Malwarebytes Closes after 2 seconds

Hi, im trying to run malwarebytes but it closes after 2 seconds. also when i tried to find resources on firefox that closed also, i ran avast antivirus, exterminate it anti spyware but neither found anything. Heres the hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 10:36:22 AM, on 11/20/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Brownie\BrstsWnd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Maxthon2\Maxthon.exe
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\M54HEPQ2\SystemLook[1].exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\user\My Documents\utorrent\New Folder\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe Autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{A12822CC-159C-41CF-BA28-11A533950B9E}: NameServer = 192.168.1.1
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PCPitstop Scheduling - PC Pitstop LLC - C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

and also noticed that there was a toic about this and it said to do a search for a few .dll files

SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 10:25 on 20/11/2009 by user (Administrator - Elevation successful)

========== filefind ==========

Searching for "scecli.dll"
C:\i386\scecli.dll --a--- 180224 bytes [08:32 01/07/2006] [09:00 04/08/2004] 0F78E27F563F2AAF74B91A49E2ABF19A
C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\scecli.dll --a--- 181248 bytes [23:47 13/03/2009] [00:12 14/04/2008] A86BB5E61BF3E39B62AB4C7E7085A084
C:\WINDOWS\system32\scecli.dll --a--- 180224 bytes [16:51 10/08/2004] [09:00 04/08/2004] 0F78E27F563F2AAF74B91A49E2ABF19A

Searching for "netlogon.dll"
C:\i386\netlogon.dll --a--- 407040 bytes [08:29 01/07/2006] [09:00 04/08/2004] 96353FCECBA774BB8DA74A1C6507015A
C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\netlogon.dll --a--- 407040 bytes [23:47 13/03/2009] [00:12 14/04/2008] 1B7F071C51B77C272875C3A23E1E4550
C:\WINDOWS\system32\netlogon.dll --a--- 407040 bytes [16:51 10/08/2004] [09:00 04/08/2004] 96353FCECBA774BB8DA74A1C6507015A

Searching for "eventlog.dll"
C:\i386\eventlog.dll --a--- 55808 bytes [08:27 01/07/2006] [09:00 04/08/2004] 82B24CB70E5944E6E34662205A2A5B78
C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\eventlog.dll --a--- 56320 bytes [23:45 13/03/2009] [00:11 14/04/2008] 6D4FEB43EE538FC5428CC7F0565AA656
C:\WINDOWS\system32\eventlog.dll --a--- 55808 bytes [16:51 10/08/2004] [09:00 04/08/2004] 82B24CB70E5944E6E34662205A2A5B78

Searching for "cngaudit.dll"
No files found.

-=End Of File=-

Hello.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:
  O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

I tried running malwarebytes again but again, it closed after 2 seconds after opening the program.

ran combofix also, still cant run malwarebytes and strangely google's search on firefox. Here's the log from combofix:

ComboFix 09-11-20.01 - user 11/20/2009 14:14.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.502.265 [GMT -5:00]
Running from: c:\documents and settings\user\Desktop\svchost.exe
AV: avast! antivirus 4.8.1335 [VPS 090812-0] *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\user\Application Data\.#
c:\documents and settings\user\Application Data\.#\MBX@3370@A14170.###
c:\documents and settings\user\Application Data\.#\MBX@3370@A141A0.###
c:\documents and settings\user\Application Data\.#\MBX@3370@A141D0.###
c:\windows\system32\actejgoj.ini
c:\windows\system32\drivers\pciide.sys

.
((((((((((((((((((((((((( Files Created from 2009-10-20 to 2009-11-20 )))))))))))))))))))))))))))))))
.

