Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Relentless System Check Infection


  • Please log in to reply
11 replies to this topic

#1 Blockinlick

Blockinlick

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:34 AM

Posted 18 January 2012 - 06:16 AM

The past several hours I've been trying to remove a "System Check" infection from my PC. [2000 Dell Optiplex GX270 w/ WinXP Home Edition]. I followed the guide posted on this site [http://www.bleepingcomputer.com/virus-removal/remove-system-check] to remove it three times, and it failed every time. The process went like this.

-Downloaded RKill [As iExplorer.exe], TDSSKiller, MBAM, and Unhide onto flash drive from other computer
-Ran my computer in Safe Mode.

//Here A problem presented itself... my start menu was empty and my desktop had no icons. I couldn't even use Ctrl+R. Therefor, I couldn't possibly use a flash drive to DL the programs. So I-

Attempt #1
-Opened Internet Explorer, which was one of the only programs I could run.
-Downloaded RKill first and immediately ran it. It seemed to have done it's job.
-Downloaded Unhide and ran it. My icons showed up in my desktop and my Start Menu, but some start menu icons [The ones to the right side] still weren't showing up.
-Scanned with Malwarebytes and found 20 infections
-Attempted to remove the infections and was, of course, prompted to restart.
-I clicked yes and my computer restarted... only to see that nothing had changed and System Check was very much running as normal.

Attempt #2
-Shut computer back down and restarted in Safe Mode again.
-Repeated same steps earlier, but ran TDSS Killer before Malwarebytes [Without restarting yet], then ran Malwarebytes... and restarted again.
-Again... no progress had been made, and Malwarebytes continued to find the same infections every time.

Attempt #3
-Shut computer back down and restarted in Safe Mode again.
-Figured out that I could hit F3 for the search window.
-Used the search window to find all of the files located in my Flash Drive.
-Ran an updated version of RKill, and I noticed that oddly, it didn't find anything.
-Ran Unhide
-Ran TDSSKiller which actually did find something.
-When prompted to reset by TDSSKiller, I did, however, instead of letting it reboot normally, I went straight back to Safe Mode this time.
-Followed the same step with MBAM as I did with TDSSKiller.
-Scanned with SpybotS&D, which to my surprise, actually found and deleted a few interesting things.
-To do a double-check, I then rescanned with MBAM, TDSSKiller, and RKill, none of which found anything.
-I restarted and went straight back into Safe Mode again... and then I did a triple check by rescanning with MBAM, TDSSKiller, RKill, and Spybot: none of which found anything this time either.
-Confident that I had finally rid my computer of this infection by double and triple checking, I shut my computer down and turned it back on to let it normally boot... to my vast disappointment, nothing had changed whatsoever. I still got about 10 "Error" windows stacked, followed by the System Check window and warning bubble spam.

I'm rather vexed at the moment... I just spent the last 5 hours scanning, double checking, triple checking, and waiting... all for nothing... to be back at square one again.


If you would like me to post a copy of the Malwarebytes [Or any other scan I did] scan log, I can, but only if instructed to do so.

Edited by hamluis, 18 January 2012 - 08:13 AM.
Moved from XP to Am I Infected.


BC AdBot (Login to Remove)

 


#2 mark1956

mark1956

  • Security Colleague
  • 271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Spain
  • Local time:01:34 PM

Posted 18 January 2012 - 06:55 AM

I have requested this be moved to the "Am I Infected" forum, your symptoms indicate that you have a Rootkit infection.

I can then instruct you to run a scan for rootkit activity, if this confirms that you are infected with one then you will be passd over to the Malware removal forum.

TDSSKiller only targets certain types of Rootkits.

#3 Blockinlick

Blockinlick
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:34 AM

Posted 18 January 2012 - 07:02 AM

I have requested this be moved to the "Am I Infected" forum, your symptoms indicate that you have a Rootkit infection.

I can then instruct you to run a scan for rootkit activity, if this confirms that you are infected with one then you will be passd over to the Malware removal forum.

TDSSKiller only targets certain types of Rootkits.


Alright. Waiting for instructions later.

In the meantime, here is my MBAM scan log.

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.18.02

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
Blockinlick :: JEREMY [administrator]

1/18/2012 6:54:49 AM
mbam-log-2012-01-18 (06-54-49).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 310794
Time elapsed: 36 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|gfUomFNvRQL.exe (Trojan.FakeAV) -> Data: C:\Documents and Settings\All Users\Application Data\gfUomFNvRQL.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 6
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowControlPanel (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRun (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Documents and Settings\All Users\Application Data\gfUomFNvRQL.exe (Trojan.FakeAV) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\D1tLmedesnoiNu.exe (Rogue.FakeAlert) -> Quarantined and deleted successfully.

(end)


Edited by Blockinlick, 18 January 2012 - 08:50 AM.


#4 js_meToo

js_meToo

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 18 January 2012 - 10:01 AM

Hi,

I seem to have the exact symptoms and failure to fix this "Relentless System Check Infection" posted by user 'Blockinlick'. The only item I can add is that after following the removal instructions when MBAM requests a restart, since my system will not shut down properly, I am forced to perform a hard power-off once the system gets to the "Windoze shutting down" stage. Otherwise it will sit there forever. After the hard-restart I am back to the relentless System Check notices and hidden files.

Assuming I am rooted, what can I do next?

Thanks

#5 mark1956

mark1956

  • Security Colleague
  • 271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Spain
  • Local time:01:34 PM

Posted 18 January 2012 - 10:23 AM

js-meToo, please start you own thread. Am I Infected? What to do ? How do I get help? Who is helping me?


Blockinlick, reboot the PC if you have not already done so and re-run Mbam and post the log.

Then follow that with a GMER scan:

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror <-This version will download a randomly named .exe file (Recommended)
  • Zipped Mirror <-This version will download a zip file you will need to extract first.
  • Disconnect from the Internet and temporarily disable your anti-virus, Firewall and any anti-malware real-time protection before performing a scan so they will not conflict with gmer's driver.
  • Click this link to see a list of such programs and how to disable them..
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • On the right side panel, several boxes have been checked. Please UNCHECK the following:
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All <- don't miss this one
    Posted Image
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If GMER crashes or keeps resulting in a BSODs, deselect (uncheck) Devices, Sections, and Files along with the other items mentioned.
-- If you still encounter problems, try running GMER in safe mode.

