Solved Looks like an MBR Rootkit

[Resolved] Looks like an MBR Rootkit

Initial Symptom: User received a warning about a Trojan and then the machine got painfully slow.

Just finished running all the scans and two suggested rootkit activity.
Here are the logs:


Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.17.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Compaq_Owner :: AJVJ-27E1513D96 [administrator]

17/01/2012 12:42:03 PM
mbam-log-2012-01-17 (12-42-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 173411
Time elapsed: 19 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-17 15:24:29
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-12 ST3160021A rev.8.11
Running: 3j5bdmcq.exe; Driver: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\kftcqfog.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys ZwCreateKey [0xF760C87E]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xEFC0AF3C]
SSDT Lbd.sys ZwSetValueKey [0xF760CBFE]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xEFC0AFE4]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xEFC0B080]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xEFC0B11C]

---- Kernel code sections - GMER 1.0.15 ----

? Lbd.sys The system cannot find the file specified. !

---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device \Driver\usbccgp \Device\000000e0 F78F4450
Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \Driver\00001673 \GLOBAL??\fcd2d17f avgtdix.sys
---- Processes - GMER 1.0.15 ----

Library C:\Documents (*** hidden *** ) @ C:\Documents [184] 0x00400000
Library C:\Documents (*** hidden *** ) @ C:\Documents [184] 0x10000000
Library C:\Documents (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [1708] 0x02A60000
Library C:\Documents (*** hidden *** ) @ c:\windows\system\hpsysdrv.exe [2672] 0x10000000
Library C:\Documents (*** hidden *** ) @ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [3520] 0x10000000
Library C:\Documents (*** hidden *** ) @ C:\WINDOWS\system32\ctfmon.exe [3936] 0x10000000
Library C:\Documents (*** hidden *** ) @ C:\HP\KBD\KBD.EXE [4004] 0x10000000
Library C:\Documents (*** hidden *** ) @ C:\WINDOWS\ALCXMNTR.EXE [4048] 0x10000000

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\$NtUninstallKB11693$\1965738080 0 bytes
File C:\WINDOWS\$NtUninstallKB11693$\4241674623 0 bytes
File C:\WINDOWS\$NtUninstallKB11693$\4241674623\Desktop.ini 4608 bytes
File C:\WINDOWS\$NtUninstallKB11693$\4241674623\L 0 bytes
File C:\WINDOWS\$NtUninstallKB11693$\4241674623\U 0 bytes

---- EOF - GMER 1.0.15 ----


aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-17 15:24:45
-----------------------------
15:24:45.078 OS Version: Windows 5.1.2600 Service Pack 3
15:24:45.078 Number of processors: 1 586 0x2F02
15:24:45.078 ComputerName: AJVJ-27E1513D96 UserName: Compaq_Owner
15:24:48.500 Initialize success
15:25:16.187 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-12
15:25:16.187 Disk 0 Vendor: ST3160021A 8.11 Size: 152627MB BusType: 3
15:25:16.234 Disk 0 MBR read successfully
15:25:16.234 Disk 0 MBR scan
15:25:16.234 Disk 0 unknown MBR code
15:25:16.250 Disk 0 Partition 1 00 0C FAT32 LBA RECOVERY 7138 MB offset 63
15:25:16.265 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 145487 MB offset 14619150
15:25:16.296 Disk 0 scanning sectors +312576705
15:25:16.484 Disk 0 scanning C:\WINDOWS\system32\drivers
15:25:49.390 Service scanning
15:25:50.531 Modules scanning
15:26:27.187 Module: C:\WINDOWS\system32\DRIVERS\avgtdix.sys **SUSPICIOUS**
15:26:53.875 Disk 0 trace - called modules:
15:26:53.953 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
15:26:54.500 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84d519c0]
15:26:54.500 3 CLASSPNP.SYS[f75fcfd7] -> nt!IofCallDriver -> \Device\00000067[0x84d8f550]
15:26:54.500 5 ACPI.sys[f7473620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-12[0x84d8f708]
15:26:54.500 Scan finished successfully
15:34:52.531 Disk 0 MBR has been saved successfully to "J:\MBR.dat "
15:34:52.546 The log file has been saved successfully to "J:\aswMBR.txt "

