87-A83F-1F7A3F080008" = Bookworm Deluxe from Hewlett-Packard Laptops (remove only)
"C264D692-8E15-4141-96A2-5621332E5DD0" = Slingo Deluxe from Hewlett-Packard Laptops (remove only)
"Celtx (0.9.9.5)" = Celtx (0.9.9.5)
"CNXT_AUDIO" = Conexant AC-Link Audio
"CNXT_MODEM_PCI_VEN_1002&DEV_4378" = Soft Data Fax Modem with SmartCP
"D2E44AA4-8665-4490-A6C9-2D0744B47B27" = Polar Golfer from Hewlett-Packard Laptops (remove only)
"E332F38A-75F6-4EF2-88CC-246E8A1CB5D7" = Oasis from Hewlett-Packard Laptops (remove only)
"E76A7EFF-7758-49EE-B3FA-9699830A2D6B" = Mah Jong Quest from Hewlett-Packard Laptops (remove only)
"E94C7046-2F7D-4D4D-B76F-C412DCCEAAC2" = Crystal Maze from Hewlett-Packard Laptops (remove only)
"EF860173-4FB7-4DE1-8BE8-5400F05A0DC5" = Puzzle Express from Hewlett-Packard Laptops (remove only)
"F2566CC2-D4C4-44ED-A838-3F8288D8D3FE" = Flip Words from Hewlett-Packard Laptops (remove only)
"HP Game Console" = HP Game Console and games
"HP Imaging Device Functions" = HP Imaging Device Functions 6.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"hp photosmart 7700 series_Driver" = hp photosmart 7700 series
"HP Rhapsody" = HP Rhapsody
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"InstallShield_{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A}" = iPod for Windows 2005-10-12
"JDSecure" = JD Secure 3.1
"Lexmark 1200 Series" = Lexmark 1200 Series
"LiveUpdate" = LiveUpdate 2.0 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OINAnalytics" = OIN Analytics
"Spyware Doctor" = Spyware Doctor 7.0
"Steam" = Steam
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 0.9.4
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/14/2009 8:50:06 PM | Computer Name = SEAN | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module curslib.dll, version 6.0.88.4, fault address 0x00003f91.

Error - 12/14/2009 8:50:32 PM | Computer Name = SEAN | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module curslib.dll, version 6.0.88.4, fault address 0x00003f91.

Error - 12/14/2009 11:59:44 PM | Computer Name = SEAN | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module curslib.dll, version 6.0.88.4, fault address 0x00003f91.

Error - 12/14/2009 11:59:51 PM | Computer Name = SEAN | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module , version 6.0.88.4, fault address 0x00003f91.

Error - 12/15/2009 1:07:46 AM | Computer Name = SEAN | Source = Application Error | ID = 1000
Description = Faulting application helpctr.exe, version 5.1.2600.2180, faulting
module , version 0.0.0.0, fault address 0x00000000.

Error - 12/15/2009 1:24:00 AM | Computer Name = SEAN | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module curslib.dll, version 6.0.88.4, fault address 0x00003f91.

Error - 12/15/2009 1:24:01 AM | Computer Name = SEAN | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module curslib.dll, version 6.0.88.4, fault address 0x00003f91.

Error - 12/15/2009 1:32:06 AM | Computer Name = SEAN | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 9.0.0.2717, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/15/2009 1:32:06 AM | Computer Name = SEAN | Source = Application Hang | ID = 1002
Description = Hanging application WINWORD.EXE, version 9.0.0.2717, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 12/15/2009 2:25:27 AM | Computer Name = SEAN | Source = Application Error | ID = 1000
Description = Faulting application media card companion.exe, version 1.0.0.48, faulting
module media card companion.exe, version 1.0.0.48, fault address 0x0001a07b.

[ System Events ]
Error - 12/14/2009 5:17:30 AM | Computer Name = SEAN | Source = ipnathlp | ID = 32003
Description = The Network Address Translator (NAT) was unable to request an operation
of
the kernel-mode translation module. This may indicate misconfiguration, insufficient
resources, or an internal error. The data is the error code.

Error - 12/14/2009 2:56:53 PM | Computer Name = SEAN | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC000000D'
while processing the file 'BOOT.INI' on the volume 'HarddiskVolume3'. It has stopped
monitoring the volume.

