Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:30:06 PM, on 4/30/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\carl.NETVISTA1\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.mc500.mail.yahoo.com/mc/welcome?.gx=1&.tm=1277855676&.rand=av6e9uno1nir8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:30:06 PM, on 4/30/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\carl.NETVISTA1\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.mc500.mail.yahoo.com/mc/welcome?.gx=1&.tm=1277855676&.rand=av6e9uno1nir8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:30:06 PM, on 4/30/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\carl.NETVISTA1\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.mc500.mail.yahoo.com/mc/welcome?.gx=1&.tm=1277855676&.rand=av6e9uno1nir8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:30:06 PM, on 4/30/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\carl.NETVISTA1\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.mc500.mail.yahoo.com/mc/welcome?.gx=1&.tm=1277855676&.rand=av6e9uno1nir8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5

Please visit this webpage for a tutorial on downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

See the area: Using ComboFix, and when done, post the log back here.

ComboFix 11-05-06.05 - carl 05/07/2011 8:44.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.1013 [GMT -4]
Running from: c:\documents and settings\carl.NETVISTA1\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Downloaded Installers
.
.
((((((((((((((((((((((((( Files Created from 2011-04-07 to 2011-05-07 )))))))))))))))))))))))))))))))
.
.
2011-04-29 20:48 . 2011-04-29 20:49 -------- dc----w- c:\program files\Microsoft SQL Server
2011-04-29 16:44 . 2011-04-29 16:44 -------- d-----w- c:\documents and settings\john\Application Data\vlc
2011-04-28 12:39 . 2011-04-28 12:39 -------- d-----w- c:\documents and settings\carl.NETVISTA1\Application Data\E-centives
2011-04-26 16:30 . 2011-04-26 16:30 -------- d-----w- c:\documents and settings\carl.NETVISTA1\Local Settings\Application Data\PCHealth
2011-04-26 16:12 . 2011-04-26 16:12 -------- dc----w- C:\Intel
2011-04-26 13:41 . 2011-04-26 13:40 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-26 13:14 . 2011-04-26 13:25 -------- dc----w- c:\program files\Intel
2011-04-26 00:26 . 2011-04-26 00:26 -------- dc----w- C:\DVRA04
2011-04-26 00:04 . 2011-04-26 00:04 -------- dc----w- C:\SYSCHK
2011-04-25 23:56 . 2000-02-23 11:24 3888 ----a-w- c:\windows\system32\drivers\DMICall.sys
2011-04-25 23:56 . 2011-04-25 23:56 -------- d-----w- c:\program files\Common Files\Sony Shared
2011-04-23 15:01 . 2011-04-23 15:01 -------- d-----w- c:\documents and settings\Administrator
2011-04-21 23:51 . 2011-04-21 23:51 -------- dc----w- c:\program files\SearchPredict
2011-04-21 23:51 . 2011-04-21 23:52 -------- dc----w- c:\program files\SpeedBit Video Downloader
2011-04-21 15:55 . 2011-04-21 15:55 -------- d-----w- c:\windows\LastGood(4)
2011-04-21 15:55 . 2011-04-21 15:55 -------- d-----w- c:\windows\LastGood(3)
2011-04-21 15:51 . 2011-04-21 15:51 -------- d-----w- c:\windows\LastGood(2)
2011-04-21 14:37 . 2011-04-21 23:51 -------- d-----w- c:\documents and settings\carl.NETVISTA1\Application Data\Toolbar4
2011-04-21 14:37 . 2011-04-21 23:51 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit
2011-04-21 14:37 . 1998-12-05 17:18 172032 ----a-w- c:\windows\system32\AniGIF.ocx
2011-04-20 02:01 . 2011-02-23 20:54 29520 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-04-20 02:01 . 2011-02-23 21:04 13496 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-04-19 01:45 . 2010-04-28 11:44 54760 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2011-04-19 01:44 . 2011-04-19 01:44 -------- dc----w- c:\program files\Microsoft Sync Framework
2011-04-18 22:50 . 2011-04-30 23:23 142296 -c--a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-04-18 22:50 . 2011-04-30 23:23 781272 -c--a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-04-18 22:50 . 2011-04-30 23:23 1874904 -c--a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-04-18 22:50 . 2011-04-30 23:23 89048 -c--a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-04-18 22:50 . 2011-04-30 23:23 465880 -c--a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-04-18 22:50 . 2011-04-30 23:23 15832 -c--a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-04-18 22:50 . 2011-04-30 23:23 1892184 -c--a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-04-18 22:50 . 2011-04-30 23:23 1974616 -c--a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-04-18 22:12 . 2011-04-18 22:37 -------- dc----w- c:\program files\Mozilla Firefox 4.0 Beta 12