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Compaq_Owner at 15:35:10 on 2012-01-17
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.81 [GMT -6:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\EnGenius\Common\RegistryWriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\EnGenius\Common\RaUI.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.ca/
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=Q106&bd=presario&pf=desktop
uSearchURL,(Default) = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
mURLSearchHooks: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar3.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\3.0.1225.9868\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
uRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
mRun: [<NO NAME>]
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll "
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe "
mRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe "
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [SunJavaUpdateSched] c:\program files\java\jre6\bin\jusched.exe
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\compaq~1.lnk - c:\program files\compaq connections\5577497\program\Compaq Connections.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\engeni~1.lnk - c:\program files\engenius\common\RaUI.exe
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: {5E638779-1818-4754-A595-EF1C63B87A56}
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
LSP: mswsock.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - hxxp://www.photodex.com/pxplay.cab
TCP: Interfaces\{096B6432-EE26-4E41-B737-47FBCA4973FB} : DhcpNameServer = 192.168.0.1
Handler: intu-tt2010 - {97A0575E-2309-4e75-8509-B1F9390C4DE7} - c:\program files\turbotax 2010\ic2010pp.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 295248]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\engenius\common\RegistryWriter.exe [2010-5-3 75040]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 16720]
S3 ATIXPGAA;ATIXPGAA;\??\c:\pcdr5\atixpgaa.sys --> c:\pcdr5\ATIXPGAA.SYS [?]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 RAPIProtocol;Ralink RAPI Protocol Driver;c:\windows\system32\drivers\RAPIProtocol.sys [2010-5-3 16512]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2010-5-3 719616]
.
=============== Created Last 30 ================
.
2012-01-17 18:40:44 -------- d-----w- c:\documents and settings\compaq_owner\application data\Malwarebytes
2012-01-17 18:40:23 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-01-17 18:40:22 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-17 18:40:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-17 16:53:16 -------- d-----w- c:\documents and settings\compaq_owner\local settings\application data\adaware
2012-01-16 22:03:20 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-01-16 22:03:20 14592 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2012-01-16 22:00:53 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-01-16 22:00:53 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll
2011-12-26 03:22:14 -------- d-----w- c:\documents and settings\compaq_owner\application data\ZoomBrowser EX
2011-12-26 02:14:45 -------- d-----w- c:\documents and settings\compaq_owner\local settings\application data\CANON_INC
2011-12-25 23:02:04 -------- d-----w- c:\documents and settings\all users\application data\ZoomBrowser
2011-12-19 02:55:19 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
.
==================== Find3M ====================
.
2011-12-18 19:31:45 713472 ----a-w- c:\program files\RealPlayer.exe
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 16:39:42 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:28:36 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28:36 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37:08 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:02 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 15:36:45.23 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 29/12/2006 7:46:44 PM
System Uptime: 17/01/2012 10:27:11 AM (5 hours ago)
.
Motherboard: ASUSTek Computer INC. | | Amberine M
Processor: AMD Sempron(tm) Processor 3500+ | Socket 939 | 1790/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 142 GiB total, 99.586 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 1.186 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1348: 20/10/2011 1:03:58 PM - System Checkpoint
RP1349: 21/10/2011 1:33:00 PM - System Checkpoint
RP1350: 22/10/2011 2:33:05 PM - System Checkpoint
RP1351: 23/10/2011 3:02:04 PM - System Checkpoint
RP1352: 24/10/2011 3:12:33 PM - System Checkpoint
RP1353: 25/10/2011 4:01:40 PM - System Checkpoint
RP1354: 26/10/2011 4:24:48 PM - System Checkpoint
RP1355: 27/10/2011 4:25:48 PM - System Checkpoint
RP1356: 28/10/2011 5:12:49 PM - System Checkpoint
RP1357: 29/10/2011 6:23:24 PM - System Checkpoint
RP1358: 30/10/2011 7:10:01 PM - System Checkpoint
RP1359: 31/10/2011 7:12:53 PM - System Checkpoint
RP1360: 01/11/2011 7:14:00 PM - System Checkpoint
RP1361: 02/11/2011 8:00:50 PM - System Checkpoint
RP1362: 03/11/2011 8:38:11 PM - System Checkpoint
RP1363: 04/11/2011 10:26:47 PM - System Checkpoint
RP1364: 05/11/2011 10:27:06 PM - System Checkpoint
RP1365: 06/11/2011 10:30:48 PM - System Checkpoint
RP1366: 07/11/2011 10:48:01 PM - System Checkpoint
RP1367: 08/11/2011 11:12:39 PM - System Checkpoint
RP1368: 09/11/2011 3:00:46 AM - Software Distribution Service 3.0
RP1369: 10/11/2011 3:12:36 AM - System Checkpoint
RP1370: 11/11/2011 4:12:37 AM - System Checkpoint
RP1371: 12/11/2011 3:00:25 AM - Software Distribution Service 3.0
RP1372: 13/11/2011 3:26:36 AM - System Checkpoint
RP1373: 14/11/2011 4:26:37 AM - System Checkpoint
RP1374: 15/11/2011 5:26:36 AM - System Checkpoint
RP1375: 16/11/2011 6:26:37 AM - System Checkpoint
RP1376: 17/11/2011 7:32:48 AM - System Checkpoint
RP1377: 18/11/2011 8:26:37 AM - System Checkpoint
RP1378: 19/11/2011 9:26:41 AM - System Checkpoint
RP1379: 20/11/2011 9:41:01 AM - System Checkpoint
RP1380: 21/11/2011 11:03:51 AM - System Checkpoint
RP1381: 22/11/2011 12:00:00 PM - System Checkpoint
RP1382: 23/11/2011 12:41:47 PM - System Checkpoint
RP1383: 23/11/2011 9:46:48 PM - Installed Windows Media Player 10
RP1384: 23/11/2011 9:59:19 PM - Software Distribution Service 3.0
RP1385: 24/11/2011 10:37:31 PM - System Checkpoint
RP1386: 24/11/2011 11:41:29 PM - Software Distribution Service 3.0
RP1387: 26/11/2011 12:18:04 AM - System Checkpoint
RP1388: 27/11/2011 1:10:04 AM - System Checkpoint
RP1389: 28/11/2011 1:11:06 AM - System Checkpoint
RP1390: 29/11/2011 2:11:02 AM - System Checkpoint
RP1391: 30/11/2011 3:11:03 AM - System Checkpoint
RP1392: 01/12/2011 4:11:02 AM - System Checkpoint
RP1393: 02/12/2011 5:11:03 AM - System Checkpoint
RP1394: 03/12/2011 6:11:03 AM - System Checkpoint
RP1395: 04/12/2011 7:11:05 AM - System Checkpoint
RP1396: 05/12/2011 8:11:03 AM - System Checkpoint
RP1397: 06/12/2011 9:29:00 AM - System Checkpoint
RP1398: 08/12/2011 7:56:33 PM - System Checkpoint