Edited by mark1956, 18 January 2012 - 10:32 AM.


#6 Blockinlick

Blockinlick
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:34 AM

Posted 19 January 2012 - 04:58 AM

Thanks for the help, mark. I don't have access to my computer at the moment, but will later today/tonight [It's morning here]. I hope that's okay and doesn't cause my issue to be ignored.

When I do get on later today/tonight, I'll follow your steps and post the log. Thanks again :D

#7 mark1956

mark1956

  • Security Colleague
  • 271 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Spain
  • Local time:01:34 PM

Posted 19 January 2012 - 05:48 AM

I have been advised by my Malware trainer not to give any further assistance in Malware related issues. I have put in a request for another helper to take my place in assisting you.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:34 AM

Posted 19 January 2012 - 10:27 AM

I'll pick this up.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Blockinlick

Blockinlick
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:34 AM

Posted 20 January 2012 - 07:24 AM

I'll pick this up.


Alright... shall I continue with his previous directions? Or do you have something different in mind?

Edited by Blockinlick, 20 January 2012 - 07:25 AM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:34 AM

Posted 20 January 2012 - 09:47 PM

Yes,run Gmer and....

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Blockinlick

Blockinlick
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:34 AM

Posted 24 January 2012 - 11:31 AM

Sorry for the delayed response, I've been really busy.

Ran GMER

I must note that I didn't ever get a warning and didn't see a scan option on the rootkit page [Perhaps because I'm forced to run this on Safe Mode (Limited Resolution]. What I did was notice the Autorun tab and ran a scan that way, I hope that's what you wanted to see.

I also must note that since I ran it on Safe Mode, I wasn't sure how to go about disabling Avast or whether or not it already was. Keep that in mind.

Here is the log

_____________________
GMER 1.0.15.15641 - http://www.gmer.net
Autostart scan 2012-01-24 11:07:37
Windows 5.1.2600 Service Pack 3


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon >>>
@UserinitC:\WINDOWS\system32\userinit.exe, = C:\WINDOWS\system32\userinit.exe,
@Taskman /*file not found*/ = /*file not found*/

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
dimsntfy@DLLName = %SystemRoot%\System32\dimsntfy.dll
igfxcui@DLLName = igfxsrvc.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
avast! Antivirus@ = "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
clr_optimization_v4.0.30319_32@ = C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
gupdate@ = C:\Program Files\Google\Update\GoogleUpdate.exe /svc /*file not found*/
JavaQuickStarterService@ = "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
WSearch@ = %systemroot%\system32\SearchIndexer.exe /Embedding
YahooAUService@ = "C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe"

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@IgfxTrayC:\WINDOWS\system32\igfxtray.exe = C:\WINDOWS\system32\igfxtray.exe
@HotKeysCmdsC:\WINDOWS\system32\hkcmd.exe = C:\WINDOWS\system32\hkcmd.exe
@SunJavaUpdateSched"C:\Program Files\Common Files\Java\Java Update\jusched.exe" = "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
@avast"C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui = "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
@KernelFaultCheck%systemroot%\system32\dumprep 0 -k = %systemroot%\system32\dumprep 0 -k
RunOnce@Malwarebytes Anti-Malware = C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent /*file not found*/

HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{56F9679E-7826-4C84-81F3-532071A8BCC5} = C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/(null) =
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/%WINDIR%\system32\ieframe.dll = %WINDIR%\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\system32\extmgr.dll = C:\WINDOWS\system32\extmgr.dll
@{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} /*OpenOffice.org Column Handler*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
@{087B3AE3-E237-4467-B8DB-5A38AB959AC9} /*OpenOffice.org Infotip Handler*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
@{63542C48-9552-494A-84F7-73AA6A7C99C1} /*OpenOffice.org Property Sheet Handler*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
@{3B092F0C-7696-40E3-A80F-68D74DA84210} /*OpenOffice.org Thumbnail Viewer*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser Architecture*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft.XPS.Shell.Metadata.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft.XPS.Shell.Thumbnail.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{da67b8ad-e81b-4c70-9b91b417b5e33527} /*Windows Search Shell Service*/(null) =
@{97e467b4-98c6-4f19-9588-161b7773d6f6} /*Office Document Property Handler*/%SystemRoot%\system32\propsys.dll = %SystemRoot%\system32\propsys.dll
@{97090E2F-3062-4459-855B-014F0D3CDBB1} /*Windows Search Deskbar*/C:\Program Files\Windows Desktop Search\deskbar.dll = C:\Program Files\Windows Desktop Search\deskbar.dll
@{13E7F612-F261-4391-BEA2-39DF4F3FA311} /*Windows Desktop Search*/C:\Program Files\Windows Desktop Search\msnlExt.dll = C:\Program Files\Windows Desktop Search\msnlExt.dll
@{11016101-E366-4D22-BC06-4ADA335C892B} /*IE History and Feeds Shell Data Source for Windows Search*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{8856f961-340a-11d0-a96b-00c04fd705a2} /*Microsoft Web Browser*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{472083B0-C522-11CF-8763-00608CC02F24} /*avast*/C:\Program Files\AVAST Software\Avast\ashShell.dll = C:\Program Files\AVAST Software\Avast\ashShell.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/c:\WINDOWS\system32\dfshim.dll = c:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/c:\WINDOWS\system32\dfshim.dll = c:\WINDOWS\system32\dfshim.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\AVAST Software\Avast\ashShell.dll
LavasoftShellExt@{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} = C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll /*file not found*/
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\AVAST Software\Avast\ashShell.dll
LavasoftShellExt@{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} = C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll /*file not found*/
MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamext.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{02478D38-C3F9-4efb-9B51-7695ECA05670}C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll = C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
@{18DF081C-E8AD-4283-A596-FA578C2EBDC3}C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
@{25BC7718-0BFA-40EA-B381-4B2D9732D686}C:\Program Files\Yahoo!\Search Protection\ysp.dll = C:\Program Files\Yahoo!\Search Protection\ysp.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\Program Files\Spybot - Search & Destroy\SDHelper.dll = C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}C:\Program Files\Java\jre6\bin\jp2ssv.dll = C:\Program Files\Java\jre6\bin\jp2ssv.dll
@{E7E6F031-17CE-4C07-BC86-EABFE594F69C}C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll = C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
@{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll = C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.msn.com/?pc=Z131&install_date=20110827 = http://www.msn.com/?pc=Z131&install_date=20110827
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll

HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll

C:\Documents and Settings\All Users\Start Menu\Programs\Startup = Wireless Network Monitor.lnk

---- EOF - GMER 1.0.15 ----


_________________________

I also ran the MiniToolbox like you asked. Here is that log.

_________________________

MiniToolBox by Farbar Version: 18-01-2012
Ran by Blockinlick (administrator) on 24-01-2012 at 11:12:29
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Nerwork
***************************************************************************

========================= Flush DNS: ===================================
Windows IP Configuration Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/18/2012 05:58:54 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the SystemIndex search index. Internal error <0, 0x80070013, Could not detect if setup run previously>.

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index cannot be read. (0xc0041800)

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index cannot be read. (0xc0041800)

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index cannot be read. (0xc0041800)

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
0xc0041801 (0xc0041801)


System errors:
=============
Error: (01/24/2012 11:04:49 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/24/2012 10:57:16 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aavmker4
aswSnx
aswSP
aswTdi
Fips
IntelIde
intelppm
Lbd
SASDIFSV
SASKUTIL

Error: (01/24/2012 10:56:45 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/18/2012 08:53:13 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/18/2012 06:46:49 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aavmker4
aswSnx
aswSP
aswTdi
Fips
intelppm
Lbd
SASDIFSV
SASKUTIL

Error: (01/18/2012 06:45:42 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/18/2012 05:58:55 AM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%3

Error: (01/18/2012 05:58:55 AM) (Source: Service Control Manager) (User: )
Description: The Telephony service failed to start due to the following error:
%%3

Error: (01/18/2012 05:58:55 AM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%3

Error: (01/18/2012 05:58:55 AM) (Source: Service Control Manager) (User: )
Description: The Telephony service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (01/18/2012 05:58:54 AM) (Source: Windows Search Service)(User: )
Description: 00x80070013Could not detect if setup run previously

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index cannot be read. (0xc0041800)

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index cannot be read. (0xc0041800)

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index cannot be read. (0xc0041800)
Search.TripoliIndexer

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
0xc0041801 (0xc0041801)


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader 9.1 (Version: 9.1.0)
Adobe Shockwave Player 11.5 (Version: 11.5.2.602)
Apple Application Support (Version: 1.2.0)
Apple Software Update (Version: 2.1.1.116)
Audacity 1.2.6
avast! Free Antivirus (Version: 6.0.1091.0)
Blockland
Diablo II
Download Updater (AOL LLC)
Drivers Install For Linksys Easylink Advisor (Version: 2.0.9)
Google Chrome (Version: 16.0.912.75)
Google Update Helper (Version: 1.3.21.79)
Hero Editor V0.96
Hero Editor V0.96 (C:\Program Files\Hero Editor\)
Hero Editor V0.96 (C:\Program Files\Hero Editor\) #3
Intel® Extreme Graphics 2 Driver
Intel® PRO Network Adapters and Drivers
Java Auto Updater (Version: 2.0.4.1)
Java™ 6 Update 25 (Version: 6.0.250)
Java™ 6 Update 3 (Version: 1.6.0.30)
Linksys EasyLink Advisor 1.6 (0032)
Linksys WUSB100 RangePlus Wireless USB Adapter (Version: 1.0.0.7)
Magic Set Editor 2 - 0.3.8 beta
Magic Workstation 0.94f
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual Basic 2010 Express - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MTG GamePack for Magic Workstation
OpenOffice.org 3.1 (Version: 3.1.9399)
Project64 1.6 (Version: 1.6)
QuickTime 3.0
Rhythm Rascal (Version: 3.2.0)
RollerCoaster Tycoon (Version: 1.00.000)
Sid Meier's Civilization 4 (Version: 1.61)
Spybot - Search & Destroy (Version: 1.6.2)
TuxGuitar (Version: 1.0-rc3)
Uniblue RegistryBooster (Version: 6.0.5.6)
Unity Web Player (Version: )
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VLC media player 0.9.9 (Version: 0.9.9)
Warcraft III
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Worms World Party
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar
YVD (Version: 1.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 509.98 MB
Available physical RAM: 363.68 MB
Total Pagefile: 1505.29 MB
Available Pagefile: 1431.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1976.89 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.5 GB) (Free:9.72 GB) NTFS
3 Drive d: (Iron Maiden) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS
4 Drive e: () (Removable) (Total:3.73 GB) (Free:3.72 GB) FAT32