2011-04-16 19:56 . 2011-04-16 19:56 -------- d-----w- c:\documents and settings\carl.NETVISTA1\Application Data\DDMSettings
2011-04-16 19:47 . 2011-04-16 19:54 -------- dc----w- c:\program files\DivX
2011-04-16 19:40 . 2011-04-17 15:06 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2011-04-15 22:07 . 2011-04-15 22:13 -------- d-----w- c:\documents and settings\carl.NETVISTA1\.VirtualBox
2011-04-15 22:04 . 2011-02-17 22:06 160560 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-04-15 22:04 . 2011-02-17 22:06 44784 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-04-14 23:47 . 2011-04-14 23:47 -------- d-----w- c:\program files\Common Files\xing shared
2011-04-14 15:32 . 2011-04-14 15:32 -------- d-----w- c:\documents and settings\NetworkService\Application Data\DivX
2011-04-13 22:40 . 2011-04-13 22:40 4284416 -c--a-w- c:\windows\system32\GPhotos.scr
2011-04-13 21:42 . 2011-04-13 21:42 -------- d-----w- c:\documents and settings\carl.NETVISTA1\Application Data\AnvSoft
2011-04-13 21:42 . 2011-04-15 00:55 -------- dc----w- c:\program files\AnvSoft
2011-04-12 02:19 . 2011-04-12 02:19 -------- dc----w- c:\program files\Belarc
2011-04-12 02:19 . 2008-02-27 17:49 3840 ----a-w- c:\windows\system32\drivers\BANTExt.sys
2011-04-12 01:38 . 2011-04-12 01:38 -------- dc----w- c:\program files\Microsoft SQL Server Compact Edition
2011-04-11 05:51 . 2011-04-18 17:17 307288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-11 05:51 . 2011-04-18 17:12 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-11 05:51 . 2011-04-18 17:16 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-11 05:51 . 2011-04-18 17:13 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-11 05:51 . 2011-04-18 17:17 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-11 05:51 . 2011-04-18 17:16 102488 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-11 05:51 . 2011-04-18 17:16 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-11 05:51 . 2011-04-18 17:13 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-11 05:49 . 2011-04-18 17:25 40112 ----a-w- c:\windows\avastSS.scr
2011-04-11 05:49 . 2011-04-18 17:25 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-11 05:49 . 2011-04-11 05:49 -------- dc----w- c:\program files\AVAST Software
2011-04-11 05:49 . 2011-04-11 05:49 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2011-04-09 22:32 . 2011-04-09 22:32 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-09 20:53 . 2011-04-09 20:53 -------- dc----w- C:\VritualRoot
2011-04-09 20:47 . 2011-04-09 21:13 -------- dc----w- c:\program files\COMODO
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-27 01:45 . 2010-06-05 18:13 388096 ----a-r- c:\documents and settings\carl.NETVISTA1\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-26 13:40 . 2010-04-24 23:34 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-04-23 18:44 . 2010-07-31 15:21 25992 -c--a-w- c:\windows\system32\pgdfgsvc.exe
2011-04-14 23:45 . 2009-06-13 14:06 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-04-14 23:45 . 2009-06-13 14:06 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-03-13 22:02 . 2011-03-13 22:03 737280 ----a-w- c:\windows\iun6002.exe
2011-03-08 21:05 . 2011-03-08 21:05 32132 ----a-w- c:\windows\system32\tcpipbak.reg
2011-03-07 05:33 . 2008-10-27 18:18 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37 . 2008-04-14 09:42 420864 ------w- c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2008-04-14 05:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-27 18:33 . 2009-12-28 15:28 398760 ----a-r- c:\windows\system32\cpnprt2.cid