RP1399: 09/12/2011 9:23:48 PM - System Checkpoint
RP1400: 10/12/2011 10:14:09 PM - System Checkpoint
RP1401: 11/12/2011 11:07:18 PM - System Checkpoint
RP1402: 13/12/2011 12:03:46 AM - System Checkpoint
RP1403: 13/12/2011 9:21:25 PM - Installed QuickTime
RP1404: 14/12/2011 10:04:50 PM - System Checkpoint
RP1405: 15/12/2011 3:00:59 AM - Software Distribution Service 3.0
RP1406: 15/12/2011 7:58:19 PM - Installed Ad-Aware
RP1407: 15/12/2011 7:59:31 PM - Installed Ad-Aware
RP1408: 16/12/2011 8:13:18 PM - System Checkpoint
RP1409: 17/12/2011 8:35:59 PM - System Checkpoint
RP1410: 18/12/2011 1:24:47 PM - Removed QuickTime
RP1411: 19/12/2011 1:55:02 PM - System Checkpoint
RP1412: 20/12/2011 1:59:37 PM - System Checkpoint
RP1413: 21/12/2011 2:58:31 PM - System Checkpoint
RP1414: 22/12/2011 2:59:41 PM - System Checkpoint
RP1415: 23/12/2011 4:00:41 PM - System Checkpoint
RP1416: 24/12/2011 4:44:15 PM - System Checkpoint
RP1417: 25/12/2011 5:59:56 PM - System Checkpoint
RP1418: 26/12/2011 6:41:09 PM - System Checkpoint
RP1419: 27/12/2011 7:40:19 PM - System Checkpoint
RP1420: 28/12/2011 8:47:33 PM - System Checkpoint
RP1421: 29/12/2011 10:21:58 PM - System Checkpoint
RP1422: 30/12/2011 11:08:02 PM - System Checkpoint
RP1423: 01/01/2012 12:08:03 AM - System Checkpoint
RP1424: 02/01/2012 1:08:02 AM - System Checkpoint
RP1425: 03/01/2012 2:08:02 AM - System Checkpoint
RP1426: 04/01/2012 3:08:00 AM - System Checkpoint
RP1427: 05/01/2012 3:50:53 AM - System Checkpoint
RP1428: 06/01/2012 9:54:53 AM - System Checkpoint
RP1429: 07/01/2012 10:16:58 AM - System Checkpoint
RP1430: 08/01/2012 10:51:00 AM - System Checkpoint
RP1431: 09/01/2012 11:17:29 AM - System Checkpoint
RP1432: 10/01/2012 11:23:09 AM - System Checkpoint
RP1433: 11/01/2012 3:00:59 AM - Software Distribution Service 3.0
RP1434: 12/01/2012 3:54:10 AM - System Checkpoint
RP1435: 13/01/2012 4:01:19 AM - System Checkpoint
RP1436: 14/01/2012 3:00:36 AM - Software Distribution Service 3.0
RP1437: 15/01/2012 3:31:53 AM - System Checkpoint
RP1438: 16/01/2012 4:20:18 AM - System Checkpoint
RP1439: 17/01/2012 4:59:06 AM - System Checkpoint
RP1440: 17/01/2012 9:54:41 AM - Removed J2SE Runtime Environment 5.0 Update 10
RP1441: 17/01/2012 10:14:52 AM - Removed J2SE Runtime Environment 5.0 Update 5
RP1442: 17/01/2012 10:46:37 AM - Removed Ad-Aware
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Adobe Flash Player 11 ActiveX
Adobe Reader 7.1.0
Agere Systems PCI-SV92PP Soft Modem
ArcSoft PhotoImpression
ArcSoft PhotoStudio 5.5
AstroPop Deluxe from Compaq (remove only)
ATI Control Panel
ATI Display Driver
AVG 2012
Barnyard Invasion from Compaq (remove only)
Bejeweled 2 Deluxe from Compaq (remove only)
Blackhawk Striker 2 from Compaq (remove only)
Blasterball 2 from Compaq (remove only)
Blasterball 2 Remix from Compaq (remove only)
Boggle Supreme from Compaq (remove only)
Bookworm Deluxe from Compaq (remove only)
Bounce Symphony from Compaq (remove only)
BufferChm
Canon CanoScan Toolbox 5.0
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.10
Canon Utilities EOS Sample Music
Canon Utilities EOS Utility
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
Canon Utilities Movie Uploader for YouTube
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CanoScan 4400F
CheckIt Diagnostics
Chuzzle Deluxe from Compaq (remove only)
Compaq Connections (remove only)
Compaq Game Console and games
Compaq Organize
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_LightScribePlugin
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Crystal Maze from Compaq (remove only)
CueTour
Customer Experience Enhancement
Destinations
DeviceManagementQFolder
Easy Internet Sign-up
EnGenius 11n Wireless USB Adapter
Enhanced Multimedia Keyboard Solution
EPSON Copy Utility
EPSON Photo Print
EPSON PhotoQuicker3.2
EPSON Printer Software
EPSON Smart Panel
EPSON TWAIN 5
EPSON User's Guide
Family Feud
FATE from Compaq (remove only)
FinePixViewer Ver.4.2
FUJIFILM USB Driver
FullDPAppQFolder
Garmin Trip and Waypoint Manager v5
Garmin USB Drivers
Garmin WebUpdater
Google Chrome
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
HP Boot Optimizer
HP Deskjet 1050 J410 series Basic Device Software
HP Deskjet 1050 J410 series Help
HP Deskjet 1050 J410 series Product Improvement Study
HP Image Zone 5.3
HP Imaging Device Functions 5.3
HP Photo Creations
HP Support Overview
HP Update
HPDiagnosticAlert
HpSdpAppCoreApp
ImageMixer VCD2 for FinePix
Ink Monitor
Insaniquarium Deluxe from Compaq (remove only)
InstantShareAlert
InstantShareDevices
InterVideo WinDVD Player
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) SE Runtime Environment 6 Update 1
Lemonade Tycoon 2 from Compaq (remove only)
Lexibox Deluxe from Compaq (remove only)
LightScribe 1.4.52.1
LiveUpdate Notice (Symantec Corporation)
Mah Jong Quest from Compaq (remove only)
Malwarebytes Anti-Malware version 1.60.0.1800
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour
Microsoft Office File Validation Add-In
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MicroStaff WINASPI
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Netscape Browser (remove only)
OneCare Advisor (Windows Live Toolbar)
PC-Doctor 5 for Windows
Photodex Presenter
PhotoGallery
Polar Bowler from Compaq (remove only)
Polar Golfer from Compaq (remove only)
Popup Blocker (Windows Live Toolbar)
Presto! PageManager 7.15.14
Protected Music Converter 0.99b
PS2
Puzzle Express from Compaq (remove only)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
Quicken 2006
RandMap
RAW FILE CONVERTER LE
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Remove WeatherBug Installer
Rhapsody Player Engine
Ricochet Lost Worlds from Compaq (remove only)
SA23xx Device Manager
ScanSoft OmniPage SE 4.0
ScanToWeb
SCRABBLE from Compaq (remove only)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Shooting Stars Pool from Compaq (remove only)
Shrek 2 Ogre Bowler from Compaq (remove only)
SkinsHP1
Slingo Deluxe from Compaq (remove only)
Smart Menus (Windows Live Toolbar)
Snowboard SuperJam from Compaq (remove only)
Sonic Express Labeler
Sonic Foundry CD Architect 5.0
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Super Granny from Compaq (remove only)
Sympatico 4.73
Tradewinds from Compaq (remove only)
TurboTax 2010
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB971029)
WebFldrs XP
WildTangent Web Driver
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Internet Explorer 8
Windows Live Favorites for Windows Live Toolbar
Windows Live ID Sign-in Assistant
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Zuma Deluxe from Compaq (remove only)
.
==== Event Viewer Messages From Past Week ========
.
17/01/2012 9:55:13 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
17/01/2012 1:15:22 PM, error: atapi [9] - The device, \Device\Ide\IdePort2, did not respond within the timeout period.
12/01/2012 9:29:57 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
12/01/2012 9:27:33 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
.
==== End Of File ===========================