========================= Users: ========================================

User accounts for \\JEREMY

Administrator ASPNET Blockinlick
Guest HelpAssistant SUPPORT_388945a0

========================= Minidump Files ==================================

C:\WINDOWS\Minidump\Mini010212-01.dmp
C:\WINDOWS\Minidump\Mini010712-01.dmp
C:\WINDOWS\Minidump\Mini010812-01.dmp
C:\WINDOWS\Minidump\Mini011112-01.dmp
C:\WINDOWS\Minidump\Mini011312-01.dmp
C:\WINDOWS\Minidump\Mini011412-01.dmp
C:\WINDOWS\Minidump\Mini011712-01.dmp
C:\WINDOWS\Minidump\Mini042911-01.dmp
C:\WINDOWS\Minidump\Mini050411-01.dmp
C:\WINDOWS\Minidump\Mini050411-02.dmp
C:\WINDOWS\Minidump\Mini050411-03.dmp
C:\WINDOWS\Minidump\Mini050411-04.dmp
C:\WINDOWS\Minidump\Mini050411-05.dmp
C:\WINDOWS\Minidump\Mini050411-06.dmp
C:\WINDOWS\Minidump\Mini050411-07.dmp
C:\WINDOWS\Minidump\Mini050411-08.dmp
C:\WINDOWS\Minidump\Mini050411-09.dmp
C:\WINDOWS\Minidump\Mini050411-10.dmp
C:\WINDOWS\Minidump\Mini050411-11.dmp
C:\WINDOWS\Minidump\Mini050411-12.dmp
C:\WINDOWS\Minidump\Mini050411-13.dmp
C:\WINDOWS\Minidump\Mini050411-14.dmp
C:\WINDOWS\Minidump\Mini050411-15.dmp
C:\WINDOWS\Minidump\Mini050411-16.dmp
C:\WINDOWS\Minidump\Mini050411-17.dmp
C:\WINDOWS\Minidump\Mini050411-18.dmp
C:\WINDOWS\Minidump\Mini050411-19.dmp
C:\WINDOWS\Minidump\Mini050411-20.dmp
C:\WINDOWS\Minidump\Mini050411-21.dmp
C:\WINDOWS\Minidump\Mini050411-22.dmp
C:\WINDOWS\Minidump\Mini050411-23.dmp
C:\WINDOWS\Minidump\Mini050411-24.dmp
C:\WINDOWS\Minidump\Mini050411-25.dmp
C:\WINDOWS\Minidump\Mini050411-26.dmp
C:\WINDOWS\Minidump\Mini050411-27.dmp
C:\WINDOWS\Minidump\Mini050411-28.dmp
C:\WINDOWS\Minidump\Mini050411-29.dmp
C:\WINDOWS\Minidump\Mini050411-30.dmp
C:\WINDOWS\Minidump\Mini050411-31.dmp
C:\WINDOWS\Minidump\Mini050411-32.dmp
C:\WINDOWS\Minidump\Mini050411-33.dmp
C:\WINDOWS\Minidump\Mini050411-34.dmp
C:\WINDOWS\Minidump\Mini050411-35.dmp
C:\WINDOWS\Minidump\Mini050411-36.dmp
C:\WINDOWS\Minidump\Mini050411-37.dmp
C:\WINDOWS\Minidump\Mini050411-38.dmp
C:\WINDOWS\Minidump\Mini050411-39.dmp
C:\WINDOWS\Minidump\Mini050411-40.dmp
C:\WINDOWS\Minidump\Mini050411-41.dmp
C:\WINDOWS\Minidump\Mini050511-01.dmp
C:\WINDOWS\Minidump\Mini050511-02.dmp
C:\WINDOWS\Minidump\Mini050511-03.dmp
C:\WINDOWS\Minidump\Mini050511-04.dmp
C:\WINDOWS\Minidump\Mini050511-05.dmp
C:\WINDOWS\Minidump\Mini050511-06.dmp
C:\WINDOWS\Minidump\Mini050511-07.dmp
C:\WINDOWS\Minidump\Mini050511-08.dmp
C:\WINDOWS\Minidump\Mini050511-09.dmp
C:\WINDOWS\Minidump\Mini050511-10.dmp
C:\WINDOWS\Minidump\Mini050511-11.dmp
C:\WINDOWS\Minidump\Mini050511-12.dmp
C:\WINDOWS\Minidump\Mini050511-13.dmp
C:\WINDOWS\Minidump\Mini050511-14.dmp
C:\WINDOWS\Minidump\Mini050511-15.dmp
C:\WINDOWS\Minidump\Mini050511-16.dmp
C:\WINDOWS\Minidump\Mini050511-17.dmp
C:\WINDOWS\Minidump\Mini050511-18.dmp
C:\WINDOWS\Minidump\Mini050511-19.dmp
C:\WINDOWS\Minidump\Mini050511-20.dmp
C:\WINDOWS\Minidump\Mini050511-21.dmp
C:\WINDOWS\Minidump\Mini050511-22.dmp
C:\WINDOWS\Minidump\Mini050511-23.dmp
C:\WINDOWS\Minidump\Mini050511-24.dmp
C:\WINDOWS\Minidump\Mini050511-25.dmp
C:\WINDOWS\Minidump\Mini050511-26.dmp
C:\WINDOWS\Minidump\Mini050511-27.dmp
C:\WINDOWS\Minidump\Mini050511-28.dmp
C:\WINDOWS\Minidump\Mini050511-29.dmp
C:\WINDOWS\Minidump\Mini050511-30.dmp
C:\WINDOWS\Minidump\Mini050511-31.dmp
C:\WINDOWS\Minidump\Mini050511-32.dmp
C:\WINDOWS\Minidump\Mini050511-33.dmp
C:\WINDOWS\Minidump\Mini050511-34.dmp
C:\WINDOWS\Minidump\Mini050511-35.dmp
C:\WINDOWS\Minidump\Mini050511-36.dmp
C:\WINDOWS\Minidump\Mini050511-37.dmp
C:\WINDOWS\Minidump\Mini050511-38.dmp
C:\WINDOWS\Minidump\Mini050511-39.dmp
C:\WINDOWS\Minidump\Mini050511-40.dmp
C:\WINDOWS\Minidump\Mini050511-41.dmp
C:\WINDOWS\Minidump\Mini050511-42.dmp
C:\WINDOWS\Minidump\Mini050511-43.dmp
C:\WINDOWS\Minidump\Mini050511-44.dmp
C:\WINDOWS\Minidump\Mini050511-45.dmp
C:\WINDOWS\Minidump\Mini050511-46.dmp
C:\WINDOWS\Minidump\Mini050511-47.dmp
C:\WINDOWS\Minidump\Mini050511-48.dmp
C:\WINDOWS\Minidump\Mini050511-49.dmp
C:\WINDOWS\Minidump\Mini050511-50.dmp
C:\WINDOWS\Minidump\Mini051811-01.dmp
C:\WINDOWS\Minidump\Mini051911-01.dmp
C:\WINDOWS\Minidump\Mini052011-01.dmp
C:\WINDOWS\Minidump\Mini052711-01.dmp
C:\WINDOWS\Minidump\Mini053111-01.dmp
C:\WINDOWS\Minidump\Mini060111-01.dmp
C:\WINDOWS\Minidump\Mini060311-01.dmp
C:\WINDOWS\Minidump\Mini060411-01.dmp
C:\WINDOWS\Minidump\Mini060511-01.dmp
C:\WINDOWS\Minidump\Mini060711-01.dmp
C:\WINDOWS\Minidump\Mini061111-01.dmp
C:\WINDOWS\Minidump\Mini062411-01.dmp
C:\WINDOWS\Minidump\Mini062511-01.dmp
C:\WINDOWS\Minidump\Mini062611-01.dmp
C:\WINDOWS\Minidump\Mini063011-01.dmp
C:\WINDOWS\Minidump\Mini070111-01.dmp
C:\WINDOWS\Minidump\Mini070211-01.dmp
C:\WINDOWS\Minidump\Mini070811-01.dmp
C:\WINDOWS\Minidump\Mini070911-01.dmp
C:\WINDOWS\Minidump\Mini071311-01.dmp
C:\WINDOWS\Minidump\Mini071811-01.dmp
C:\WINDOWS\Minidump\Mini071911-01.dmp
C:\WINDOWS\Minidump\Mini080911-01.dmp
C:\WINDOWS\Minidump\Mini081411-01.dmp
C:\WINDOWS\Minidump\Mini081711-01.dmp
C:\WINDOWS\Minidump\Mini081811-01.dmp
C:\WINDOWS\Minidump\Mini081911-01.dmp
C:\WINDOWS\Minidump\Mini082211-01.dmp
C:\WINDOWS\Minidump\Mini082511-01.dmp
C:\WINDOWS\Minidump\Mini082911-01.dmp
C:\WINDOWS\Minidump\Mini090211-01.dmp
C:\WINDOWS\Minidump\Mini090511-01.dmp
C:\WINDOWS\Minidump\Mini090611-01.dmp
C:\WINDOWS\Minidump\Mini090911-01.dmp
C:\WINDOWS\Minidump\Mini091211-01.dmp
C:\WINDOWS\Minidump\Mini091711-01.dmp
C:\WINDOWS\Minidump\Mini091811-01.dmp
C:\WINDOWS\Minidump\Mini091911-01.dmp
C:\WINDOWS\Minidump\Mini092111-01.dmp
C:\WINDOWS\Minidump\Mini092511-01.dmp
C:\WINDOWS\Minidump\Mini092811-01.dmp
C:\WINDOWS\Minidump\Mini100611-01.dmp
C:\WINDOWS\Minidump\Mini100811-01.dmp
C:\WINDOWS\Minidump\Mini101011-01.dmp
C:\WINDOWS\Minidump\Mini101911-01.dmp
C:\WINDOWS\Minidump\Mini102111-01.dmp
C:\WINDOWS\Minidump\Mini102611-01.dmp
C:\WINDOWS\Minidump\Mini110411-01.dmp
C:\WINDOWS\Minidump\Mini110611-01.dmp
C:\WINDOWS\Minidump\Mini111211-01.dmp
C:\WINDOWS\Minidump\Mini111511-01.dmp
C:\WINDOWS\Minidump\Mini120211-01.dmp
C:\WINDOWS\Minidump\Mini121411-01.dmp
C:\WINDOWS\Minidump\Mini122411-01.dmp
C:\WINDOWS\Minidump\Mini123111-01.dmp

