Ok, I figured out how to copy it to this thread:
The Problems I am having is: My computer will not open Internet Options, it keeps locking up on me, I tried to System Restore but to no avail it will not restore. The calendar does not even fully load so I can pick a date. I do not have an original disc for this computer I bought it off of a friend he did not have one. So here is the results from GMER:
Re: Malware
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.17095
Run by Owner at 21:36:13 on 2013-08-05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.254.44 [GMT -4:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Moon Secure Antivirus\moontray.exe
C:\program files\hp\hp software update\hpwuschd2.exe
C:\program files\hp\hp photosmart 5510 series\bin\scantopcactivationapp.exe
C:\Program Files\Opera\opera.exe
C:\program files\hp\hp photosmart 5510 series\bin\HPNetworkCommunicator.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k eapsvcs
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://yahoo/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
uRun: [HP Photosmart 5510 series (NET)] "c:\program files\hp\hp photosmart 5510 series\bin\scantopcactivationapp.exe" -deviceID "cn1ca290qz05nr:nw" -scfn "hp photosmart 5510 series (net)" -AutoStart 1
uRun: [cdloader] "c:\documents and settings\owner\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [Moon Secure AntivirusFrontEnd GUI] <no file>
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1285190465750
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{7F3B4D4E-0D75-4087-8954-E11C6D937A50} : DHCPNameServer = 192.168.1.254
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2013-2-25 14776]
R3 SMC1211;SMC EZ Card 10/100 PCI (SMC1211 Series) NT 5.0 Driver;c:\windows\system32\drivers\SMC1211.sys [2001-7-11 23153]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys --> c:\windows\system32\drivers\avgidshx.sys [?]
S2 msav;Moon Secure Antivirus Core;c:\program files\moon secure antivirus\msavcore.exe [2008-3-28 982016]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys --> c:\windows\system32\drivers\avgidsshimx.sys [?]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
.
=============== Created Last 30 ================
.
2013-08-05 00:17:07 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes
2013-08-05 00:16:44 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2013-07-29 17:42:08 -------- d-----w- c:\windows\system32\MRT
2013-07-28 23:20:06 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2013-07-28 23:20:06 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2013-07-23 21:03:25 -------- d-----w- c:\program files\Optimizer Pro
2013-07-23 21:01:38 -------- d-----w- c:\documents and settings\owner\local settings\application data\DefineExt
2013-07-15 16:28:52 -------- d-----w- c:\windows\system32\wbem\repository\FS
2013-07-15 16:28:52 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2013-06-07 21:56:06 43520 ------w- c:\windows\system32\licmgr10.dll
2013-06-04 07:23:02 562688 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-05-22 04:01:54 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-22 04:01:53 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 04:28:02 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-05-08 06:10:12 770384 -c--a-w- c:\windows\system32\msvcr100.dll
2013-05-08 06:10:12 421200 -c--a-w- c:\windows\system32\msvcp100.dll
.
============= FINISH: 21:37:26.71 ===============
The Problems I am having is: My computer will not open Internet Options, it keeps locking up on me, I tried to System Restore but to no avail it will not restore. The calendar does not even fully load so I can pick a date. I do not have an original disc for this computer I bought it off of a friend he did not have one. So here is the results from GMER:
Re: Malware
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.17095
Run by Owner at 21:36:13 on 2013-08-05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.254.44 [GMT -4:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Moon Secure Antivirus\moontray.exe
C:\program files\hp\hp software update\hpwuschd2.exe
C:\program files\hp\hp photosmart 5510 series\bin\scantopcactivationapp.exe
C:\Program Files\Opera\opera.exe
C:\program files\hp\hp photosmart 5510 series\bin\HPNetworkCommunicator.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k eapsvcs
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://yahoo/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
uRun: [HP Photosmart 5510 series (NET)] "c:\program files\hp\hp photosmart 5510 series\bin\scantopcactivationapp.exe" -deviceID "cn1ca290qz05nr:nw" -scfn "hp photosmart 5510 series (net)" -AutoStart 1
uRun: [cdloader] "c:\documents and settings\owner\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [Moon Secure AntivirusFrontEnd GUI] <no file>
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1285190465750
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{7F3B4D4E-0D75-4087-8954-E11C6D937A50} : DHCPNameServer = 192.168.1.254
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2013-2-25 14776]
R3 SMC1211;SMC EZ Card 10/100 PCI (SMC1211 Series) NT 5.0 Driver;c:\windows\system32\drivers\SMC1211.sys [2001-7-11 23153]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys --> c:\windows\system32\drivers\avgidshx.sys [?]
S2 msav;Moon Secure Antivirus Core;c:\program files\moon secure antivirus\msavcore.exe [2008-3-28 982016]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys --> c:\windows\system32\drivers\avgidsshimx.sys [?]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
.
=============== Created Last 30 ================
.
2013-08-05 00:17:07 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes
2013-08-05 00:16:44 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2013-07-29 17:42:08 -------- d-----w- c:\windows\system32\MRT
2013-07-28 23:20:06 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2013-07-28 23:20:06 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2013-07-23 21:03:25 -------- d-----w- c:\program files\Optimizer Pro
2013-07-23 21:01:38 -------- d-----w- c:\documents and settings\owner\local settings\application data\DefineExt
2013-07-15 16:28:52 -------- d-----w- c:\windows\system32\wbem\repository\FS
2013-07-15 16:28:52 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2013-06-07 21:56:06 43520 ------w- c:\windows\system32\licmgr10.dll
2013-06-04 07:23:02 562688 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-05-22 04:01:54 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-22 04:01:53 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 04:28:02 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-05-08 06:10:12 770384 -c--a-w- c:\windows\system32\msvcr100.dll
2013-05-08 06:10:12 421200 -c--a-w- c:\windows\system32\msvcp100.dll
.
============= FINISH: 21:37:26.71 ===============