 

I uninstalled AVG using AppCleaner.
Just ran ComboFix and it tells me it's expired.
It asks if I want to run in Reduced Functionality Mode or Cancel.
I cancelled and await your advice.

I grabbed Combofix from the first link you listed I'm sure.

 

Here is the combofix log.

ComboFix 12-01-18.04 - Compaq_Owner 18/01/2012 16:05:32.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.182 [GMT -6:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\SPL1B9.tmp
c:\documents and settings\All Users\SPL2B.tmp
c:\documents and settings\All Users\Start Menu\HP Image Zone .lnk
c:\documents and settings\Compaq_Owner\WINDOWS
c:\documents and settings\Default User\WINDOWS
c:\windows\$NtUninstallKB11693$
c:\windows\$NtUninstallKB11693$\1965738080
c:\windows\$NtUninstallKB11693$\4241674623\Desktop.ini
c:\windows\HPCPCUninstaller-6.3.2.116-5577497.exe
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\c696dc6f91044c3c.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\FE05DA0D.dll
c:\windows\system32\FE05EFED.dll
c:\windows\system32\FE05F051.dll
c:\windows\system32\FE05F17D.dll
c:\windows\system32\FE05F3D5.dll
c:\windows\system32\FE05F3D6.dll
c:\windows\system32\FE05F3D7.dll
c:\windows\system32\ps2.bat
c:\windows\system32\SET41A.tmp
c:\windows\system32\SET426.tmp
c:\windows\system32\SET46C.tmp
D:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2011-12-18 to 2012-01-18 )))))))))))))))))))))))))))))))
.
.
2012-01-17 18:40 . 2012-01-17 18:40 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Malwarebytes
2012-01-17 18:40 . 2012-01-17 18:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-01-17 18:40 . 2011-12-10 21:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-17 18:40 . 2012-01-17 18:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-17 16:53 . 2012-01-17 16:53 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\adaware
2012-01-16 22:03 . 2008-04-13 19:39 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-01-16 22:03 . 2008-04-13 19:39 14592 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2012-01-16 22:00 . 2008-04-14 01:11 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-01-16 22:00 . 2008-04-14 01:11 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll
2011-12-26 03:22 . 2011-12-26 03:22 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\ZoomBrowser EX
2011-12-26 02:14 . 2011-12-26 02:23 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\CANON_INC
2011-12-25 23:02 . 2011-12-25 23:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ZoomBrowser
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-18 19:56 . 2011-12-19 02:55 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-12-18 19:31 . 2011-12-18 19:30 713472 ----a-w- c:\program files\RealPlayer.exe
2011-11-25 21:57 . 2004-08-04 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25 . 2004-08-04 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 16:39 . 2011-06-05 01:14 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-18 12:35 . 2004-08-04 12:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2004-08-04 12:00 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2004-08-04 12:00 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-04 19:20 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:28 . 2004-08-04 12:00 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28 . 2004-08-04 12:00 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07 . 2004-08-04 12:00 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:37 . 2004-08-04 19:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-04 19:00 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update "= "c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
"Symantec PIF AlertEng "= "c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" [2007-11-29 583048]
"SSBkgdUpdate "= "c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4 "= "c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"WrtMon.exe "= "c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"HPBootOp "= "c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 1605740]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"adaware "= "reg.exe delete HKCU\Software\AppDataLow\Software\adaware" [X]
"adaware_XP "= "reg.exe delete HKCU\Software\adaware" [X]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring "=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring "=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring "=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe "=
"c:\\Program Files\\Messenger\\msmsgs.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\LimeWire\\LimeWire.exe "=
"c:\\WINDOWS\\system32\\mmc.exe "=
.
R3 ATIXPGAA;ATIXPGAA;c:\pcdr5\ATIXPGAA.SYS [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-17 c:\windows\Tasks\At1.job
- c:\program files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14 21:07]
.
2012-01-17 c:\windows\Tasks\At2.job
- c:\program files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14 21:07]
.
2012-01-17 c:\windows\Tasks\At3.job
- c:\program files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14 21:07]
.
2012-01-17 c:\windows\Tasks\At4.job
- c:\program files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14 21:07]
.
2012-01-18 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 17:20]
.
2012-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-994478819-1772163668-1953190781-1009Core.job
- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-06 00:58]
.
2012-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-994478819-1772163668-1953190781-1009UA.job
- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-06 00:58]
.
2012-01-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-994478819-1772163668-1953190781-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 22:02]
.
2012-01-12 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-994478819-1772163668-1953190781-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 22:02]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.ca/
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=Q106&bd=presario&pf=desktop
uSearchURL,(Default) = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
TCP: DhcpNameServer = 192.168.1.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-18 16:23
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(556)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3364)
c:\windows\system32\WININET.dll
c:\docume~1\COMPAQ~1\LOCALS~1\Temp\IadHide5.dll
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\EnGenius\Common\RegistryWriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Compaq Connections\5577497\Program\Compaq Connections.exe
c:\program files\EnGenius\Common\RaUI.exe
c:\windows\system32\spool\drivers\w32x86\3\WrtProc.exe
c:\windows\system32\wscntfy.exe
c:\hp\KBD\KBD.EXE
.
**************************************************************************
.
Completion time: 2012-01-18 16:40:17 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-18 22:40
.
Pre-Run: 109,417,029,632 bytes free
Post-Run: 110,301,605,888 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug= "do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS= "Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 333F0E7D1634FDEA71623EE3A4A0A4FA

 

Installed MSE and ran a scan.
Here is what it found:
TrojanDropper:Win32/Sirefef.B - Severe - Removed

OTL: (which is split, remainder is in the following post


OTL logfile created on: 19/01/2012 3:35:46 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

446.48 Mb Total Physical Memory | 141.71 Mb Available Physical Memory | 31.74% Memory free
1.03 Gb Paging File | 0.65 Gb Available in Paging File | 63.04% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.08 Gb Total Space | 102.87 Gb Free Space | 72.40% Space Free | Partition Type: NTFS
Drive D: | 6.96 Gb Total Space | 1.19 Gb Free Space | 17.04% Space Free | Partition Type: FAT32
Drive J: | 967.22 Mb Total Space | 936.84 Mb Free Space | 96.86% Space Free | Partition Type: FAT

Computer Name: AJVJ-27E1513D96 | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/19 10:12:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009/08/27 13:15:30 | 001,654,784 | ---- | M] (EnGenius Technologies.) -- C:\Program Files\EnGenius\Common\RaUI.exe
PRC - [2008/09/05 09:23:20 | 000,075,040 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\EnGenius\Common\RegistryWriter.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/11 12:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
PRC - [2006/09/19 16:05:32 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2005/11/12 18:51:38 | 000,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe


========== Modules (No Company Name) ==========

MOD - [2007/11/28 03:32:00 | 001,163,264 | ---- | M] () -- C:\Program Files\EnGenius\Common\acAuth.dll
MOD - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
MOD - [2006/09/19 16:05:32 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
MOD - [2005/11/12 18:51:36 | 000,151,589 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\bwfiles.dll
MOD - [2005/11/12 18:51:36 | 000,098,339 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\FrExt.dll
MOD - [2005/11/12 18:51:35 | 000,126,976 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\Program\HPClientExt.dll
MOD - [2005/11/12 18:51:35 | 000,061,496 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\clntutil.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/09/05 09:23:20 | 000,075,040 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\EnGenius\Common\RegistryWriter.exe -- (RalinkRegistryWriter)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2012/01/19 11:09:30 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F913BC5-F23D-4A94-9659-49A3DAA09ADD}\MpKslb15b831a.sys -- (MpKslb15b831a)
DRV - [2009/04/28 17:02:02 | 000,719,616 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2008/08/07 13:42:36 | 000,016,512 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RAPIProtocol.sys -- (RAPIProtocol)
DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/09/23 14:26:40 | 001,094,751 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/08/29 16:11:00 | 003,644,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/08/13 23:35:54 | 001,313,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/03/09 15:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/04 12:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2000/03/29 17:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=Q106&bd=presario&pf=desktop
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q106&bd=presario&pf=desktop
IE - HKU\.DEFAULT\..\URLSearchHook: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - SOFTWARE\Classes\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}\InprocServer32 File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=Q106&bd=presario&pf=desktop
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q106&bd=presario&pf=desktop
IE - HKU\S-1-5-18\..\URLSearchHook: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - SOFTWARE\Classes\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}\InprocServer32 File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-994478819-1772163668-1953190781-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-994478819-1772163668-1953190781-1009\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-994478819-1772163668-1953190781-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-994478819-1772163668-1953190781-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Netscape "

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Documents and Settings\Compaq_Owner\Application Data\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/18 14:14:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2006/12/30 11:21:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2008/08/28 21:19:44 | 000,000,000 | ---D | M]

[2008/12/17 22:05:49 | 000,046,763 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Netscape\NSB\Profiles\btf2orm0.default\searchplugins\AOL.src
[2008/12/17 22:06:30 | 000,047,161 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Netscape\NSB\Profiles\btf2orm0.default\searchplugins\NetscapeSearch.src