2011-02-22 23:06 . 2008-10-16 18:01 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06 . 2008-10-16 18:01 43520 ------w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06 . 2008-10-16 18:01 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2008-10-16 18:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 22:06 . 2011-02-17 22:06 111152 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-02-17 13:18 . 2008-04-14 04:47 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2008-04-14 04:45 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2009-04-16 21:01 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2008-04-14 09:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2008-04-14 09:42 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 09:41 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2008-04-14 09:41 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2007-04-03 12:44 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-30 23:23 . 2011-04-18 22:50 142296 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25 122512 -c--a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-18 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-04-18 3460784]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-04-14 273544]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2009-03-08 128512]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
c:\documents and settings\carl.NETVISTA1\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 01000000
"NoWinKeys"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, mwfvbvmr.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wlidsvc"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [4/11/2011 1:51 AM 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [4/11/2011 1:51 AM 307288]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4/11/2011 1:51 AM 19544]
S3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys --> c:\windows\system32\DRIVERS\avgfwdx.sys [?]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [12/18/2009 11:58 AM 11336]
S3 cpuz130;cpuz130; [x]
S3 MTK;Media Technology Kernel Driver;c:\windows\system32\drivers\FIDE.SYS [5/28/2010 10:30 AM 15271]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 08:32 128512 -c----w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
.
2011-05-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-18 23:19]
.
2011-05-06 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-08-04 18:19]
.
2011-05-02 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-08-04 18:19]
.
2011-05-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-299502267-1606980848-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-05-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-299502267-1606980848-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-05-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-299502267-1606980848-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-05-06 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-299502267-1606980848-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-05-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-299502267-1606980848-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
2011-05-06 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-299502267-1606980848-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://us.mc500.mail.yahoo.com/mc/welcome?.gx=1&.tm=1277855676&.rand=av6e9uno1nir8
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} - hxxp://utilities.pcpitstop.com/DiskMD3/DiskMD3Ctrl.dll
FF - ProfilePath - c:\documents and settings\carl.NETVISTA1\Application Data\Mozilla\Firefox\Profiles\w24cfcly.default\
FF - prefs.js: browser.startup.homepage - hxxps://login.yahoo.com/config/login_verify2?&.src=ym
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-UpdateMyDrivers - e:\smarttweak software\UpdateMyDrivers\UpdateMyDrivers.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-07 08:58
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\## aswSnx private storage
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MsDepSvc]
"ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,46,22,d5,ad,1c,69,1a,4d,a9,37,cb,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,46,22,d5,ad,1c,69,1a,4d,a9,37,cb,\
.
[HKEY_USERS\S-1-5-21-842925246-299502267-1606980848-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10j_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10j_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3900)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-05-07 09:05:59
ComboFix-quarantined-files.txt 2011-05-07 13:05
.
Pre-Run: 3,062,325,248 bytes free
Post-Run: 3,179,302,912 bytes free
.
Current=1 Default=1 Failed=3 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 7E4C5F8E9AE8414F4B44437C00B8FD24

