I need help removing- Win:Kryptic-YK trojan

I think this Trojan is on my laptop. I started using it because my home computer (Dell Dimension E310) has a svchost.exe error on start up. When I would click the x or Ok it locks up. So I started using this laptop(Compaq Presario X1000 using Win XP) and got this Trojan!.
I have avast free antivirus installed on both now. It said that it found and deleted the Trojan on 1/18/11 but I think it's still there. The original file name was MsOcfg32.exe found in C:\DOCUME~1\AL\LOCALS~1\TEMP. I have been trying to fix this myself but not having much luck. I ran OLT and will include those logs. I have run Malwarebytes a few times before and it doesn't find anything. Now I can not download anything from the net or run some files from my desktop! Popup says "Windows cannot access the specifed device, path, or file. You may not have the appropriate permission to access the item." I also ran HijackThis and got rid of a few things with that. Thanks for any help.

OTL logfile created on: 1/22/2011 11:24:53 PM - Run 3
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Al\Desktop\computer fix stuff
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 240.00 Mb Available Physical Memory | 47.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 25.49 Gb Free Space | 68.42% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Al | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/17 22:52:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Al\Desktop\computer fix stuff\OTL.com
PRC - [2011/01/13 02:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 02:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/11/16 17:47:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010/11/16 17:46:04 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010/11/05 05:41:52 | 000,488,952 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2010/11/05 05:41:48 | 000,738,808 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/02/02 20:12:24 | 000,102,492 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe


========== Modules (SafeList) ==========

MOD - [2011/01/17 22:52:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Al\Desktop\computer fix stuff\OTL.com
MOD - [2011/01/13 02:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/11/05 05:41:56 | 000,640,504 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/07/12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/07/12 01:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2005/02/02 20:12:16 | 000,069,724 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/13 02:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/11/16 17:47:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010/11/05 05:41:52 | 000,488,952 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)


========== Driver Services (SafeList) ==========

DRV - [2011/01/13 02:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 02:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 02:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 02:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 02:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 02:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/11/05 05:41:44 | 000,026,872 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2009/12/18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/03/09 05:03:24 | 000,121,984 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/08/13 16:23:56 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/08/02 22:09:00 | 000,674,560 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w70n51.sys -- (w70n51) Intel(R)
DRV - [2005/03/04 15:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/02/02 19:59:00 | 000,191,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/08/03 16:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/04/24 19:01:28 | 000,624,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/03/20 17:24:34 | 000,026,240 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wbsd.sys -- (WBSD) Winbond Secure Digital Storage (SD/MMC)
DRV - [2003/03/05 12:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)
DRV - [2001/08/17 06:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hotsheet.com/
IE - HKCU\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "qrobe.it"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.hotsheet.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.260.0
FF - prefs.js..extensions.enabledItems: {20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}:1.9
FF - prefs.js..extensions.enabledItems: {30A7232F-77C9-4bd3-A812-3036704DB7AC}:3.3.5
FF - prefs.js..extensions.enabledItems: {1519200d-6633-40c9-a9a1-d60d8d1d0479}:1.0.2
FF - prefs.js..extensions.enabledItems: djziggy@gmail.com:1.2.4
FF - prefs.js..extensions.enabledItems: {5b175400-2368-11de-8c30-0800200c9a66}:1.9
FF - prefs.js..network.proxy.type: 4


FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/01/20 17:04:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/22 03:06:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/22 03:06:37 | 000,000,000 | ---D | M]

[2009/02/20 13:32:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Al\Application Data\Mozilla\Extensions
[2011/01/22 18:01:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\39emgr5z.default\extensions
[2011/01/22 10:27:58 | 000,000,000 | ---D | M] (FaceTweak) -- C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\39emgr5z.default\extensions\{1519200d-6633-40c9-a9a1-d60d8d1d0479}
[2010/12/04 08:01:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\39emgr5z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/22 10:25:12 | 000,000,000 | ---D | M] ("Facebook PhotoZoom") -- C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\39emgr5z.default\extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}
[2011/01/22 10:25:12 | 000,000,000 | ---D | M] (Facebook Friend Request, Notifications & Messages Alerts + Facebook Like Button) -- C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\39emgr5z.default\extensions\{30A7232F-77C9-4bd3-A812-3036704DB7AC}
[2011/01/22 04:05:38 | 000,000,000 | ---D | M] (Oskar) -- C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\39emgr5z.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
[2011/01/22 03:40:05 | 000,000,000 | ---D | M] (LavaFox V1-Blue) -- C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\39emgr5z.default\extensions\djziggy@gmail.com
[2011/01/22 04:01:46 | 000,002,152 | ---- | M] () -- C:\Documents and Settings\Al\Application Data\Mozilla\Firefox\Profiles\39emgr5z.default\searchplugins\qrobeit.xml
[2011/01/22 03:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/20 17:04:45 | 000,000,000 | ---D | M] (ZoneAlarm Security Engine) -- C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER
[2009/02/20 20:16:36 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