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Photodex Presenter Plugin (Enabled) = C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\plugins\npPxPlay.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

O1 HOSTS File: ([2012/01/18 16:23:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-994478819-1772163668-1953190781-1009\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-994478819-1772163668-1953190781-1009\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EnGenius Wireless Utility.lnk = C:\Program Files\EnGenius\Common\RaUI.exe (EnGenius Technologies.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-994478819-1772163668-1953190781-1009\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-994478819-1772163668-1953190781-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-994478819-1772163668-1953190781-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-994478819-1772163668-1953190781-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_24.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} http://www.photodex.com/pxplay.cab (Photodex Presenter AX control)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{096B6432-EE26-4E41-B737-47FBCA4973FB}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{785133AB-2801-40BD-AD0A-175447143EC8}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\intu-tt2010 {97A0575E-2309-4e75-8509-B1F9390C4DE7} - C:\Program Files\TurboTax 2010\ic2010pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/24 23:32:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

 

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/01/19 10:47:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/01/19 10:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/01/19 10:36:57 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/01/19 10:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Downloads
[2012/01/19 10:22:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/01/18 11:59:39 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/01/18 11:56:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/01/18 11:56:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/01/18 11:56:39 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/01/18 11:56:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/01/18 11:56:05 | 004,387,138 | R--- | C] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2012/01/18 09:10:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/18 09:09:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/17 12:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
[2012/01/17 12:40:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/17 12:40:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/01/17 12:40:22 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/17 12:40:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/17 10:53:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\adaware
[2011/12/25 21:22:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\ZoomBrowser EX
[2011/12/25 20:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\T2I-1
[2011/12/25 20:14:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\CANON_INC
[2011/12/25 17:02:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
[2011/12/25 16:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\Canon Inst. Manual
[2011/12/18 13:30:52 | 000,713,472 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RealPlayer.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/19 15:26:00 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-994478819-1772163668-1953190781-1009UA.job
[2012/01/19 14:47:01 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2012/01/19 10:52:21 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/01/19 10:48:04 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/01/19 10:37:38 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/19 10:12:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2012/01/19 10:10:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/01/18 16:40:50 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2012/01/18 16:23:19 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/01/18 16:23:17 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-994478819-1772163668-1953190781-1009.job
[2012/01/18 16:23:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/18 16:23:06 | 468,242,432 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/18 12:00:01 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/01/18 11:54:32 | 004,387,138 | R--- | M] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2012/01/17 14:00:02 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/01/17 12:40:27 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/16 21:43:03 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/01/16 20:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/01/16 19:26:02 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-994478819-1772163668-1953190781-1009Core.job
[2012/01/16 17:32:45 | 000,343,599 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/01/14 09:38:59 | 000,001,757 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\chaplain.rtf
[2012/01/12 20:09:51 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012/01/12 20:09:51 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012/01/11 18:53:05 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-994478819-1772163668-1953190781-1009.job
[2012/01/11 04:06:06 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/01/11 03:15:06 | 000,446,174 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/11 03:15:06 | 000,073,254 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/08 20:19:56 | 000,003,084 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\flood claim appeal.rtf
[2012/01/07 10:08:41 | 000,002,323 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/07 10:08:35 | 000,002,345 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Google Chrome.lnk
[2011/12/25 17:02:04 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZoomBrowser EX.lnk
[2011/12/25 17:00:22 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Picture Style Editor.lnk
[2011/12/25 17:00:17 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EOS Utility.lnk
[2011/12/25 16:59:21 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Digital Photo Professional.lnk
[2011/12/25 16:52:49 | 000,000,499 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to Canon Inst. Manual.lnk
[2011/12/21 08:04:30 | 000,000,327 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HP Printer Diagnostic Tools.url
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/19 10:52:19 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/01/19 10:48:04 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/01/19 10:46:40 | 000,001,688 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/01/18 11:56:39 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/18 11:56:39 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/18 11:56:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/18 11:56:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/18 11:56:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/01/17 12:40:27 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/08 20:19:55 | 000,003,084 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\flood claim appeal.rtf
[2012/01/04 12:35:21 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\chaplain.rtf
[2011/12/29 08:08:21 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/12/29 08:08:21 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/12/25 17:02:04 | 000,000,931 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ZoomBrowser EX.lnk
[2011/12/25 17:00:22 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Picture Style Editor.lnk
[2011/12/25 17:00:17 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EOS Utility.lnk
[2011/12/25 16:59:21 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Digital Photo Professional.lnk
[2011/12/25 16:52:49 | 000,000,499 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Shortcut to Canon Inst. Manual.lnk
[2011/12/21 08:04:30 | 000,000,327 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\HP Printer Diagnostic Tools.url
[2010/05/03 19:52:08 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010/05/03 19:52:08 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt2870.bin
[2010/01/07 13:06:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2010/01/07 13:02:49 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2010/01/07 12:58:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009/02/26 10:42:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2008/05/29 21:59:55 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXF3PMRC.DLL
[2008/01/30 00:07:13 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll
[2008/01/30 00:07:13 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll
[2008/01/30 00:05:02 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2008/01/30 00:05:02 | 000,003,136 | ---- | C] () -- C:\WINDOWS\Ade001.bin
[2008/01/30 00:05:02 | 000,000,072 | R--- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2007/10/09 01:34:10 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2007/09/02 20:46:15 | 000,006,585 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/02/18 20:29:34 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2007/01/06 23:20:35 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2007/01/06 19:45:11 | 000,004,896 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2007/01/03 19:46:47 | 000,001,474 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/01/03 16:09:51 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[2007/01/03 16:07:43 | 000,000,218 | ---- | C] () -- C:\WINDOWS\EPSON CX3200 Installer.ini
[2006/12/29 21:20:01 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/29 20:51:14 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2006/12/29 20:51:13 | 000,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2006/12/29 20:38:54 | 000,000,224 | ---- | C] () -- C:\WINDOWS\netscape.INI
[2006/12/29 20:23:35 | 000,022,028 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/12/29 20:23:10 | 000,632,110 | ---- | C] () -- C:\WINDOWS\cd32.exe
[2005/11/12 19:19:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/12 18:56:06 | 000,022,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2005/11/12 18:50:29 | 000,667,896 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2005/11/12 18:50:29 | 000,001,227 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2005/11/12 18:50:16 | 000,012,994 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/11/12 18:50:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/11/12 18:47:45 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/11/12 18:44:59 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/12 18:39:06 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/11/12 18:39:06 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/11/12 18:39:06 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/11/12 18:39:06 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/11/12 18:39:06 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/11/12 18:39:06 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/11/12 18:31:40 | 000,000,102 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/11/12 18:30:29 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2005/11/12 18:30:29 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2005/11/12 18:25:06 | 000,072,082 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2005/11/12 18:23:53 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/11/12 18:21:34 | 000,020,482 | ---- | C] () -- C:\WINDOWS\System32\el32reg.dll
[2005/11/12 18:19:55 | 000,104,361 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005/11/12 18:08:15 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/11/12 18:04:55 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/11/12 18:04:55 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/11/12 18:04:32 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/10/05 14:50:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/06/25 00:29:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/06/24 23:43:44 | 000,446,174 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/06/24 23:43:44 | 000,073,254 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/06/24 23:42:06 | 000,206,512 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/06/24 23:31:46 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/06/24 23:30:20 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/04 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/06/15 23:38:02 | 000,000,557 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/08 00:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 17:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 17:11:02 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