2009-11-20 19:14 . 2004-08-04 02:59 95360 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-20 19:14 . 2004-08-04 02:59 95360 ----a-w- c:\windows\system32\dllcache\atapi.sys
2009-11-20 05:07 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-20 05:07 . 2009-11-20 19:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-20 05:07 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-20 04:44 . 2009-11-20 05:27 -------- d-----w- c:\program files\Exterminate It!
2009-11-20 04:27 . 2009-11-20 04:27 -------- d-----w- c:\documents and settings\All Users\Application Data\IndigoRose
2009-11-20 04:27 . 2009-11-20 04:27 -------- d-----w- c:\program files\Setup Factory 8.0 Trial
2009-11-19 15:02 . 2009-11-19 15:02 -------- d-----w- c:\documents and settings\All Users\Application Data\EscapeTheMuseum2
2009-11-19 05:05 . 2009-11-19 05:05 -------- d-----w- c:\program files\Cybertek Games
2009-11-19 04:17 . 2009-11-20 19:08 -------- d-----w- c:\documents and settings\user\Application Data\MxBoost
2009-11-19 03:46 . 2009-11-20 05:05 -------- d-----w- c:\documents and settings\All Users\Application Data\PCPitstop
2009-11-15 00:23 . 2009-11-15 00:23 -------- d-----w- c:\program files\Brain Spa
2009-11-13 04:29 . 2009-11-13 17:23 -------- d-----w- c:\documents and settings\user\Application Data\ElementalsTheMagicKey
2009-11-13 03:43 . 2009-11-14 03:01 -------- d-----w- c:\program files\Elementals The Magic Key
2009-11-10 07:42 . 2009-11-10 07:42 -------- d-----w- c:\windows\Cooking Quest
2009-11-09 03:41 . 2009-11-09 03:41 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Namco Networks
2009-11-08 17:59 . 2009-11-08 17:59 -------- d-----w- c:\windows\Arctic Quest 2
2009-11-08 17:59 . 2009-11-08 18:00 -------- d-----w- c:\program files\Arctic Quest 2
2009-11-08 17:59 . 2009-11-08 17:59 -------- d-----w- c:\windows\Arctic Quest
2009-11-08 17:59 . 2009-11-08 22:03 -------- d-----w- c:\program files\Arctic Quest
2009-11-08 17:46 . 2009-11-08 17:46 -------- d-----w- c:\windows\Tinseltown Dreams
2009-11-02 04:50 . 2009-11-02 05:24 -------- d-----w- c:\documents and settings\user\Application Data\SquareLogic
2009-11-02 03:02 . 2009-11-02 03:02 -------- d-----w- c:\documents and settings\user\Application Data\URSE Games
2009-11-02 02:33 . 2009-11-02 02:33 -------- d-----w- c:\windows\Wisegal
2009-11-02 02:27 . 2009-11-02 02:27 -------- d-----w- c:\program files\Avernum 5
2009-11-02 02:27 . 2009-11-02 02:27 -------- d-----w- c:\windows\Avernum 5
2009-11-02 00:32 . 2009-11-02 00:32 -------- d-----w- c:\windows\Everyday Genius - Square Logic
2009-11-02 00:32 . 2009-11-02 00:32 -------- d-----w- c:\program files\Everyday Genius - Square Logic
2009-10-26 02:56 . 2009-10-26 02:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Wrinkle-free Games
2009-10-25 23:19 . 2009-10-25 23:19 -------- d-----w- c:\program files\Picket Fences
2009-10-25 23:19 . 2009-10-25 23:19 -------- d-----w- c:\windows\Picket Fences
2009-10-24 18:32 . 2009-10-24 18:32 -------- d-----w- c:\documents and settings\user\Application Data\Dekovir
2009-10-23 18:16 . 2009-10-23 18:16 -------- d-----w- c:\windows\Hidden Magic
2009-10-23 18:16 . 2009-10-23 18:16 -------- d-----w- c:\program files\Hidden Magic