O1 HOSTS File: ([2004/08/12 07:57:47 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Toolbar) - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Redemption] File not found
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 155
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 155
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1291612378702 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Al\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Al\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/02/20 12:36:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a05098e0-1385-11e0-a1c0-000423693c62}\Shell - "" = AutoRun
O33 - MountPoints2\{a05098e0-1385-11e0-a1c0-000423693c62}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a05098e0-1385-11e0-a1c0-000423693c62}\Shell\AutoRun\command - "" = F:\ONSPCLCK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SanDisk Media Manager.lnk - - File not found

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: vsmon - C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03452F4B-B469-4935-E803-8D8B9CDBB245} - IE7 Uninstall Stub
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Unable to start service SrService!

========== Files/Folders - Created Within 30 Days ==========

[2011/01/22 18:38:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Al\Recent
[2011/01/22 16:47:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Desktop\backups
[2011/01/22 10:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Start Menu\Programs\Revo Uninstaller
[2011/01/22 03:06:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox
[2011/01/22 02:49:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/01/22 02:49:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/22 02:48:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/01/20 21:30:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Al\Desktop\VMC Forms-Revised October 2007
[2011/01/20 16:44:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\My Documents\ForceField Shared Files
[2011/01/20 16:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Application Data\CheckPoint
[2011/01/20 16:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Local Settings\Application Data\Conduit
[2011/01/20 16:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2011/01/20 16:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Local Settings\Application Data\ZoneAlarm_Security
[2011/01/20 16:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm_Security
[2011/01/20 16:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2011/01/20 16:43:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm
[2011/01/20 16:43:05 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2011/01/20 16:42:59 | 000,104,448 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2011/01/20 16:42:59 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2011/01/20 16:42:47 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2011/01/20 16:42:40 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2011/01/20 16:42:40 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2011/01/20 16:42:39 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2011/01/20 16:42:39 | 000,108,032 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2011/01/20 16:42:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2011/01/20 16:42:35 | 000,532,224 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2011/01/20 16:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2011/01/20 16:40:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/01/20 16:40:18 | 000,715,264 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2011/01/20 16:40:18 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2011/01/20 16:40:18 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2011/01/20 15:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Desktop\cell stuff
[2011/01/20 15:47:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Desktop\router
[2011/01/20 12:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Desktop\DVD Copyer
[2011/01/19 12:38:19 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.2
[2011/01/19 12:16:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Application Data\FastStone
[2011/01/19 12:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\FastStone Image Viewer
[2011/01/19 12:16:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FastStone Image Viewer
[2011/01/19 10:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2011/01/18 08:36:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/01/17 23:37:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/01/17 23:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/01/17 23:30:21 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/01/17 23:30:21 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/01/17 23:30:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/01/17 23:30:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/01/17 22:29:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/01/16 11:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/01/16 11:10:34 | 000,294,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/01/16 11:10:34 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/01/16 11:10:32 | 000,047,440 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/01/16 11:10:32 | 000,023,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/01/16 11:10:30 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/01/16 11:10:30 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/01/16 11:10:30 | 000,029,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/01/16 11:10:12 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/01/16 11:10:11 | 000,188,216 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/01/16 11:10:02 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2011/01/16 11:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/01/07 09:45:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Desktop\computer fix stuff
[2011/01/05 18:58:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/12/31 10:56:17 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2010/12/31 10:56:03 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2010/12/29 14:12:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Application Data\Redemption
[2010/12/26 22:39:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Al\Desktop\pics