========== LOP Check ==========

[2010/10/18 21:16:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/10/18 21:27:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/05/03 19:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnGenius Driver
[2012/01/17 17:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/01/30 00:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2009/12/16 19:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/01/07 12:57:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2011/12/25 20:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Canon
[2008/01/31 16:00:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\EPSON
[2007/01/28 12:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\FUJIFILM
[2010/10/09 19:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GARMIN
[2006/12/29 21:53:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterVideo
[2007/08/20 20:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2008/05/29 22:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Lexmark Productivity Studio
[2007/05/20 22:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
[2010/05/04 22:01:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MSNInstaller
[2007/08/31 23:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Netscape
[2010/01/07 17:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\NewSoft
[2010/01/07 12:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\ScanSoft
[2010/01/31 10:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\School Zone Preferences
[2007/01/06 20:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template
[2010/01/07 21:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Tific
[2008/03/04 15:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WinBatch
[2012/01/19 10:10:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012/01/16 20:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2012/01/16 21:43:03 | 000,000,464 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2012/01/17 14:00:02 | 000,000,464 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2012/01/19 14:47:01 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
[2012/01/19 10:52:21 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2005/06/24 23:32:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/12/29 20:26:54 | 000,000,283 | ---- | M] () -- C:\Boot.bak
[2012/01/18 12:00:01 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/04 06:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2012/01/18 16:40:18 | 000,012,347 | ---- | M] () -- C:\ComboFix.txt
[2005/06/24 23:32:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/12/31 10:27:03 | 000,000,520 | ---- | M] () -- C:\ez_log.htm
[2012/01/18 16:23:06 | 468,242,432 | -HS- | M] () -- C:\hiberfil.sys
[2005/06/24 23:32:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/01/05 16:43:36 | 000,000,151 | ---- | M] () -- C:\liprefs.js
[2011/06/15 09:41:24 | 000,000,696 | ---- | M] () -- C:\lxdd.log
[2005/06/24 23:32:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/08/26 22:38:44 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/01/18 16:23:04 | 704,643,072 | -HS- | M] () -- C:\pagefile.sys
[2007/08/31 23:54:23 | 000,001,732 | ---- | M] () -- C:\photodex-presenter-install.log
[2010/05/02 22:27:39 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2010/05/03 08:39:11 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2010/05/03 20:24:51 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2010/05/03 22:54:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2010/05/04 08:49:36 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2010/05/04 09:17:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2010/05/04 18:51:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2010/05/04 23:19:13 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2010/05/05 08:31:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2010/05/06 00:05:30 | 000,000,172 | -H-- | M] () -- C:\sqmdata09.sqm
[2010/05/06 23:53:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2010/05/07 23:34:01 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2010/05/09 00:30:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2010/05/09 22:19:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2010/05/10 08:39:07 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2010/05/01 20:33:21 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2010/05/01 22:09:24 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2010/05/02 13:17:23 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2010/05/02 19:07:52 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2010/05/03 16:29:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2010/05/02 22:27:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2010/05/03 08:39:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2010/05/03 16:29:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2010/05/03 20:24:51 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2010/05/03 22:54:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2010/05/04 08:49:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2010/05/04 09:17:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2010/05/04 18:51:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2010/05/04 23:19:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010/05/05 08:31:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010/05/06 00:05:30 | 000,000,172 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010/05/06 23:53:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010/05/07 23:34:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2010/05/09 00:30:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2010/05/09 22:19:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2010/05/10 08:39:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2010/05/01 20:33:21 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2010/05/01 22:09:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2010/05/02 13:17:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2010/05/02 19:07:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2006/03/16 10:29:12 | 000,386,038 | ---- | M] () -- C:\testlog.html
[2009/09/28 23:17:34 | 000,000,838 | ---- | M] () -- C:\updatedatfix.log

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >
[2005/05/12 08:36:48 | 000,012,288 | ---- | M] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll

< %systemroot%\Fonts\*.ini >
[2005/06/24 23:31:38 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 06:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 12:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 04:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2011/12/18 13:31:45 | 000,713,472 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RealPlayer.exe

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2005/06/24 16:25:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2005/06/24 16:25:14 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2005/06/24 16:25:14 | 000,884,736 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/08/26 22:49:38 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/12/29 20:01:44 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2005/06/24 23:42:40 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2012/01/18 11:54:32 | 004,387,138 | R--- | M] (Swearware) -- C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
[2007/01/15 18:32:26 | 000,346,696 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\minibuginstaller.exe
[2012/01/19 10:12:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2010/11/05 19:49:21 | 016,883,056 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Compaq_Owner\My Documents\IE8-WindowsXP-x86-ENU.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/04 06:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\ADDINS\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2006/12/29 20:00:56 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Favorites\Desktop.ini
[2005/11/12 18:59:22 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Favorites\eBay.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/04/21 17:30:04 | 000,004,240 | ---- | M] () -- C:\Documents and Settings\All Users\lxdd

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2012/01/13 23:59:29 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Compaq_Owner\Cookies\desktop.ini
[2012/01/19 15:34:37 | 000,311,296 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 18:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 09:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 09:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 08:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 11:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 18:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 09:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 09:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 09:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 09:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 09:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >
[1998/05/07 10:04:38 | 000,052,736 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\system\hpsysdrv.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

 