**** End of log ****


Ran GMER

I must note that I didn't ever get a warning and didn't see a scan option on the rootkit page [Perhaps because I'm forced to run this on Safe Mode (Limited Resolution]. What I did was notice the Autorun tab and ran a scan that way, I hope that's what you wanted to see.

Here is the log

_____________________
GMER 1.0.15.15641 - http://www.gmer.net
Autostart scan 2012-01-24 11:07:37
Windows 5.1.2600 Service Pack 3


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon >>>
@UserinitC:\WINDOWS\system32\userinit.exe, = C:\WINDOWS\system32\userinit.exe,
@Taskman /*file not found*/ = /*file not found*/

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
dimsntfy@DLLName = %SystemRoot%\System32\dimsntfy.dll
igfxcui@DLLName = igfxsrvc.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
avast! Antivirus@ = "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
clr_optimization_v4.0.30319_32@ = C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
gupdate@ = C:\Program Files\Google\Update\GoogleUpdate.exe /svc /*file not found*/
JavaQuickStarterService@ = "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
WSearch@ = %systemroot%\system32\SearchIndexer.exe /Embedding
YahooAUService@ = "C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe"

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@IgfxTrayC:\WINDOWS\system32\igfxtray.exe = C:\WINDOWS\system32\igfxtray.exe
@HotKeysCmdsC:\WINDOWS\system32\hkcmd.exe = C:\WINDOWS\system32\hkcmd.exe
@SunJavaUpdateSched"C:\Program Files\Common Files\Java\Java Update\jusched.exe" = "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
@avast"C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui = "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
@KernelFaultCheck%systemroot%\system32\dumprep 0 -k = %systemroot%\system32\dumprep 0 -k
RunOnce@Malwarebytes Anti-Malware = C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent /*file not found*/