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/22 22:47:02 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/22 16:51:07 | 000,000,874 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/22 16:50:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/22 13:39:19 | 000,013,754 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/22 03:06:44 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Al\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/22 03:06:44 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/22 02:49:02 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Al\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/01/22 00:10:51 | 000,000,134 | ---- | M] () -- C:\WINDOWS\REDEMUNINS.INI
[2011/01/21 23:50:20 | 004,158,956 | ---- | M] () -- C:\Documents and Settings\Al\Desktop\Commy.exe
[2011/01/21 20:11:17 | 000,421,443 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/01/20 16:43:09 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/01/19 21:07:48 | 000,138,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/19 12:38:24 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.2.lnk
[2011/01/19 12:16:28 | 000,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FastStone Image Viewer.lnk
[2011/01/17 23:39:11 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/01/16 11:10:31 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/01/15 18:40:08 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Al\Local Settings\Application Data\prvlcl.dat
[2011/01/15 08:07:13 | 104,334,540 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm.old
[2011/01/13 02:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/01/13 02:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/01/13 02:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/01/13 02:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/01/13 02:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/01/13 02:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/01/13 02:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/01/13 02:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/01/13 02:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/01/09 22:21:28 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2011/01/09 22:03:05 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/01/05 23:25:09 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Al\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/01/05 18:55:56 | 000,110,006 | ---- | M] () -- C:\Documents and Settings\Al\My Documents\cc_20110105_185542.reg
[2010/12/27 00:40:31 | 000,003,655 | ---- | M] () -- C:\Documents and Settings\Al\.recently-used.xbel
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/22 03:06:44 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Al\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/01/22 03:06:44 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/22 02:49:02 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Al\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/01/21 23:50:20 | 004,158,956 | ---- | C] () -- C:\Documents and Settings\Al\Desktop\Commy.exe
[2011/01/20 16:43:09 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/01/20 16:42:35 | 000,421,443 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/01/19 12:38:24 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.2.lnk
[2011/01/19 12:16:28 | 000,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FastStone Image Viewer.lnk
[2011/01/18 08:35:46 | 000,000,878 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/18 08:35:45 | 000,000,874 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/17 23:39:11 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/01/15 09:10:13 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Al\Local Settings\Application Data\prvlcl.dat
[2011/01/09 22:03:05 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/01/05 18:55:51 | 000,110,006 | ---- | C] () -- C:\Documents and Settings\Al\My Documents\cc_20110105_185542.reg
[2010/12/29 13:56:14 | 000,000,134 | ---- | C] () -- C:\WINDOWS\REDEMUNINS.INI
[2010/12/27 00:40:31 | 000,003,655 | ---- | C] () -- C:\Documents and Settings\Al\.recently-used.xbel
[2010/12/17 22:44:39 | 000,072,384 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/12/17 20:14:46 | 000,000,141 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/12/12 02:41:53 | 000,004,990 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\mtbjfghn.xbe
[2009/09/27 15:26:35 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Al\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/03 12:18:04 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/02/20 06:29:15 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\WINDOWS\HPBroker.dll
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2003/04/24 18:59:46 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/02/20 12:35:29 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 06:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 04:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/01/13 02:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010/12/13 18:39:04 | 000,016,952 | ---- | M] (Un4seen Developments) -- C:\Documents and Settings\Al\Application Data\Microsoft\1eaadjc.dll
[2010/12/13 18:39:07 | 000,018,724 | ---- | M] () -- C:\Documents and Settings\Al\Application Data\Microsoft\bass.dll
[2010/12/13 18:39:08 | 000,321,536 | ---- | M] () -- C:\Documents and Settings\Al\Application Data\Microsoft\engine_vx.dll
[2010/12/13 18:39:04 | 000,014,392 | ---- | M] (Un4seen Developments) -- C:\Documents and Settings\Al\Application Data\Microsoft\kfgresk.dll
[2010/12/25 10:47:04 | 000,001,746 | -H-- | M] () -- C:\Documents and Settings\Al\Application Data\Microsoft\LastFlashConfig.WFC
[2010/12/13 18:39:04 | 000,013,984 | ---- | M] () -- C:\Documents and Settings\Al\Application Data\Microsoft\mjcriu.dll
[2010/12/13 18:39:04 | 000,010,808 | ---- | M] (Un4seen Developments) -- C:\Documents and Settings\Al\Application Data\Microsoft\peaadje.dll
[2010/12/13 18:39:04 | 000,026,200 | ---- | M] ( JOBnik! [Arthur Aminov, ISRAEL]) -- C:\Documents and Settings\Al\Application Data\Microsoft\qwadjb.dll
[2010/12/13 18:39:04 | 000,015,416 | ---- | M] (Un4seen Developments) -- C:\Documents and Settings\Al\Application Data\Microsoft\rsaadjd.dll
[1 C:\Documents and Settings\Al\Application Data\Microsoft\*.tmp files -> C:\Documents and Settings\Al\Application Data\Microsoft\*.tmp -> ]