Error - 12/14/2009 4:24:48 PM | Computer Name = SEAN | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.109 for the Network Card with network
address 0014A5A3E378 has been denied by the DHCP server 192.168.240.5 (The DHCP
Server sent a DHCPNACK message).

Error - 12/14/2009 4:37:11 PM | Computer Name = SEAN | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the PC Tools Security Service
service to connect.

Error - 12/14/2009 4:37:11 PM | Computer Name = SEAN | Source = Service Control Manager | ID = 7000
Description = The PC Tools Security Service service failed to start due to the following
error: %%1053

Error - 12/14/2009 4:37:11 PM | Computer Name = SEAN | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Webroot Spy Sweeper Engine
service to connect.

Error - 12/14/2009 4:37:11 PM | Computer Name = SEAN | Source = Service Control Manager | ID = 7000
Description = The Webroot Spy Sweeper Engine service failed to start due to the
following error: %%1053

Error - 12/14/2009 4:44:11 PM | Computer Name = SEAN | Source = Service Control Manager | ID = 7034
Description = The PC Tools Security Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 12/14/2009 5:25:47 PM | Computer Name = SEAN | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC000000D'
while processing the file 'BOOT.INI' on the volume 'HarddiskVolume3'. It has stopped
monitoring the volume.

Error - 12/14/2009 7:54:34 PM | Computer Name = SEAN | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.216.186
on the Network Card with network address 0014A5A3E378.


< End of report >

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

Java(TM) 6 Update 11
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 3
Viewpoint Manager (Remove Only)
Viewpoint Media Player

Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  :OTL
  O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
  O4 - HKLM..\Run: [] File not found
  O4 - HKLM..\Run: [joyozukas] C:\WINDOWS\System32\lusanuwo.DLL ()
  O4 - HKLM..\Run: [narenh] C:\WINDOWS\System32\msgygnsb.DLL (USA)
  O20 - AppInit_DLLs: (c:\windows\system32\lusanuwo.dll) - C:\WINDOWS\system32\lusanuwo.dll ()
  O21 - SSODL: bofoyubib - {10e48a4a-c2a2-46d8-a95d-0260e09b08c8} - C:\WINDOWS\system32\lusanuwo.dll ()
  O22 - SharedTaskScheduler: {10e48a4a-c2a2-46d8-a95d-0260e09b08c8} - jugezatag - C:\WINDOWS\system32\lusanuwo.dll ()
  O28 - HKLM ShellExecuteHooks: {B1A64443-6FCA-41CE-8D51-5F8991257555} - Reg Error: Key error. File not found
  O28 - HKLM ShellExecuteHooks: {B3102264-D09D-4322-B625-503FBF18DD7E} - Reg Error: Key error. File not found
  O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\yayyYOhH) - File not found
  
  :files
  C:\dcgwhpoh.exe
  C:\WINDOWS\System32\msgygnsb.dll
  C:\WINDOWS\tasks\zngxmhgj.job
  C:\WINDOWS\System32\rorabetu.dll
  C:\WINDOWS\System32\bunahotu.dll
  C:\WINDOWS\System32\hogayigi.dll
  C:\WINDOWS\System32\lusanuwo.dll
  C:\WINDOWS\System32\vinomisu.dll
  C:\WINDOWS\System32\moriyava.dll
  C:\WINDOWS\System32\nesilifo.dll
  C:\WINDOWS\System32\kahitepi.exe
  C:\WINDOWS\System32\felozomi.exe
  C:\WINDOWS\System32\rozomihi.dll
  C:\WINDOWS\System32\hulifofa.dll
  C:\WINDOWS\System32\uses32.dat
  C:\WINDOWS\System32\nelezuga.dll
  C:\WINDOWS\System32\rutasaka.dll
  C:\WINDOWS\System32\womojozo.dll
  C:\WINDOWS\System32\wukohiwe.dll
  C:\WINDOWS\System32\bivegedu.dll
  C:\WINDOWS\System32\ytgrsoic.ini
  C:\WINDOWS\System32\idijhbun.ini
  C:\WINDOWS\System32\afwvwuoo.ini
  C:\WINDOWS\System32\coqdesqi.ini
  C:\WINDOWS\System32\fvcuugnh.ini
  C:\WINDOWS\System32\dtdhejqk.ini
  C:\WINDOWS\System32\HhOYyyay.ini2
  C:\WINDOWS\System32\HhOYyyay.ini
  C:\WINDOWS\System32\QXxFffii.ini2
  C:\WINDOWS\System32\QXxFffii.ini
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  "AppInit_DLLs"=-
  "AppInit_DLLs"=""
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  "Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00
  