What should I do?

Bump

Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

Link 1
Link 2
Link 3

• Double-click on MBRCheck.exe to run it.
  
• It will open a black window...please do not fix anything (if it gives you an option).
  
• When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.
  
• A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
  
• Please copy and paste the contents of that log in your next reply.

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000000d

Kernel Drivers (total 139):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EF000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF75A8000 ACPI.sys
0xF7989000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7597000 pci.sys
0xF75F7000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF798B000 intelide.sys
0xF7607000 MountMgr.sys
0xF74D8000 ftdisk.sys
0xF770F000 PartMgr.sys
0xF7617000 VolSnap.sys
0xF74C0000 atapi.sys
0xF7627000 disk.sys
0xF7637000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF74A0000 fltmgr.sys
0xF748E000 sr.sys
0xF7647000 PxHelp20.sys
0xF7477000 KSecDD.sys
0xF7464000 WudfPf.sys
0xF7B52000 Ntfs.sys
0xF7437000 NDIS.sys
0xF798D000 SmartDefragDriver.sys
0xF741D000 Mup.sys
0xF7717000 avgrkx86.sys
0xF789B000 AVGIDSEH.Sys
0xF7657000 agp440.sys
0xBA717000 \SystemRoot\system32\DRIVERS\tunmp.sys
0xF7547000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB98B6000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB98A2000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF7747000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB987E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF774F000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB9857000 \SystemRoot\system32\DRIVERS\e100b325.sys
0xB974A000 \SystemRoot\system32\DRIVERS\BCMSM.sys
0xB9727000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7757000 \SystemRoot\System32\Drivers\Modem.SYS
0xF7537000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF775F000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7767000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF776F000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF7527000 \SystemRoot\system32\DRIVERS\serial.sys
0xBA70B000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB9713000 \SystemRoot\system32\DRIVERS\parport.sys
0xF7517000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7777000 \SystemRoot\system32\drivers\Afc.sys
0xF7507000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF74F7000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB9685000 \SystemRoot\system32\drivers\smwdm.sys
0xB9661000 \SystemRoot\system32\drivers\portcls.sys
0xBA7C8000 \SystemRoot\system32\drivers\drmk.sys
0xB9649000 \SystemRoot\system32\drivers\aeaudio.sys
0xBA125000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF79BF000 \SystemRoot\System32\Drivers\RootMdm.sys
0xF777F000 \SystemRoot\system32\DRIVERS\rasirda.sys
0xF7787000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xBA7B8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA6FF000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB9632000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA7A8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA798000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB9621000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA788000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF778F000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7797000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF779F000 \SystemRoot\system32\DRIVERS\wanatw4.sys
0xBA778000 \SystemRoot\system32\DRIVERS\termdd.sys
0xB960B000 \SystemRoot\system32\DRIVERS\StarPortLite.sys
0xF79C1000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB95AD000 \SystemRoot\system32\DRIVERS\update.sys
0xF791B000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF791F000 \SystemRoot\system32\drivers\WmBEnum.sys
0xBA768000 \SystemRoot\system32\drivers\WmXlCore.sys
0xB9D89000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB9D09000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79E5000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB9DAD000 \SystemRoot\system32\drivers\MODEMCSA.sys
0xF77AF000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xF76A7000 \SystemRoot\system32\DRIVERS\avgmfx86.sys
0xB7A0A000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0xF7991000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA212000 \SystemRoot\System32\Drivers\Null.SYS
0xF7993000 \SystemRoot\System32\Drivers\Beep.SYS
0xB7FD6000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB7FCE000 \SystemRoot\System32\drivers\vga.sys
0xF7995000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7997000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB7FC6000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB7FBE000 \SystemRoot\System32\Drivers\Npfs.SYS