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/08/05 20:37:51 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/02/20 12:43:55 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Al\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/02/20 12:43:54 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Al\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2011/01/21 23:50:20 | 004,158,956 | ---- | M] () -- C:\Documents and Settings\Al\Desktop\Commy.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/12/03 13:35:07 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/12/03 13:35:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/12/03 13:35:08 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2010/12/03 13:35:08 | 000,245,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe
[1 C:\Program Files\Mozilla Firefox\*.tmp files -> C:\Program Files\Mozilla Firefox\*.tmp -> ]

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/02/20 12:43:55 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Al\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009/02/20 06:27:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009/02/20 06:27:01 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009/02/20 06:27:01 | 000,888,832 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2004/08/12 07:55:47 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2004/08/12 07:56:34 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2004/08/12 07:57:44 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2004/08/12 07:58:39 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/12 07:58:39 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2004/08/12 08:02:34 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2004/08/12 08:02:34 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2004/08/12 08:02:34 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2004/08/12 08:02:34 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2004/08/12 08:02:35 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/12 08:02:36 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/12 08:02:37 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/12 08:02:37 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/12 08:02:37 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/12 08:02:37 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\vsdatant.sys
[2008/04/13 12:44:59 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2010/10/26 07:25:00 | 001,853,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >
[2008/04/13 18:11:48 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/13 18:11:48 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/13 18:11:48 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/13 18:11:48 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/13 18:11:48 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/13 18:11:48 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/13 18:11:48 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008/04/13 18:11:50 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/13 18:11:50 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/13 18:11:50 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/13 18:11:50 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/13 18:11:50 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/13 18:11:50 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2008/04/13 18:12:05 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2008/04/13 18:12:08 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 06:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

< %SYSTEMDRIVE%\*.* >
[2009/02/20 12:36:13 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/02/20 12:28:20 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2009/02/20 12:36:13 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/02/20 12:36:13 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/01/17 23:33:01 | 000,020,906 | ---- | M] () -- C:\JavaRa.log
[2009/02/20 12:36:13 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/12 08:02:33 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/08/05 20:25:21 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/01/22 16:50:21 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2011/01/22 16:50:48 | 000,000,072 | ---- | M] () -- C:\Pollog.txt
[2011/01/22 16:50:48 | 000,048,750 | ---- | M] () -- C:\PollSt.txt
[2010/12/04 09:14:43 | 000,000,250 | ---- | M] () -- C:\WirelessDiagLog.csv