  :commands
  [purity]
  [emptytemp]
  [reboot]
  
  
  
• Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}\ deleted successfully.
C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\joyozukas deleted successfully.
C:\WINDOWS\system32\lusanuwo.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\narenh deleted successfully.
C:\WINDOWS\system32\msgygnsb.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\windows\system32\lusanuwo.dll deleted successfully.
File C:\WINDOWS\system32\lusanuwo.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\bofoyubib deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10e48a4a-c2a2-46d8-a95d-0260e09b08c8}\ deleted successfully.
File C:\WINDOWS\system32\lusanuwo.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{10e48a4a-c2a2-46d8-a95d-0260e09b08c8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10e48a4a-c2a2-46d8-a95d-0260e09b08c8}\ deleted successfully.
File C:\WINDOWS\system32\lusanuwo.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{B1A64443-6FCA-41CE-8D51-5F8991257555} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1A64443-6FCA-41CE-8D51-5F8991257555}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{B3102264-D09D-4322-B625-503FBF18DD7E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B3102264-D09D-4322-B625-503FBF18DD7E}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages:C:\WINDOWS\system32\yayyYOhH deleted successfully.
========== FILES ==========
C:\dcgwhpoh.exe moved successfully.
File\Folder C:\WINDOWS\System32\msgygnsb.dll not found.
C:\WINDOWS\tasks\zngxmhgj.job moved successfully.
C:\WINDOWS\System32\rorabetu.dll moved successfully.
C:\WINDOWS\System32\bunahotu.dll moved successfully.
C:\WINDOWS\System32\hogayigi.dll moved successfully.
File\Folder C:\WINDOWS\System32\lusanuwo.dll not found.
C:\WINDOWS\System32\vinomisu.dll moved successfully.
C:\WINDOWS\System32\moriyava.dll moved successfully.
C:\WINDOWS\System32\nesilifo.dll moved successfully.
C:\WINDOWS\System32\kahitepi.exe moved successfully.
C:\WINDOWS\System32\felozomi.exe moved successfully.
C:\WINDOWS\System32\rozomihi.dll moved successfully.
C:\WINDOWS\System32\hulifofa.dll moved successfully.
C:\WINDOWS\System32\uses32.dat moved successfully.
C:\WINDOWS\System32\nelezuga.dll moved successfully.
C:\WINDOWS\System32\rutasaka.dll moved successfully.
C:\WINDOWS\System32\womojozo.dll moved successfully.
C:\WINDOWS\System32\wukohiwe.dll moved successfully.
C:\WINDOWS\System32\bivegedu.dll moved successfully.
C:\WINDOWS\System32\ytgrsoic.ini moved successfully.
C:\WINDOWS\System32\idijhbun.ini moved successfully.
C:\WINDOWS\System32\afwvwuoo.ini moved successfully.
C:\WINDOWS\System32\coqdesqi.ini moved successfully.
C:\WINDOWS\System32\fvcuugnh.ini moved successfully.
C:\WINDOWS\System32\dtdhejqk.ini moved successfully.
C:\WINDOWS\System32\HhOYyyay.ini2 moved successfully.
C:\WINDOWS\System32\HhOYyyay.ini moved successfully.
C:\WINDOWS\System32\QXxFffii.ini2 moved successfully.
C:\WINDOWS\System32\QXxFffii.ini moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\\"Authentication Packages"|hex(7):6d,73,76,31,5f,30,00,00 /E : value set successfully!
========== COMMANDS ==========
C:\WINDOWS\АppPatch folder moved successfully.
C:\WINDOWS\Μіcrosoft.NET folder moved successfully.
C:\WINDOWS\ѕуstem folder moved successfully.
C:\WINDOWS\sуstem32 folder moved successfully.
C:\WINDOWS\System32\Fοnts folder moved successfully.
C:\WINDOWS\System32\Tаsks folder moved successfully.
C:\Program Files\Аdobe folder moved successfully.
C:\Program Files\Fοnts folder moved successfully.
C:\Program Files\Mіcrosoft folder moved successfully.
C:\Program Files\ѕуstem32 folder moved successfully.
C:\Program Files\Таsks folder moved successfully.
C:\Program Files\Common Files\Αdobe folder moved successfully.
C:\Program Files\Common Files\Аdobe\Аdobe folder moved successfully.
C:\Program Files\Common Files\Аdobe folder moved successfully.
C:\Program Files\Common Files\ΑppPatch folder moved successfully.
C:\Program Files\Common Files\Ѕymantec folder moved successfully.
C:\Program Files\Common Files\Ѕуmantec folder moved successfully.
C:\Program Files\Common Files\Τasks folder moved successfully.
C:\Documents and Settings\Sean\My Documents\Mіcrosoft folder moved successfully.
C:\Documents and Settings\Sean\My Documents\ѕecurity folder moved successfully.
C:\Documents and Settings\Sean\My Documents\ѕеcurity folder moved successfully.
C:\Documents and Settings\Sean\My Documents\ѕystem32 folder moved successfully.
C:\Documents and Settings\Sean\Application Data\ΑрpPatch folder moved successfully.
C:\Documents and Settings\Sean\Application Data\Ѕymantec folder moved successfully.
C:\Documents and Settings\Sean\Application Data\ѕymbols folder moved successfully.
C:\Documents and Settings\Sean\Application Data\ѕуmbols folder moved successfully.
C:\Documents and Settings\Sean\Application Data\sуstem folder moved successfully.
C:\Documents and Settings\Sean\Application Data\ѕystem32 folder moved successfully.
C:\Documents and Settings\Sean\Application Data\Таsks folder moved successfully.