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-20 19:03 . 2009-03-13 01:48 3476 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2009-11-20 04:40 . 2007-05-24 22:57 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-20 04:38 . 2008-06-14 07:58 -------- d-----w- c:\program files\SpywareBlaster
2009-11-20 04:15 . 2006-07-11 18:04 -------- d-----w- c:\documents and settings\user\Application Data\uTorrent
2009-11-19 05:11 . 2008-10-28 01:47 -------- d-----w- c:\program files\Games
2009-11-19 04:17 . 2008-06-14 16:08 -------- d-----w- c:\program files\Maxthon2
2009-11-19 04:08 . 2006-10-04 05:38 -------- d-----w- c:\program files\Maxthon
2009-11-19 03:46 . 2006-11-13 06:17 -------- d-----w- c:\program files\PCPitstop
2009-11-18 03:48 . 2008-10-12 00:52 -------- d-----w- c:\documents and settings\user\Application Data\Skype
2009-11-18 02:27 . 2008-10-12 00:54 -------- d-----w- c:\documents and settings\user\Application Data\skypePM
2009-11-17 17:39 . 2008-11-27 16:46 -------- d-----w- c:\documents and settings\user\Application Data\Ubisoft
2009-11-15 03:24 . 2008-11-09 15:31 -------- d-----w- c:\documents and settings\user\Application Data\MysteryStudio
2009-11-14 19:58 . 2008-10-14 23:32 -------- d-----w- c:\documents and settings\All Users\Application Data\MumboJumbo
2009-11-14 04:55 . 2009-10-15 10:22 -------- d-----w- c:\program files\Agatha Christie - Death on the Nile
2009-11-14 04:53 . 2009-09-28 17:43 -------- d-----w- c:\program files\Kitchen Brigade
2009-11-14 04:50 . 2009-10-05 04:57 -------- d-----w- c:\program files\World of Zellians
2009-11-14 04:48 . 2009-10-04 02:14 -------- d-----w- c:\program files\Alawar Games
2009-11-14 04:45 . 2009-09-08 17:14 -------- d-----w- c:\program files\Encore
2009-11-14 04:43 . 2009-10-10 15:13 -------- d-----w- c:\program files\Hidden World of Art 2 - Undercover Art Agent
2009-11-14 03:01 . 2009-10-05 02:38 -------- d-----w- c:\program files\iWin
2009-11-14 02:58 . 2009-08-01 14:13 -------- d-----w- c:\program files\Bookworm Adventures Volume 2
2009-11-13 04:29 . 2006-06-25 16:08 40840 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-08 18:00 . 2008-08-19 03:16 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst
2009-11-08 18:00 . 2008-08-15 03:37 -------- d-----w- c:\documents and settings\user\Application Data\PlayFirst
2009-11-08 04:12 . 2008-12-19 06:08 -------- d-----w- c:\documents and settings\user\Application Data\blg
2009-11-08 04:12 . 2008-12-19 06:08 -------- d-----w- c:\documents and settings\All Users\Application Data\blg
2009-11-05 07:04 . 2008-10-10 07:30 -------- d-----w- c:\documents and settings\user\Application Data\Hoyle
2009-11-02 07:03 . 2009-09-17 05:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Merscom
2009-11-02 07:03 . 2009-09-17 05:15 -------- d-----w- c:\documents and settings\user\Application Data\Merscom
2009-10-29 05:12 . 2008-05-22 17:18 177024 ----a-w- c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\2isekvic.default\FlashGot.exe
2009-10-18 17:43 . 2009-10-18 17:43 -------- d-----w- c:\documents and settings\user\Application Data\FloodLightGames
2009-10-18 17:43 . 2009-10-18 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\FloodLightGames
2009-10-17 02:48 . 2008-11-13 07:25 -------- d-----w- c:\documents and settings\user\Application Data\Flood Light Games
2009-10-17 02:48 . 2008-11-13 07:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Flood Light Games
2009-10-16 07:20 . 2009-09-25 07:20 3695616 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2009-10-16 07:20 . 2009-06-26 07:19 2353992 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-10-15 10:48 . 2009-10-15 10:47 -------- d-----w- c:\program files\Zombie Bowl O Rama
2009-10-15 03:43 . 2009-10-15 03:43 -------- d-----w- c:\documents and settings\user\Application Data\pixelStorm
2009-10-14 04:44 . 2009-10-13 17:14 -------- d-----w- c:\documents and settings\user\Application Data\Millennium_Saves
2009-10-13 16:07 . 2009-10-13 16:07 -------- d-----w- c:\documents and settings\user\Application Data\Enki Games
2009-10-13 16:07 . 2009-10-13 16:06 -------- d-----w- c:\program files\ Millennium A New Hope
2009-10-12 03:44 . 2008-12-22 10:58 -------- d-----w- c:\documents and settings\user\Application Data\Meridian93
2009-10-12 02:43 . 2009-10-12 02:42 -------- d-----w- c:\documents and settings\user\Application Data\MissTeriTale3
2009-10-11 04:47 . 2009-10-10 15:12 -------- d-----w- c:\program files\Heros Tale - Enhanced Edition
2009-10-11 04:39 . 2009-10-11 04:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Islands
2009-10-10 15:16 . 2009-10-10 15:14 -------- d-----w- c:\program files\Route 66
2009-10-09 14:52 . 2008-08-12 04:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Alawar Stargaze
2009-10-09 04:44 . 2009-10-09 04:44 -------- d-----w- c:\documents and settings\user\Application Data\Alawar
2009-10-06 04:03 . 2009-10-06 04:03 -------- d-----w- c:\program files\Bigfish Games
2009-10-05 05:20 . 2009-07-25 03:52 -------- d-----w- c:\documents and settings\user\Application Data\GameInvest
2009-10-04 07:07 . 2008-10-10 07:41 -------- d-----w- c:\documents and settings\user\Application Data\Hoyle FaceCreator
2009-10-03 15:14 . 2009-10-03 15:14 -------- d-----w- c:\documents and settings\user\Application Data\casanova
2009-10-03 04:19 . 2009-07-16 23:15 -------- d-----w- c:\documents and settings\user\Application Data\ERS G-Studio