< %PROGRAMFILES%\*. >
[2011/01/17 23:38:30 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/01/16 11:10:02 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2010/10/04 16:11:41 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/02/20 20:51:20 | 000,000,000 | ---D | M] -- C:\Program Files\Audacity
[2011/01/16 10:32:58 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2010/12/12 13:40:19 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/12/11 12:56:30 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2011/01/20 16:43:14 | 000,000,000 | ---D | M] -- C:\Program Files\CheckPoint
[2011/01/17 23:37:08 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/02/20 12:32:01 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2011/01/20 16:43:32 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2009/12/08 14:55:50 | 000,000,000 | ---D | M] -- C:\Program Files\Essentials Codec Pack
[2011/01/19 12:16:35 | 000,000,000 | ---D | M] -- C:\Program Files\FastStone Image Viewer
[2011/01/20 09:42:38 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/12/08 18:56:43 | 000,000,000 | ---D | M] -- C:\Program Files\Haali
[2010/12/20 23:01:36 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/12/04 10:46:35 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/12/04 10:47:42 | 000,000,000 | ---D | M] -- C:\Program Files\Intel Desktop Board
[2011/01/01 14:37:31 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/12/10 18:28:39 | 000,000,000 | ---D | M] -- C:\Program Files\IObit
[2010/12/12 13:42:07 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2009/02/20 13:31:58 | 000,000,000 | ---D | M] -- C:\Program Files\IrfanView
[2010/12/12 13:43:16 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/01/17 23:33:00 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/02/20 20:49:09 | 000,000,000 | ---D | M] -- C:\Program Files\JDVoiceMail_2.53
[2011/01/19 12:33:44 | 000,000,000 | ---D | M] -- C:\Program Files\JRE
[2010/12/14 13:52:25 | 000,000,000 | ---D | M] -- C:\Program Files\Lavalys
[2009/02/20 20:54:43 | 000,000,000 | ---D | M] -- C:\Program Files\Learning Series
[2010/12/17 21:06:47 | 000,000,000 | ---D | M] -- C:\Program Files\Macromedia
[2011/01/22 02:49:03 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/05 20:46:39 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/02/20 12:36:30 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2009/02/20 13:35:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/12/05 23:37:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/10/01 11:20:10 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/01/22 03:06:42 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/12/04 04:28:31 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/02/20 13:34:46 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2009/02/20 12:30:29 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2009/02/20 12:31:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2010/12/05 23:34:37 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/08/05 20:29:37 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2011/01/19 12:36:21 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2010/12/15 14:47:58 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/10/04 16:13:08 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/12/04 04:28:14 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/12/08 18:56:16 | 000,000,000 | ---D | M] -- C:\Program Files\SourceTec
[2010/12/28 09:32:58 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2010/12/05 23:33:07 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2010/12/04 10:38:57 | 000,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab
[2009/02/20 12:43:42 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/01/22 10:37:36 | 000,000,000 | ---D | M] -- C:\Program Files\VS Revo Group
[2010/12/18 13:46:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2010/12/17 23:37:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2010/12/17 23:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/08/05 20:29:29 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/02/20 12:33:52 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2010/12/17 20:12:44 | 000,000,000 | ---D | M] -- C:\Program Files\Xenocode
[2009/02/20 12:36:30 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2011/01/20 16:42:33 | 000,000,000 | ---D | M] -- C:\Program Files\Zone Labs
[2011/01/20 16:43:33 | 000,000,000 | ---D | M] -- C:\Program Files\ZoneAlarm_Security

< %appdata%\*.* >
[2009/02/20 06:28:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Al\Application Data\desktop.ini


< MD5 for: AGP440.SYS >
[2004/08/12 08:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/08/05 20:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009/08/05 20:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\AGP440.SYS
[2004/08/03 17:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/12 08:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/08/05 20:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/08/05 20:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2004/08/12 07:55:51 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/12 08:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2009/08/05 20:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2009/08/05 20:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/12 07:56:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 12:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 12:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/12 07:57:17 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: IASTOR.SYS >
[2004/08/12 08:11:50 | 000,467,200 | ---- | M] (Intel Corporation) MD5=F26BFD48B1C314E0F23BF77ACFA75940 -- C:\WINDOWS\dell\iastor\iastor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/12 08:02:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/12 08:04:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/12 08:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2009/08/05 20:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2009/08/05 20:19:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2004/08/03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys
[2008/04/13 12:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/13 12:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-01-12 15:11:44

========== Alternate Data Streams ==========

@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D6E5D55
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >

OTL Extras logfile created on: 1/22/2011 11:24:53 PM - Run 3
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Al\Desktop\computer fix stuff
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 240.00 Mb Available Physical Memory | 47.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 25.49 Gb Free Space | 68.42% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Al | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 23
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel(R) PROSet/Wireless WiFi Software
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4E8814-F682-4197-8F4B-E9FFC6F08977}" = System Requirements Lab for Intel
"{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1" = Sothink Movie DVD Maker
"{5BBA91EA-B2AB-4766-B1BB-C7810DA6FE42}_is1" = JDVoiceMail 2.53
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BEF106F8-2689-4530-925A-E1117836E8CD}" = Google SketchUp 7
"{BEFBEDDF-1417-4C8A-92FB-F003C0D41199}" = OpenOffice.org 3.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.2
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"FastStone Image Viewer" = FastStone Image Viewer 4.3
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ProInst" = Intel PROSet Wireless
"Revo Uninstaller" = Revo Uninstaller 1.91
"Smart Defrag_is1" = Smart Defrag
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TypingTutor" = TypingTutor
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 2.3d
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/17/2010 2:02:05 PM | Computer Name = PRAYUNIT-3121A2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/17/2010 2:02:05 PM | Computer Name = PRAYUNIT-3121A2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1484405