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 24274788 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2401922 bytes

User: Sean
->Temp folder emptied: -1172948372 bytes
->Temporary Internet Files folder emptied: 29484120 bytes
->Java cache emptied: 9157049 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 137745 bytes
Windows Temp folder emptied: 91540322 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23948172 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 108295 bytes
RecycleBin emptied: 24862525 bytes

Total Files Cleaned = -922.20 mb


OTL by OldTimer - Version 3.1.17.0 log created on 12172009_170627

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\WTKF0V4J\Com_Mess;MN=93189867;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\WTKF0V4J\Main;MN=93204663;u=017432A8DD52070D;wm=o;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mre=1;nie=1;[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\R68FR90X\Com_Mess;MN=93189867;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\R68FR90X\Com_Mess;MN=93189867;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[2] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\R68FR90X\Com_Mess;MN=93189868;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\R68FR90X\Com_Mess;MN=93189870;u=017432A8DD52070D;wm=o;rm=1;af1=1;af4=1;am4=1;inc=7;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mre=1;nie=1;car[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9G72165\Com_Mess;MN=93189867;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9G72165\Com_Mess;MN=93189868;u=017432A8DD52070D;wm=o;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mre=1;ni[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9BCTK7U\Main;MN=93192002;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mr[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9BCTK7U\Main;MN=93227026;u=017432A8DD52070D;wm=o;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mre=1;nie=1;[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\KTI1GD6N\Com_Mess;MN=93189868;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\KTI1GD6N\Com_Mess;MN=93189870;u=017432A8DD52070D;wm=o;rm=1;af1=1;af4=1;am4=1;inc=7;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mre=1;nie=1;car[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\KTI1GD6N\Main;MN=93192002;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mr[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\AZ27ETY3\Com_Mess;MN=93189868;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\AZ27ETY3\Com_Mess;MN=93189870;u=017432A8DD52070D;wm=o;rm=1;af1=1;af4=1;am4=1;inc=7;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mre=1;nie=1;car[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\AZ27ETY3\Top;MN=93237071;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mre[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\8ZKRGZUR\Com_Mess;MN=93189867;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\8ZKRGZUR\Com_Mess;MN=93189867;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[2] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\8ZKRGZUR\Main;MN=93204663;u=017432A8DD52070D;wm=o;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;l33=1;l76=1;l20=1;l54=1;ch5=1;chn=2;dwe=1;wwm=1;l2=1;l12=1;l14=1;l22=1;l21=1;l[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\8ZKRGZUR\Top;MN=93237071;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mre[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\870FABUP\Com_Mess;MN=93189867;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\870FABUP\Com_Mess;MN=93189868;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\870FABUP\Main;MN=93227026;u=017432A8DD52070D;wm=o;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;l33=1;l76=1;l20=1;l54=1;ch5=1;chn=2;dwe=1;wwm=1;l2=1;l12=1;l14=1;l22=1;l21=1;l[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\83IXWNID\Com_Mess;MN=93189867;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\83IXWNID\Com_Mess;MN=93189868;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\83IXWNID\Main;MN=93192002;u=017432A8DD52070D;wm=o