HKCU\Software\Microsoft\Windows\CurrentVersion\Run@ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{56F9679E-7826-4C84-81F3-532071A8BCC5} = C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/(null) =
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/%WINDIR%\system32\ieframe.dll = %WINDIR%\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\system32\extmgr.dll = C:\WINDOWS\system32\extmgr.dll
@{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} /*OpenOffice.org Column Handler*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
@{087B3AE3-E237-4467-B8DB-5A38AB959AC9} /*OpenOffice.org Infotip Handler*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
@{63542C48-9552-494A-84F7-73AA6A7C99C1} /*OpenOffice.org Property Sheet Handler*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
@{3B092F0C-7696-40E3-A80F-68D74DA84210} /*OpenOffice.org Thumbnail Viewer*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll"
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser Architecture*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft.XPS.Shell.Metadata.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft.XPS.Shell.Thumbnail.1*/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{da67b8ad-e81b-4c70-9b91b417b5e33527} /*Windows Search Shell Service*/(null) =
@{97e467b4-98c6-4f19-9588-161b7773d6f6} /*Office Document Property Handler*/%SystemRoot%\system32\propsys.dll = %SystemRoot%\system32\propsys.dll
@{97090E2F-3062-4459-855B-014F0D3CDBB1} /*Windows Search Deskbar*/C:\Program Files\Windows Desktop Search\deskbar.dll = C:\Program Files\Windows Desktop Search\deskbar.dll
@{13E7F612-F261-4391-BEA2-39DF4F3FA311} /*Windows Desktop Search*/C:\Program Files\Windows Desktop Search\msnlExt.dll = C:\Program Files\Windows Desktop Search\msnlExt.dll
@{11016101-E366-4D22-BC06-4ADA335C892B} /*IE History and Feeds Shell Data Source for Windows Search*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{8856f961-340a-11d0-a96b-00c04fd705a2} /*Microsoft Web Browser*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{472083B0-C522-11CF-8763-00608CC02F24} /*avast*/C:\Program Files\AVAST Software\Avast\ashShell.dll = C:\Program Files\AVAST Software\Avast\ashShell.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/c:\WINDOWS\system32\dfshim.dll = c:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/c:\WINDOWS\system32\dfshim.dll = c:\WINDOWS\system32\dfshim.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\AVAST Software\Avast\ashShell.dll
LavasoftShellExt@{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} = C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll /*file not found*/
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\AVAST Software\Avast\ashShell.dll
LavasoftShellExt@{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} = C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll /*file not found*/
MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = C:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamext.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{02478D38-C3F9-4efb-9B51-7695ECA05670}C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll = C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
@{18DF081C-E8AD-4283-A596-FA578C2EBDC3}C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
@{25BC7718-0BFA-40EA-B381-4B2D9732D686}C:\Program Files\Yahoo!\Search Protection\ysp.dll = C:\Program Files\Yahoo!\Search Protection\ysp.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\Program Files\Spybot - Search & Destroy\SDHelper.dll = C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}C:\Program Files\Java\jre6\bin\jp2ssv.dll = C:\Program Files\Java\jre6\bin\jp2ssv.dll
@{E7E6F031-17CE-4C07-BC86-EABFE594F69C}C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll = C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
@{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll = C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.msn.com/?pc=Z131&install_date=20110827 = http://www.msn.com/?pc=Z131&install_date=20110827
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\system32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll

HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll

C:\Documents and Settings\All Users\Start Menu\Programs\Startup = Wireless Network Monitor.lnk

---- EOF - GMER 1.0.15 ----


_________________________

I also ran the MiniToolbox like you asked. Here is that log.

_________________________

MiniToolBox by Farbar Version: 18-01-2012
Ran by Blockinlick (administrator) on 24-01-2012 at 11:12:29
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Nerwork
***************************************************************************

========================= Flush DNS: ===================================
Windows IP Configuration Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/18/2012 05:58:54 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the SystemIndex search index. Internal error <0, 0x80070013, Could not detect if setup run previously>.

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index cannot be read. (0xc0041800)

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index cannot be read. (0xc0041800)

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index cannot be read. (0xc0041800)

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.

Context: Windows Application, SystemIndex Catalog

Details:
0xc0041801 (0xc0041801)


System errors:
=============
Error: (01/24/2012 11:04:49 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/24/2012 10:57:16 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aavmker4
aswSnx
aswSP
aswTdi
Fips
IntelIde
intelppm
Lbd
SASDIFSV
SASKUTIL

Error: (01/24/2012 10:56:45 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/18/2012 08:53:13 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/18/2012 06:46:49 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aavmker4
aswSnx
aswSP
aswTdi
Fips
intelppm
Lbd
SASDIFSV
SASKUTIL

Error: (01/18/2012 06:45:42 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/18/2012 05:58:55 AM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%3

Error: (01/18/2012 05:58:55 AM) (Source: Service Control Manager) (User: )
Description: The Telephony service failed to start due to the following error:
%%3

Error: (01/18/2012 05:58:55 AM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%3

Error: (01/18/2012 05:58:55 AM) (Source: Service Control Manager) (User: )
Description: The Telephony service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (01/18/2012 05:58:54 AM) (Source: Windows Search Service)(User: )
Description: 00x80070013Could not detect if setup run previously

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index cannot be read. (0xc0041800)

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index cannot be read. (0xc0041800)

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index cannot be read. (0xc0041800)
Search.TripoliIndexer

Error: (12/25/2011 02:56:35 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
0xc0041801 (0xc0041801)