2009-10-03 03:26 . 2009-04-17 07:41 -------- d-----w- c:\documents and settings\user\Application Data\Playrix Entertainment
2009-10-03 00:35 . 2009-10-03 00:35 -------- d-----w- c:\documents and settings\user\Application Data\Magic Academy 2
2009-09-30 02:43 . 2009-09-30 02:43 -------- d-----w- c:\program files\Eeezee Products
2009-09-28 18:27 . 2009-09-28 18:27 -------- d-----w- c:\documents and settings\user\Application Data\Freezetag
2009-09-28 18:03 . 2009-09-25 19:08 -------- d-----w- c:\program files\theclumsys
2009-09-28 17:56 . 2009-09-28 17:15 -------- d-----w- c:\program files\Microsoft DirectX SDK (August 2009)
2009-09-26 20:01 . 2008-08-30 07:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Fugazo
2009-09-26 03:18 . 2008-11-15 04:50 -------- d-----w- c:\documents and settings\user\Application Data\Gogii Games
2009-09-26 03:18 . 2008-11-15 04:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Gogii Games
2009-09-26 03:07 . 2009-09-26 03:07 -------- d-----w- c:\documents and settings\All Users\Application Data\SOS
2009-09-26 02:23 . 2009-09-26 02:23 -------- d-----w- c:\documents and settings\user\Application Data\FlyWheelGames
2009-09-25 19:11 . 2009-09-25 19:11 -------- d-----w- c:\documents and settings\user\Application Data\Sudden Games LLC
2009-09-25 19:09 . 2009-09-25 19:09 -------- d-----w- c:\program files\Shade Tree Games
2009-09-25 19:05 . 2009-09-25 19:05 -------- d-----w- c:\program files\Sudden Games
2009-09-25 06:17 . 2009-09-25 06:17 -------- d-----w- c:\program files\TextTwist 2
2009-09-25 04:12 . 2008-06-09 02:00 -------- d-----w- c:\documents and settings\All Users\Application Data\JollyBear
2009-09-25 03:46 . 2009-09-24 16:15 -------- d-----w- c:\program files\Peggle Deluxe
2009-09-24 16:16 . 2009-09-24 16:16 -------- d-----w- c:\documents and settings\user\Application Data\TheScruffs
2009-09-22 18:19 . 2009-09-22 18:19 -------- d-----w- c:\documents and settings\user\Application Data\TikisLab
2009-09-22 16:28 . 2009-09-22 16:28 -------- d-----w- c:\documents and settings\All Users\Application Data\MythPeople
2009-09-22 16:15 . 2009-09-22 16:15 -------- d-----w- c:\program files\Womens Murder Club Twice in a Blue Moon
2009-09-22 16:08 . 2009-09-22 16:08 -------- d-----w- c:\program files\Once Upon a Time in Chicago
2009-09-18 03:55 . 2009-01-08 19:04 153600 ----a-w- c:\documents and settings\user\Application Data\yoclient\native\lwjgl.dll
2009-09-14 01:56 . 2009-09-14 01:45 12496 ----a-w- c:\windows\MSPuzzle.dat
2009-09-04 21:44 . 2009-09-27 00:47 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 21:44 . 2009-09-27 00:47 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 21:44 . 2009-09-27 00:47 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-09-04 21:29 . 2009-09-27 00:47 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-09-04 21:29 . 2009-09-27 00:47 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-09-04 21:29 . 2009-09-27 00:47 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-09-04 21:29 . 2009-09-27 00:47 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-09-04 21:29 . 2009-09-27 00:47 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2008-06-09 00:53 . 2008-06-09 00:53 0 ----a-w- c:\program files\temp01
2006-07-07 03:12 . 2006-06-25 16:08 88 --sh--r- c:\windows\system32\C1771F8A0F.sys
2006-08-17 16:37 . 2006-06-25 16:08 4184 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"BrStsWnd"="c:\program files\Brownie\BrstsWnd.exe" [2007-08-01 815104]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-02-03 430080]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *\0lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check 2.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\EPSON Status Monitor 3 Environment Check 2.lnk
backup=c:\windows\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NETGEAR WG311v2 Smart Configuration.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\NETGEAR WG311v2 Smart Configuration.lnk
backup=c:\windows\pss\NETGEAR WG311v2 Smart Configuration.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^MagicDisc.lnk]
path=c:\documents and settings\user\Start Menu\Programs\Startup\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\700fc162
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\brastk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UMWdf"=2 (0x2)
"srservice"=2 (0x2)
"seclogon"=2 (0x2)
"mnmsrvc"=3 (0x3)
"Fax"=2 (0x2)
"EventSystem"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
"iPod Service"=3 (0x3)
"ose"=3 (0x3)
"usnjsvc"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"wscsvc"=2 (0x2)
"avast! Web Scanner"=3 (0x3)
"avast! Mail Scanner"=3 (0x3)
"Lavasoft Ad-Aware Service"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [6/26/2009 2:20 AM 64160]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7/26/2006 2:21 AM 685816]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [3/30/2008 9:34 AM 114768]
R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [7/15/2006 7:39 PM 78848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3/30/2008 9:34 AM 20560]
R2 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [11/18/2009 10:46 PM 90352]
S3 TimeServ;Time Service;c:\windows\system32\timeserv.exe [3/11/2007 3:06 AM 141584]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 2:06 PM 1028432]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - CLASSPNP_2
*Deregistered* - CLASSPNP_2
.
Contents of the 'Scheduled Tasks' folder