Error - 12/17/2010 2:02:05 PM | Computer Name = PRAYUNIT-3121A2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1484405

Error - 12/17/2010 7:56:25 PM | Computer Name = PRAYUNIT-3121A2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/17/2010 7:56:25 PM | Computer Name = PRAYUNIT-3121A2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4027281

Error - 12/17/2010 7:56:25 PM | Computer Name = PRAYUNIT-3121A2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4027281

Error - 12/18/2010 12:43:39 AM | Computer Name = PRAYUNIT-3121A2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/18/2010 12:43:39 AM | Computer Name = PRAYUNIT-3121A2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1874796

Error - 12/18/2010 12:43:39 AM | Computer Name = PRAYUNIT-3121A2 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1874796

Error - 12/18/2010 1:40:55 AM | Computer Name = PRAYUNIT-3121A2 | Source = Windows Search Service | ID = 3024
Description = The update cannot be started because the content sources cannot be
accessed. Fix the errors and try the update again. Context: Windows Application,
SystemIndex Catalog

[ System Events ]
Error - 1/18/2011 12:33:34 AM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 1/18/2011 12:33:34 AM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 1/18/2011 12:33:34 AM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 1/18/2011 12:33:34 AM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 1/18/2011 12:33:34 AM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 1/18/2011 12:33:34 AM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 1/18/2011 12:33:34 AM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 1/18/2011 12:33:35 AM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 1/18/2011 12:33:35 AM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 1/18/2011 12:33:35 AM | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126


< End of report >

Hello.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Thanks for your reply. I loaded the program to my desktop. Double clicked it and a error popped up saying. "C:\Documents and Settings\Al\Desktop\mbam-setup-1.50.1.1100.exe is not a valid Win32 application." I can not run the program.

Hello.

• Download combofix from here
  Link 1
  
  1. If you are using Firefox, make sure that your download settings are as follows:
  
  * Tools->Options->Main tab
  * Set to "Always ask me where to Save the files".
  
  2. During the download, rename Combofix to Combo-Fix as follows:
  
  
  
  
  
  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
  
• We need to disable your local AV (Anti-virus) before running Combofix.
  
• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
  
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
  
  
  
• The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
  
  
  
  
• Allow ComboFix to download the Recovery Console.
  
• Accept the End-User License Agreement.
  
• The Recovery Console will be installed.
  
• You will then get this next prompt that asks if you want to continue the malware scan, select yes
  
  
  
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

I changed some internet settings and was finally able to download and run mbam a few min ago. I couldn't download it from this page but I could from the sticky above the malware forum. It didn't find anything. Here is the log.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5686

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2/5/2011 4:06:05 PM
mbam-log-2011-02-05 (16-06-05).txt

Scan type: Quick scan
Objects scanned: 147148
Time elapsed: 7 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I am following your instructions above and will post back soon.

Here is the combofix log and a few questions.
1. Why when i post it shows up that I posted a hour earlier then the time is.
2. The log below shows that " AVG Firewall *Disabled*" this and Zone Alarm Firewall (ZA was corrupted) were deleted awhile back.
3. I downloaded the Sunbelt personal firewall to desktop but haven't installed it yet and Avast seems to really slow this computer down at times. I just don't know which program or combination (anti virus/firewall) to use...
Thanks again for all your help!


ComboFix 11-02-05.01 - Al 02/05/2011 16:34:14.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.248 [GMT -6:00]
Running from: c:\documents and settings\Al\Desktop\Combo-Fix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Al\Application Data\Microsoft\~DFK843e6c.tmp
c:\documents and settings\Al\Application Data\Microsoft\1eaadjc.dll
c:\documents and settings\Al\Application Data\Microsoft\bass.dll
c:\documents and settings\Al\Application Data\Microsoft\engine_vx.dll
c:\documents and settings\Al\Application Data\Microsoft\kfgresk.dll
c:\documents and settings\Al\Application Data\Microsoft\mjcriu.dll
c:\documents and settings\Al\Application Data\Microsoft\peaadje.dll
c:\documents and settings\Al\Application Data\Microsoft\qwadjb.dll
c:\documents and settings\Al\Application Data\Microsoft\rsaadjd.dll
c:\windows\system32\drivers\etc\lmhosts
c:\windows\XSxS

.
((((((((((((((((((((((((( Files Created from 2011-01-05 to 2011-02-05 )))))))))))))))))))))))))))))))
.