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Reader 9.1 (Version: 9.1.0)
Adobe Shockwave Player 11.5 (Version: 11.5.2.602)
Apple Application Support (Version: 1.2.0)
Apple Software Update (Version: 2.1.1.116)
Audacity 1.2.6
avast! Free Antivirus (Version: 6.0.1091.0)
Blockland
Diablo II
Download Updater (AOL LLC)
Drivers Install For Linksys Easylink Advisor (Version: 2.0.9)
Google Chrome (Version: 16.0.912.75)
Google Update Helper (Version: 1.3.21.79)
Hero Editor V0.96
Hero Editor V0.96 (C:\Program Files\Hero Editor\)
Hero Editor V0.96 (C:\Program Files\Hero Editor\) #3
Intel® Extreme Graphics 2 Driver
Intel® PRO Network Adapters and Drivers
Java Auto Updater (Version: 2.0.4.1)
Java™ 6 Update 25 (Version: 6.0.250)
Java™ 6 Update 3 (Version: 1.6.0.30)
Linksys EasyLink Advisor 1.6 (0032)
Linksys WUSB100 RangePlus Wireless USB Adapter (Version: 1.0.0.7)
Magic Set Editor 2 - 0.3.8 beta
Magic Workstation 0.94f
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual Basic 2010 Express - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MTG GamePack for Magic Workstation
OpenOffice.org 3.1 (Version: 3.1.9399)
Project64 1.6 (Version: 1.6)
QuickTime 3.0
Rhythm Rascal (Version: 3.2.0)
RollerCoaster Tycoon (Version: 1.00.000)
Sid Meier's Civilization 4 (Version: 1.61)
Spybot - Search & Destroy (Version: 1.6.2)
TuxGuitar (Version: 1.0-rc3)
Uniblue RegistryBooster (Version: 6.0.5.6)
Unity Web Player (Version: )
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VLC media player 0.9.9 (Version: 0.9.9)
Warcraft III
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Worms World Party
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar
YVD (Version: 1.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 509.98 MB
Available physical RAM: 363.68 MB
Total Pagefile: 1505.29 MB
Available Pagefile: 1431.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1976.89 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.5 GB) (Free:9.72 GB) NTFS
3 Drive d: (Iron Maiden) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS
4 Drive e: () (Removable) (Total:3.73 GB) (Free:3.72 GB) FAT32