;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mre=1;nie=1;[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\83IXWNID\Main;MN=93192002;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mr[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\83IXWNID\Main;MN=93225964;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mr[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\83IXWNID\Top;MN=93237071;u=017432A8DD52070D;wm=o;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mre=1;nie=1;c[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\4RF720XP\click,AAAAACtYAwBWFQcAd4ICAAIACAAAAP8AAAACCwICAAMvgQMAcE4CAMfvAwAAAAAAAAAAAAAAAAAAAAAAAAAAAIFJCkcAAAAA,,file%3A%2F%2F%2Fc%3A%2Fdocuments+and+settings%2Fsean[2].html,;ord=1191856513 not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\4RF720XP\Com_Mess;MN=93189867;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\4RF720XP\Com_Mess;MN=93189867;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[2] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\4RF720XP\Com_Mess;MN=93189868;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\4RF720XP\Com_Mess;MN=93189868;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[2] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\4RF720XP\Main;MN=93225964;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mr[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\4RF720XP\nd%3Dhkazrj%2Cbdqtrkxbvfpv%26s%3D%26bg1%3D%26bg2%3D%26bg3%3D%26fid%3D%26sp%3D0%26cat%3D%26tvvid%3D%26tvch%3D%26tvcat%3D%26tvmcat%3D%26nwcat%3D%26nwvert%3D%26dwcat%3D,;ord=1191822680 not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\3J9NV1OK\Main;MN=93225964;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mr[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\3J9NV1OK\Top;MN=93237071;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mre[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\2TPANMLO\Com_Mess;MN=93189867;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=[1] not found!
File\Folder C:\Documents and Settings\Sean\Local Settings\Temp\Temporary Internet Files\Content.IE5\2TPANMLO\Main;MN=93204663;u=017432A8DD52070D;wm=o;rsi=10968;rm=1;af1=1;af4=1;am4=1;inc=7;r101=1;chl=2;mar=1;hme=2;ch5=1;chn=2;dwe=1;wwm=1;ccb=1;ccg=1;cct=1;ccu=1;aah=4;cby=1;mob=1;mr[1] not found!

Registry entries deleted on Reboot...

Can you run MBAM now?

I tried to uninstall and reinstall MBAM. When I tried to run it I got this:

The application failed to initialize properly (0x0000033). Click on OK to terminate the application.

I also still cannot get the internet to run. The computer is getting signal from the router, but I get:

Internet Explorer cannot display the webpage.

Hello.

Remove the Proxy setting in Internet Explorer and/or in FireFox.

In Internet Explorer

1. Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.
   

In Firefox

1. Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection > Choose "No Proxy"
   
2. Click the apply button and restart that computer in normal mode.
   

Can you get online now?

The internet now works, THANKS! Are there any further steps at this point I should have him take?

Hello.

Please uninstall MBAM, then download and run this little program:
http://www.malwarebytes.org/mbam-clean.exe

Then re-install MBAM see if you can get it working now.

PLEASE HELP!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:51:08, on 1/18/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [dyktonmm] C:\Users\jjindesert\AppData\Local\nrfmvs\koljsysguard.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\The Print Shop 23\Remind.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c98971e83cac90) (gupdate1c98971e83cac90) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8941 bytes

Hello.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
  O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
  O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  O4 - HKCU\..\Run: [dyktonmm] C:\Users\jjindesert\AppData\Local\nrfmvs\koljsysguard.exe
  
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.