2011-02-05 21:58 . 2011-02-05 21:58 -------- d-----w- c:\documents and settings\Al\Application Data\Malwarebytes
2011-02-05 21:58 . 2010-12-21 00:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-05 21:58 . 2010-12-21 00:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-02 04:29 . 2011-02-02 04:29 -------- d-----w- c:\program files\iPod
2011-02-02 04:28 . 2011-02-02 04:30 -------- d-----w- c:\program files\iTunes
2011-02-02 04:27 . 2011-02-02 04:27 -------- d-----w- c:\program files\Apple Software Update
2011-02-02 04:27 . 2010-12-15 00:51 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-02 04:27 . 2010-12-15 00:51 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-02 04:26 . 2011-02-02 04:28 -------- d-----w- c:\program files\Common Files\Apple
2011-02-02 00:05 . 2011-02-02 00:05 -------- d-----w- c:\windows\Internet Logs
2011-02-01 18:08 . 2011-02-05 21:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-30 23:32 . 2011-02-02 03:25 -------- d-----w- c:\documents and settings\Administrator
2011-01-30 11:36 . 2011-01-30 11:36 -------- d-----w- c:\documents and settings\Al\Local Settings\Application Data\Microsoft_Corporation
2011-01-30 02:21 . 2011-01-30 02:26 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-01-30 02:16 . 2011-01-30 02:16 -------- d-----w- c:\program files\Bonjour
2011-01-30 01:55 . 2011-01-30 01:55 -------- d-----w- c:\documents and settings\Al\Application Data\Auslogics
2011-01-28 06:12 . 2011-01-28 06:12 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-01-28 06:12 . 2011-01-28 06:12 -------- d-----w- c:\documents and settings\Al\Application Data\SUPERAntiSpyware.com
2011-01-28 06:11 . 2011-01-28 06:12 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-01-26 15:26 . 2011-01-26 15:26 -------- d-----w- c:\windows\system32\Adobe
2011-01-20 22:44 . 2011-01-20 22:44 -------- d-----w- c:\documents and settings\Al\Application Data\CheckPoint
2011-01-20 22:43 . 2011-01-26 07:40 -------- d-----w- c:\documents and settings\Al\Local Settings\Application Data\Conduit
2011-01-20 22:43 . 2011-01-20 22:43 -------- d-----w- c:\program files\CheckPoint
2011-01-19 18:16 . 2011-01-19 18:16 -------- d-----w- c:\documents and settings\Al\Application Data\FastStone
2011-01-19 18:16 . 2011-01-19 18:16 -------- d-----w- c:\program files\FastStone Image Viewer
2011-01-19 16:17 . 2011-01-19 16:17 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee
2011-01-18 14:36 . 2011-01-18 14:36 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2011-01-18 05:37 . 2011-01-18 05:37 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-01-18 05:30 . 2010-11-13 00:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-16 17:10 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-16 17:10 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-16 17:10 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-16 17:10 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-16 17:10 . 2011-01-13 08:40 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-16 17:10 . 2011-01-13 08:39 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-16 17:10 . 2011-01-13 08:37 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-16 17:10 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr
2011-01-16 17:10 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-16 17:10 . 2011-01-16 17:10 -------- d-----w- c:\program files\Alwil Software
2011-01-16 17:10 . 2011-01-16 17:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-29 23:38 . 2010-11-29 23:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 23:38 . 2010-11-29 23:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12 . 2009-02-20 18:32 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 22:34 . 2009-02-20 21:25 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2004-08-12 14:02 249856 ----a-w- c:\windows\system32\odbc32.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"ATIModeChange"="Ati2mdxx.exe" [2002-08-28 28672]
"AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 88209]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-03 102492]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-03 692316]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SanDisk Media Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\SanDisk Media Manager.lnk
backup=c:\windows\pss\SanDisk Media Manager.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/16/2011 11:10 AM 294608]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 12:25 PM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 12:41 PM 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/16/2011 11:10 AM 17744]
R3 WBSD;Winbond Secure Digital Storage (SD/MMC) Device Driver;c:\windows\system32\drivers\wbsd.sys [12/20/2010 11:01 PM 26240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/18/2011 8:35 AM 136176]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [12/18/2009 11:58 AM 11336]
S3 Dcoliumkm;Dcoliumkm; [x]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [8/12/2004 8:06 AM 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.hotsheet.com/
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Trusted Zone: microsoft.com\windowsupdate
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
FF - ProfilePath - c:\documents and settings\Al\Application Data\Mozilla\Firefox\Profiles\39emgr5z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - qrobe.it
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2645238&SearchSource=13
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: LavaFox V1-Blue: djziggy@gmail.com - %profile%\extensions\djziggy@gmail.com
FF - Ext: Oskar: {5b175400-2368-11de-8c30-0800200c9a66} - %profile%\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
FF - Ext: Facebook PhotoZoom: {20cc25e2-48c9-45e1-9a1f-1ccc1882b81b} - %profile%\extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}
FF - Ext: Facebook Friend Request, Notifications & Messages Alerts + Facebook Like Button: {30A7232F-77C9-4bd3-A812-3036704DB7AC} - %profile%\extensions\{30A7232F-77C9-4bd3-A812-3036704DB7AC}
FF - Ext: FaceTweak: {1519200d-6633-40c9-a9a1-d60d8d1d0479} - %profile%\extensions\{1519200d-6633-40c9-a9a1-d60d8d1d0479}
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-Redemption - \redemption.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-05 16:39
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-299502267-2111687655-854245398-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(700)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\netprovcredman.dll
.
Completion time: 2011-02-05 16:42:47
ComboFix-quarantined-files.txt 2011-02-05 22:42