========================= Users: ========================================

User accounts for \\JEREMY

Administrator ASPNET Blockinlick
Guest HelpAssistant SUPPORT_388945a0

========================= Minidump Files ==================================

C:\WINDOWS\Minidump\Mini010212-01.dmp
C:\WINDOWS\Minidump\Mini010712-01.dmp
C:\WINDOWS\Minidump\Mini010812-01.dmp
C:\WINDOWS\Minidump\Mini011112-01.dmp
C:\WINDOWS\Minidump\Mini011312-01.dmp
C:\WINDOWS\Minidump\Mini011412-01.dmp
C:\WINDOWS\Minidump\Mini011712-01.dmp
C:\WINDOWS\Minidump\Mini042911-01.dmp
C:\WINDOWS\Minidump\Mini050411-01.dmp
C:\WINDOWS\Minidump\Mini050411-02.dmp
C:\WINDOWS\Minidump\Mini050411-03.dmp
C:\WINDOWS\Minidump\Mini050411-04.dmp
C:\WINDOWS\Minidump\Mini050411-05.dmp
C:\WINDOWS\Minidump\Mini050411-06.dmp
C:\WINDOWS\Minidump\Mini050411-07.dmp
C:\WINDOWS\Minidump\Mini050411-08.dmp
C:\WINDOWS\Minidump\Mini050411-09.dmp
C:\WINDOWS\Minidump\Mini050411-10.dmp
C:\WINDOWS\Minidump\Mini050411-11.dmp
C:\WINDOWS\Minidump\Mini050411-12.dmp
C:\WINDOWS\Minidump\Mini050411-13.dmp
C:\WINDOWS\Minidump\Mini050411-14.dmp
C:\WINDOWS\Minidump\Mini050411-15.dmp
C:\WINDOWS\Minidump\Mini050411-16.dmp
C:\WINDOWS\Minidump\Mini050411-17.dmp
C:\WINDOWS\Minidump\Mini050411-18.dmp
C:\WINDOWS\Minidump\Mini050411-19.dmp
C:\WINDOWS\Minidump\Mini050411-20.dmp
C:\WINDOWS\Minidump\Mini050411-21.dmp
C:\WINDOWS\Minidump\Mini050411-22.dmp
C:\WINDOWS\Minidump\Mini050411-23.dmp
C:\WINDOWS\Minidump\Mini050411-24.dmp
C:\WINDOWS\Minidump\Mini050411-25.dmp
C:\WINDOWS\Minidump\Mini050411-26.dmp
C:\WINDOWS\Minidump\Mini050411-27.dmp
C:\WINDOWS\Minidump\Mini050411-28.dmp
C:\WINDOWS\Minidump\Mini050411-29.dmp
C:\WINDOWS\Minidump\Mini050411-30.dmp
C:\WINDOWS\Minidump\Mini050411-31.dmp
C:\WINDOWS\Minidump\Mini050411-32.dmp
C:\WINDOWS\Minidump\Mini050411-33.dmp
C:\WINDOWS\Minidump\Mini050411-34.dmp
C:\WINDOWS\Minidump\Mini050411-35.dmp
C:\WINDOWS\Minidump\Mini050411-36.dmp
C:\WINDOWS\Minidump\Mini050411-37.dmp
C:\WINDOWS\Minidump\Mini050411-38.dmp
C:\WINDOWS\Minidump\Mini050411-39.dmp
C:\WINDOWS\Minidump\Mini050411-40.dmp
C:\WINDOWS\Minidump\Mini050411-41.dmp
C:\WINDOWS\Minidump\Mini050511-01.dmp
C:\WINDOWS\Minidump\Mini050511-02.dmp
C:\WINDOWS\Minidump\Mini050511-03.dmp
C:\WINDOWS\Minidump\Mini050511-04.dmp
C:\WINDOWS\Minidump\Mini050511-05.dmp
C:\WINDOWS\Minidump\Mini050511-06.dmp
C:\WINDOWS\Minidump\Mini050511-07.dmp
C:\WINDOWS\Minidump\Mini050511-08.dmp
C:\WINDOWS\Minidump\Mini050511-09.dmp
C:\WINDOWS\Minidump\Mini050511-10.dmp
C:\WINDOWS\Minidump\Mini050511-11.dmp
C:\WINDOWS\Minidump\Mini050511-12.dmp
C:\WINDOWS\Minidump\Mini050511-13.dmp
C:\WINDOWS\Minidump\Mini050511-14.dmp
C:\WINDOWS\Minidump\Mini050511-15.dmp
C:\WINDOWS\Minidump\Mini050511-16.dmp
C:\WINDOWS\Minidump\Mini050511-17.dmp
C:\WINDOWS\Minidump\Mini050511-18.dmp
C:\WINDOWS\Minidump\Mini050511-19.dmp
C:\WINDOWS\Minidump\Mini050511-20.dmp
C:\WINDOWS\Minidump\Mini050511-21.dmp
C:\WINDOWS\Minidump\Mini050511-22.dmp
C:\WINDOWS\Minidump\Mini050511-23.dmp
C:\WINDOWS\Minidump\Mini050511-24.dmp
C:\WINDOWS\Minidump\Mini050511-25.dmp
C:\WINDOWS\Minidump\Mini050511-26.dmp
C:\WINDOWS\Minidump\Mini050511-27.dmp
C:\WINDOWS\Minidump\Mini050511-28.dmp
C:\WINDOWS\Minidump\Mini050511-29.dmp
C:\WINDOWS\Minidump\Mini050511-30.dmp
C:\WINDOWS\Minidump\Mini050511-31.dmp
C:\WINDOWS\Minidump\Mini050511-32.dmp
C:\WINDOWS\Minidump\Mini050511-33.dmp
C:\WINDOWS\Minidump\Mini050511-34.dmp
C:\WINDOWS\Minidump\Mini050511-35.dmp
C:\WINDOWS\Minidump\Mini050511-36.dmp
C:\WINDOWS\Minidump\Mini050511-37.dmp
C:\WINDOWS\Minidump\Mini050511-38.dmp
C:\WINDOWS\Minidump\Mini050511-39.dmp
C:\WINDOWS\Minidump\Mini050511-40.dmp
C:\WINDOWS\Minidump\Mini050511-41.dmp
C:\WINDOWS\Minidump\Mini050511-42.dmp
C:\WINDOWS\Minidump\Mini050511-43.dmp
C:\WINDOWS\Minidump\Mini050511-44.dmp
C:\WINDOWS\Minidump\Mini050511-45.dmp
C:\WINDOWS\Minidump\Mini050511-46.dmp
C:\WINDOWS\Minidump\Mini050511-47.dmp
C:\WINDOWS\Minidump\Mini050511-48.dmp
C:\WINDOWS\Minidump\Mini050511-49.dmp
C:\WINDOWS\Minidump\Mini050511-50.dmp
C:\WINDOWS\Minidump\Mini051811-01.dmp
C:\WINDOWS\Minidump\Mini051911-01.dmp
C:\WINDOWS\Minidump\Mini052011-01.dmp
C:\WINDOWS\Minidump\Mini052711-01.dmp
C:\WINDOWS\Minidump\Mini053111-01.dmp
C:\WINDOWS\Minidump\Mini060111-01.dmp
C:\WINDOWS\Minidump\Mini060311-01.dmp
C:\WINDOWS\Minidump\Mini060411-01.dmp
C:\WINDOWS\Minidump\Mini060511-01.dmp
C:\WINDOWS\Minidump\Mini060711-01.dmp
C:\WINDOWS\Minidump\Mini061111-01.dmp
C:\WINDOWS\Minidump\Mini062411-01.dmp
C:\WINDOWS\Minidump\Mini062511-01.dmp
C:\WINDOWS\Minidump\Mini062611-01.dmp
C:\WINDOWS\Minidump\Mini063011-01.dmp
C:\WINDOWS\Minidump\Mini070111-01.dmp
C:\WINDOWS\Minidump\Mini070211-01.dmp
C:\WINDOWS\Minidump\Mini070811-01.dmp
C:\WINDOWS\Minidump\Mini070911-01.dmp
C:\WINDOWS\Minidump\Mini071311-01.dmp
C:\WINDOWS\Minidump\Mini071811-01.dmp
C:\WINDOWS\Minidump\Mini071911-01.dmp
C:\WINDOWS\Minidump\Mini080911-01.dmp
C:\WINDOWS\Minidump\Mini081411-01.dmp
C:\WINDOWS\Minidump\Mini081711-01.dmp
C:\WINDOWS\Minidump\Mini081811-01.dmp
C:\WINDOWS\Minidump\Mini081911-01.dmp
C:\WINDOWS\Minidump\Mini082211-01.dmp
C:\WINDOWS\Minidump\Mini082511-01.dmp
C:\WINDOWS\Minidump\Mini082911-01.dmp
C:\WINDOWS\Minidump\Mini090211-01.dmp
C:\WINDOWS\Minidump\Mini090511-01.dmp
C:\WINDOWS\Minidump\Mini090611-01.dmp
C:\WINDOWS\Minidump\Mini090911-01.dmp
C:\WINDOWS\Minidump\Mini091211-01.dmp
C:\WINDOWS\Minidump\Mini091711-01.dmp
C:\WINDOWS\Minidump\Mini091811-01.dmp
C:\WINDOWS\Minidump\Mini091911-01.dmp
C:\WINDOWS\Minidump\Mini092111-01.dmp
C:\WINDOWS\Minidump\Mini092511-01.dmp
C:\WINDOWS\Minidump\Mini092811-01.dmp
C:\WINDOWS\Minidump\Mini100611-01.dmp
C:\WINDOWS\Minidump\Mini100811-01.dmp
C:\WINDOWS\Minidump\Mini101011-01.dmp
C:\WINDOWS\Minidump\Mini101911-01.dmp
C:\WINDOWS\Minidump\Mini102111-01.dmp
C:\WINDOWS\Minidump\Mini102611-01.dmp
C:\WINDOWS\Minidump\Mini110411-01.dmp
C:\WINDOWS\Minidump\Mini110611-01.dmp
C:\WINDOWS\Minidump\Mini111211-01.dmp
C:\WINDOWS\Minidump\Mini111511-01.dmp
C:\WINDOWS\Minidump\Mini120211-01.dmp
C:\WINDOWS\Minidump\Mini121411-01.dmp
C:\WINDOWS\Minidump\Mini122411-01.dmp
C:\WINDOWS\Minidump\Mini123111-01.dmp

**** End of log ****

Edited by Blockinlick, 24 January 2012 - 11:34 AM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,221 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:34 AM

Posted 24 January 2012 - 09:21 PM

I think with al the Dll errors and mini dump files we would be safer moving you and getting a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
Include the GMER log you posted earlier.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users