Attach log:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 29/12/2006 7:46:44 PM
System Uptime: 17/01/2012 10:27:11 AM (5 hours ago)
.
Motherboard: ASUSTek Computer INC. | | Amberine M
Processor: AMD Sempron(tm) Processor 3500+ | Socket 939 | 1790/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 142 GiB total, 99.586 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 1.186 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1348: 20/10/2011 1:03:58 PM - System Checkpoint
RP1349: 21/10/2011 1:33:00 PM - System Checkpoint
RP1350: 22/10/2011 2:33:05 PM - System Checkpoint
RP1351: 23/10/2011 3:02:04 PM - System Checkpoint
RP1352: 24/10/2011 3:12:33 PM - System Checkpoint
RP1353: 25/10/2011 4:01:40 PM - System Checkpoint
RP1354: 26/10/2011 4:24:48 PM - System Checkpoint
RP1355: 27/10/2011 4:25:48 PM - System Checkpoint
RP1356: 28/10/2011 5:12:49 PM - System Checkpoint
RP1357: 29/10/2011 6:23:24 PM - System Checkpoint
RP1358: 30/10/2011 7:10:01 PM - System Checkpoint
RP1359: 31/10/2011 7:12:53 PM - System Checkpoint
RP1360: 01/11/2011 7:14:00 PM - System Checkpoint
RP1361: 02/11/2011 8:00:50 PM - System Checkpoint
RP1362: 03/11/2011 8:38:11 PM - System Checkpoint
RP1363: 04/11/2011 10:26:47 PM - System Checkpoint
RP1364: 05/11/2011 10:27:06 PM - System Checkpoint
RP1365: 06/11/2011 10:30:48 PM - System Checkpoint
RP1366: 07/11/2011 10:48:01 PM - System Checkpoint
RP1367: 08/11/2011 11:12:39 PM - System Checkpoint
RP1368: 09/11/2011 3:00:46 AM - Software Distribution Service 3.0
RP1369: 10/11/2011 3:12:36 AM - System Checkpoint
RP1370: 11/11/2011 4:12:37 AM - System Checkpoint
RP1371: 12/11/2011 3:00:25 AM - Software Distribution Service 3.0
RP1372: 13/11/2011 3:26:36 AM - System Checkpoint
RP1373: 14/11/2011 4:26:37 AM - System Checkpoint
RP1374: 15/11/2011 5:26:36 AM - System Checkpoint
RP1375: 16/11/2011 6:26:37 AM - System Checkpoint
RP1376: 17/11/2011 7:32:48 AM - System Checkpoint
RP1377: 18/11/2011 8:26:37 AM - System Checkpoint
RP1378: 19/11/2011 9:26:41 AM - System Checkpoint
RP1379: 20/11/2011 9:41:01 AM - System Checkpoint
RP1380: 21/11/2011 11:03:51 AM - System Checkpoint
RP1381: 22/11/2011 12:00:00 PM - System Checkpoint
RP1382: 23/11/2011 12:41:47 PM - System Checkpoint
RP1383: 23/11/2011 9:46:48 PM - Installed Windows Media Player 10
RP1384: 23/11/2011 9:59:19 PM - Software Distribution Service 3.0
RP1385: 24/11/2011 10:37:31 PM - System Checkpoint
RP1386: 24/11/2011 11:41:29 PM - Software Distribution Service 3.0
RP1387: 26/11/2011 12:18:04 AM - System Checkpoint
RP1388: 27/11/2011 1:10:04 AM - System Checkpoint
RP1389: 28/11/2011 1:11:06 AM - System Checkpoint
RP1390: 29/11/2011 2:11:02 AM - System Checkpoint
RP1391: 30/11/2011 3:11:03 AM - System Checkpoint
RP1392: 01/12/2011 4:11:02 AM - System Checkpoint
RP1393: 02/12/2011 5:11:03 AM - System Checkpoint
RP1394: 03/12/2011 6:11:03 AM - System Checkpoint
RP1395: 04/12/2011 7:11:05 AM - System Checkpoint
RP1396: 05/12/2011 8:11:03 AM - System Checkpoint
RP1397: 06/12/2011 9:29:00 AM - System Checkpoint
RP1398: 08/12/2011 7:56:33 PM - System Checkpoint
RP1399: 09/12/2011 9:23:48 PM - System Checkpoint
RP1400: 10/12/2011 10:14:09 PM - System Checkpoint
RP1401: 11/12/2011 11:07:18 PM - System Checkpoint
RP1402: 13/12/2011 12:03:46 AM - System Checkpoint
RP1403: 13/12/2011 9:21:25 PM - Installed QuickTime
RP1404: 14/12/2011 10:04:50 PM - System Checkpoint
RP1405: 15/12/2011 3:00:59 AM - Software Distribution Service 3.0
RP1406: 15/12/2011 7:58:19 PM - Installed Ad-Aware
RP1407: 15/12/2011 7:59:31 PM - Installed Ad-Aware
RP1408: 16/12/2011 8:13:18 PM - System Checkpoint
RP1409: 17/12/2011 8:35:59 PM - System Checkpoint
RP1410: 18/12/2011 1:24:47 PM - Removed QuickTime
RP1411: 19/12/2011 1:55:02 PM - System Checkpoint
RP1412: 20/12/2011 1:59:37 PM - System Checkpoint
RP1413: 21/12/2011 2:58:31 PM - System Checkpoint
RP1414: 22/12/2011 2:59:41 PM - System Checkpoint
RP1415: 23/12/2011 4:00:41 PM - System Checkpoint
RP1416: 24/12/2011 4:44:15 PM - System Checkpoint
RP1417: 25/12/2011 5:59:56 PM - System Checkpoint
RP1418: 26/12/2011 6:41:09 PM - System Checkpoint
RP1419: 27/12/2011 7:40:19 PM - System Checkpoint
RP1420: 28/12/2011 8:47:33 PM - System Checkpoint
RP1421: 29/12/2011 10:21:58 PM - System Checkpoint
RP1422: 30/12/2011 11:08:02 PM - System Checkpoint
RP1423: 01/01/2012 12:08:03 AM - System Checkpoint
RP1424: 02/01/2012 1:08:02 AM - System Checkpoint
RP1425: 03/01/2012 2:08:02 AM - System Checkpoint
RP1426: 04/01/2012 3:08:00 AM - System Checkpoint
RP1427: 05/01/2012 3:50:53 AM - System Checkpoint
RP1428: 06/01/2012 9:54:53 AM - System Checkpoint
RP1429: 07/01/2012 10:16:58 AM - System Checkpoint
RP1430: 08/01/2012 10:51:00 AM - System Checkpoint
RP1431: 09/01/2012 11:17:29 AM - System Checkpoint
RP1432: 10/01/2012 11:23:09 AM - System Checkpoint
RP1433: 11/01/2012 3:00:59 AM - Software Distribution Service 3.0
RP1434: 12/01/2012 3:54:10 AM - System Checkpoint
RP1435: 13/01/2012 4:01:19 AM - System Checkpoint
RP1436: 14/01/2012 3:00:36 AM - Software Distribution Service 3.0
RP1437: 15/01/2012 3:31:53 AM - System Checkpoint
RP1438: 16/01/2012 4:20:18 AM - System Checkpoint
RP1439: 17/01/2012 4:59:06 AM - System Checkpoint
RP1440: 17/01/2012 9:54:41 AM - Removed J2SE Runtime Environment 5.0 Update 10
RP1441: 17/01/2012 10:14:52 AM - Removed J2SE Runtime Environment 5.0 Update 5
RP1442: 17/01/2012 10:46:37 AM - Removed Ad-Aware
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Adobe Flash Player 11 ActiveX
Adobe Reader 7.1.0
Agere Systems PCI-SV92PP Soft Modem
ArcSoft PhotoImpression
ArcSoft PhotoStudio 5.5
AstroPop Deluxe from Compaq (remove only)
ATI Control Panel
ATI Display Driver
AVG 2012
Barnyard Invasion from Compaq (remove only)
Bejeweled 2 Deluxe from Compaq (remove only)
Blackhawk Striker 2 from Compaq (remove only)
Blasterball 2 from Compaq (remove only)
Blasterball 2 Remix from Compaq (remove only)
Boggle Supreme from Compaq (remove only)
Bookworm Deluxe from Compaq (remove only)
Bounce Symphony from Compaq (remove only)
BufferChm
Canon CanoScan Toolbox 5.0
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.10
Canon Utilities EOS Sample Music
Canon Utilities EOS Utility
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
Canon Utilities Movie Uploader for YouTube
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CanoScan 4400F
CheckIt Diagnostics
Chuzzle Deluxe from Compaq (remove only)
Compaq Connections (remove only)
Compaq Game Console and games
Compaq Organize
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_LightScribePlugin
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Crystal Maze from Compaq (remove only)
CueTour
Customer Experience Enhancement
Destinations
DeviceManagementQFolder
Easy Internet Sign-up
EnGenius 11n Wireless USB Adapter
Enhanced Multimedia Keyboard Solution
EPSON Copy Utility
EPSON Photo Print
EPSON PhotoQuicker3.2
EPSON Printer Software
EPSON Smart Panel
EPSON TWAIN 5
EPSON User's Guide
Family Feud
FATE from Compaq (remove only)
FinePixViewer Ver.4.2
FUJIFILM USB Driver
FullDPAppQFolder
Garmin Trip and Waypoint Manager v5
Garmin USB Drivers
Garmin WebUpdater
Google Chrome
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
HP Boot Optimizer
HP Deskjet 1050 J410 series Basic Device Software
HP Deskjet 1050 J410 series Help
HP Deskjet 1050 J410 series Product Improvement Study
HP Image Zone 5.3
HP Imaging Device Functions 5.3
HP Photo Creations
HP Support Overview
HP Update
HPDiagnosticAlert
HpSdpAppCoreApp
ImageMixer VCD2 for FinePix
Ink Monitor
Insaniquarium Deluxe from Compaq (remove only)
InstantShareAlert
InstantShareDevices
InterVideo WinDVD Player
Java Auto Updater
Java(TM) 6 Update 24
Java(TM) SE Runtime Environment 6 Update 1
Lemonade Tycoon 2 from Compaq (remove only)
Lexibox Deluxe from Compaq (remove only)
LightScribe 1.4.52.1
LiveUpdate Notice (Symantec Corporation)
Mah Jong Quest from Compaq (remove only)
Malwarebytes Anti-Malware version 1.60.0.1800
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour
Microsoft Office File Validation Add-In
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MicroStaff WINASPI
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Netscape Browser (remove only)
OneCare Advisor (Windows Live Toolbar)
PC-Doctor 5 for Windows
Photodex Presenter
PhotoGallery
Polar Bowler from Compaq (remove only)
Polar Golfer from Compaq (remove only)
Popup Blocker (Windows Live Toolbar)
Presto! PageManager 7.15.14
Protected Music Converter 0.99b
PS2
Puzzle Express from Compaq (remove only)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
Quicken 2006
RandMap
RAW FILE CONVERTER LE
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Remove WeatherBug Installer
Rhapsody Player Engine
Ricochet Lost Worlds from Compaq (remove only)
SA23xx Device Manager
ScanSoft OmniPage SE 4.0
ScanToWeb
SCRABBLE from Compaq (remove only)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Shooting Stars Pool from Compaq (remove only)
Shrek 2 Ogre Bowler from Compaq (remove only)
SkinsHP1
Slingo Deluxe from Compaq (remove only)
Smart Menus (Windows Live Toolbar)
Snowboard SuperJam from Compaq (remove only)
Sonic Express Labeler
Sonic Foundry CD Architect 5.0
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Super Granny from Compaq (remove only)
Sympatico 4.73
Tradewinds from Compaq (remove only)
TurboTax 2010
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB971029)
WebFldrs XP
WildTangent Web Driver
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Internet Explorer 8
Windows Live Favorites for Windows Live Toolbar
Windows Live ID Sign-in Assistant
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Zuma Deluxe from Compaq (remove only)
.
==== Event Viewer Messages From Past Week ========
.
17/01/2012 9:55:13 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
17/01/2012 1:15:22 PM, error: atapi [9] - The device, \Device\Ide\IdePort2, did not respond within the timeout period.
12/01/2012 9:29:57 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
12/01/2012 9:27:33 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
.
==== End Of File ===========================