0xBA7F4000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB7328000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB72CF000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB82B4000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xB7297000 \SystemRoot\system32\DRIVERS\tcpip6.sys
0xB7250000 \SystemRoot\system32\DRIVERS\avgtdix.sys
0xB7202000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB82A4000 \SystemRoot\system32\drivers\ip6fw.sys
0xB8294000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB71DA000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF7737000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xB71B8000 \SystemRoot\System32\drivers\afd.sys
0xB8284000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB718D000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB711D000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB8274000 \SystemRoot\System32\Drivers\Fips.SYS
0xBA123000 \SystemRoot\system32\DRIVERS\DMICall.sys
0xB9F9C000 \SystemRoot\System32\Drivers\BANTExt.sys
0xB70E1000 \SystemRoot\system32\DRIVERS\avgldx86.sys
0xB648C000 \SystemRoot\System32\Drivers\aswSP.SYS
0xB641C000 \SystemRoot\System32\Drivers\aswSnx.SYS
0xB6A0C000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xB6ADE000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB9DB1000 \SystemRoot\System32\drivers\Dxapi.sys
0xF77E7000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xB65A7000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBF464000 \SystemRoot\System32\ATMFD.DLL
0xB80CD000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xF76B7000 \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
0xB535E000 \SystemRoot\system32\DRIVERS\irda.sys
0xB5C58000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB52A7000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xB5112000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF79A5000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB9C86000 \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys
0xB4FE1000 \SystemRoot\System32\Drivers\HTTP.sys
0xB9CAE000 \SystemRoot\system32\DRIVERS\AVGIDSFilter.Sys
0xB4D91000 \SystemRoot\system32\DRIVERS\AVGIDSDriver.Sys
0xB499B000 \SystemRoot\system32\DRIVERS\srv.sys
0xB4391000 \SystemRoot\system32\drivers\wdmaud.sys
0xB4F61000 \SystemRoot\system32\drivers\sysaudio.sys
0xB045F000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 46):
0 System Idle Process
4 System
524 C:\WINDOWS\system32\smss.exe
580 csrss.exe
604 C:\WINDOWS\system32\winlogon.exe
648 C:\WINDOWS\system32\services.exe
660 C:\WINDOWS\system32\lsass.exe
816 C:\WINDOWS\system32\svchost.exe
864 svchost.exe
980 C:\WINDOWS\system32\svchost.exe
1024 C:\WINDOWS\system32\svchost.exe
1136 svchost.exe
1196 svchost.exe
1348 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1572 C:\WINDOWS\system32\spoolsv.exe
196 svchost.exe
232 C:\Program Files\AVG\AVG10\avgwdsvc.exe
324 C:\WINDOWS\system32\svchost.exe
344 C:\WINDOWS\system32\svchost.exe
400 C:\WINDOWS\system32\svchost.exe
436 C:\Program Files\Java\jre6\bin\jqs.exe
468 C:\WINDOWS\system32\svchost.exe
908 C:\WINDOWS\system32\svchost.exe
976 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
1208 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
1872 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
2220 wmpnetwk.exe
2536 C:\Program Files\AVG\AVG10\avgnsx.exe
2580 C:\Program Files\AVG\AVG10\avgemcx.exe
2736 C:\Program Files\AVG\AVG10\avgchsvx.exe
2744 C:\Program Files\AVG\AVG10\avgrsx.exe
3008 C:\Program Files\AVG\AVG10\avgcsrvx.exe
2148 alg.exe
1144 C:\WINDOWS\system32\svchost.exe
1364 C:\Program Files\AVG\AVG10\avgcsrvx.exe
2980 C:\WINDOWS\explorer.exe
3944 C:\Program Files\AVAST Software\Avast\AvastUI.exe
3768 C:\Program Files\Real\RealPlayer\Update\realsched.exe
2896 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1524 C:\WINDOWS\system32\rundll32.exe
1508 C:\Program Files\AVG\AVG10\avgtray.exe
3236 C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
3016 C:\Program Files\Mozilla Firefox\firefox.exe
836 C:\Program Files\Mozilla Firefox\plugin-container.exe
1956 C:\Program Files\Mozilla Firefox\plugin-container.exe
3712 C:\Documents and Settings\carl.NETVISTA1\My Documents\Downloads\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: Maxtor6E040L0, Rev: NAR61590

Size Device Name MBR Status
--------------------------------------------
37 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!

save to desak top

OK?

Bump

wats/ up?

Please do not continually bump your topic.

Please download Speccy and save to your Desktop.

• Double-click on setup file and install Speccy on your computer.
  
• Start Speccy and give it 30 seconds to 1 minute to load.
  
• Then, click File > Save as Text file...
  
• Save the report to your Desktop or other location you can remember.
  
• Find the report and attach it to your next reply.