Pre-Run: 22,667,268,096 bytes free
Post-Run: 22,713,028,608 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - B70EB266608332E4144386C1A500F46F

Hello.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

• Check (tick) this box: YES, I accept the Terms of Use.
  
• Click on the Start button next to it.
  
• When prompted to run ActiveX. click Yes.
  
• You will be asked to install an ActiveX. Click Install.
  
• Once installed, the scanner will be initialized.
  
• After the scanner is initialized, click Start.
  
• Check (tick) Remove found threats box.
  
• Check (tick) Scan unwanted applications.
  
• Click on Scan.
  
• It will start scanning. Please be patient.
  
• Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.
  

Hi again,
Here is the eset log.

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=3284f0f463b0df469c4e2aec0e78892a
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-02-07 05:02:52
# local_time=2011-02-07 11:02:52 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777215 100 0 980064 980064 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=43358
# found=0
# cleaned=0
# scan_time=2309

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

ZoneAlarm Toolbar

How is the machine running now?

Hi again,
My laptop seems to be working better now thank you very much!
I went to the Add/Remove spot but ZoneAlarm Toolbar is not listed there altho the ESET online scanner is. Should I delete this and combo-fix now and any info on my other two questions?
Thanks again, DGF

What two questions?

discgolffreak wrote:

Here is the combofix log and a few questions.
1. Why when i post it shows up that I posted a hour earlier then the time is.
2. The log below shows that " AVG Firewall *Disabled*" this and Zone Alarm Firewall (ZA was corrupted) were deleted awhile back.
3. I downloaded the Sunbelt personal firewall to desktop but haven't installed it yet and Avast seems to really slow this computer down at times. I just don't know which program or combination (anti virus/firewall) to use...
Thanks again for all your help!


I was referring to #1 & 3 from this post above. Thanks, DGF

Hello.

1. Why when i post it shows up that I posted a hour earlier then the time is.

That's the forum time.

2. The log below shows that " AVG Firewall *Disabled*" this and Zone Alarm Firewall (ZA was corrupted) were deleted awhile back.

Just a leftover.

3. I downloaded the Sunbelt personal firewall to desktop but haven't installed it yet and Avast seems to really slow this computer down at times. I just don't know which program or combination (anti virus/firewall) to use...

The slowness is related to hardware more than likely, you have quite a low amount of RAM.

I understand now. Thank you again for all the time and effort you spent helping me fix this laptop.

My old home computer [Dell E-310] was my original reason for getting on this site but I got a bit sidetracked when the laptop started acting weird. I'm guessing that I should start a new post concerning my old Dell E-310 computer, or should I just trash that old thing and upgrade? Any input you might have would be much appreciated.

Thanks again, DGF

Either is up to you, but if it was me, i'd upgrade for without a doubt.

Right, sorry I'm still learning. Thanks again for all your help. DGF