 

It seems to be much better than it was before we started this whole process.
So I'd say, yes, it's doing better.

 

Here are the log files:

OTL Log:
All processes killed
========== OTL ==========
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{6c97a91e-4524-4019-86af-2aa2d567bf5c} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}\ not found.
Registry value HKEY_USERS\S-1-5-21-994478819-1772163668-1953190781-1009\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\adaware deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\adaware_XP deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\adaware not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\adaware_XP not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control Garmin Communicator Plug-In
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
C:\Documents and Settings\All Users\Application Data\avg9\update\prepare\temp folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\update\prepare folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\update\backup folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\update folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\Temp folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\scanlogs folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\Log folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\emc folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\Dumps folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\CfgAll folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\Cfg folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\AvgApi folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\AvgAm folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9\admincli folder moved successfully.
C:\Documents and Settings\All Users\Application Data\avg9 folder moved successfully.
C:\WINDOWS\Tasks\At1.job moved successfully.
C:\WINDOWS\Tasks\At2.job moved successfully.
C:\WINDOWS\Tasks\At3.job moved successfully.
C:\WINDOWS\Tasks\At4.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Compaq_Owner
->Temp folder emptied: 24613 bytes
->Temporary Internet Files folder emptied: 82322 bytes
->Java cache emptied: 421 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 470 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32969 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 10522 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 48442 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1585 bytes

Total Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Compaq_Owner
->Java cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Compaq_Owner
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 01202012_154001

Files\Folders moved on Reboot...
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\IadHide5.dll moved successfully.

Registry entries deleted on Reboot...

Security Check Log:
Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
OneCare Advisor (Windows Live Toolbar)
Microsoft Security Essentials
```````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 30
Java(TM) SE Runtime Environment 6 Update 1
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````

Fasbar Service Scanner Log:
Farbar Service Scanner Version: 18-01-2012 01
Ran by Compaq_Owner (administrator) on 20-01-2012 at 15:59:11
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(8) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000900000005000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

ESET Log:
C:\hp\bin\wbug\CompaqPresario_Spring06.exe a variant of Win32/Toolbar.MyWebSearch application deleted - quarantined
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP1447\A0169697.exe a variant of Win32/Toolbar.MyWebSearch application deleted - quarantined
D:\I386\Apps\APP24108\src\CompaqPresario_Spring06.exe a variant of Win32/Toolbar.MyWebSearch application deleted - quarantined
D:\I386\Apps\APP24108\src\HPPavillion_Spring06.exe a variant of Win32/Toolbar.MyWebSearch application deleted - quarantined
D:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP1447\A0169698.exe a variant of Win32/Toolbar.MyWebSearch application deleted - quarantined
D:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP1447\A0169699.exe a variant of Win32/Toolbar.MyWebSearch application deleted - quarantined

 

Machine is doing very well. I'm just applying some Microsoft Updates to make things are completely up to date.

What do you think about running CCCleaner or something similar? On another machine I cleaned up, performance was really bad even after cleaning things with assistance from this site. But it improved quite a bit after I ran CCCleaner.
There were literally thousands of unnecessary entries in the registry because of what some of the malware had done.

 

Oh and thank you so very much for your assistance.