2009-11-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 07:20]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = about:blank
IE: Download All by FlashGet - c:\program files\FlashGet\jc_all.htm
IE: Download using FlashGet - c:\program files\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: {A12822CC-159C-41CF-BA28-11A533950B9E} = 192.168.1.1
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\2isekvic.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:blank
FF - plugin: c:\program files\Mozilla Firefox\plugins\npitunes.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Murder, She Wrote 1.00 - c:\program files\Games\Murder



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-20 14:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x82D681E8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf84f9fc3
\Driver\ACPI -> ACPI.sys @ 0xf828acb8
\Driver\atapi -> 0x82d681e8
IoDeviceObjectType -> ParseProcedure -> ntkrnlpa.exe @ 0x80581684
\Device\Harddisk0\DR0 -> ParseProcedure -> ntkrnlpa.exe @ 0x80581684
NDIS: Intel(R) PRO/100 VE Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xf8138ba0
PacketIndicateHandler -> NDIS.sys @ 0xf8145b21
SendHandler -> NDIS.sys @ 0xf812387b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(876)
c:\windows\system32\wininet.dll

- - - - - - - > 'explorer.exe'(2180)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Raxco\PerfectDisk10\PDAgent.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-11-20 14:36 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-20 19:36

Pre-Run: 11,775,574,016 bytes free
Post-Run: 11,885,559,808 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 4B2D748D5822C57527B0A4A65619C228

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?