Looks like MBAM got the majority - so lets now kill the rest.. On completion of this can you let me know what problems remain
Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
[Unregister Dlls]
[Registry - All]
< 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > ->
YN -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > ->
YN -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data]
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1302273170-3416456603-1724964319-1000\] > ->
YN -> HKEY_USERS\S-1-5-21-1302273170-3416456603-1724964319-1000\: Main\\"Start Page Redirect Cache_TIMESTAMP" -> EC 51 3A C7 B4 84 CB 01 [binary data]
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
YY -> HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614} -> C:\PROGRAM FILES (X86)\PREMIEROPINION
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> {0974BA1E-64EC-11DE-B2A5-E43756D89593} [HKLM] -> [MediaBar]
YN -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> {3fdba1ba-ae28-4045-9048-4ed2f3865629} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> {574be437-25ae-4010-a53e-8c63b6ae02ff} [HKLM] -> [ooVoo Toolbar]
YN -> {9D425283-D487-4337-BAB6-AB8354A81457} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} [HKLM] -> [MediaBar]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
YN -> "{0974BA1E-64EC-11DE-B2A5-E43756D89593}" [HKLM] -> [MediaBar]
YN -> "{574be437-25ae-4010-a53e-8c63b6ae02ff}" [HKLM] -> [ooVoo Toolbar]
YN -> "{9D425283-D487-4337-BAB6-AB8354A81457}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> "{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}" [HKLM] -> [MediaBar]
< Internet Explorer ToolBars [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1302273170-3416456603-1724964319-1000\] > -> HKEY_USERS\S-1-5-21-1302273170-3416456603-1724964319-1000\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{30F9B915-B755-4826-820B-08FBA6BD249D}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{9565115D-C7D6-46D3-BD63-B67B481A4368}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{9D425283-D487-4337-BAB6-AB8354A81457}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{D7E97865-918F-41E4-9CD0-25AB1C574CE8}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> "2047489.exe" -> ["C:\Users\Alvarado\AppData\Local\Temp\2047489.exe"]
YN -> "2602920.exe" -> ["C:\Windows\Temp\2602920.exe"]
YN -> "4951507.exe" -> ["C:\Windows\Temp\4951507.exe"]
YN -> "8186268.exe" -> ["C:\Windows\Temp\8186268.exe"]
YN -> "9585248-loader2.exe" -> ["C:\Windows\Temp\9585248-loader2.exe"]
YN -> "tray_ico" -> []
YN -> "tray_ico1" -> []
YN -> "tray_ico2" -> []
YN -> "tray_ico3" -> []
YN -> "tray_ico4" -> []
< Run [HKEY_USERS\S-1-5-21-1302273170-3416456603-1724964319-1000\] > -> HKEY_USERS\S-1-5-21-1302273170-3416456603-1724964319-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> "ares" -> ["C:\Program Files (x86)\Ares\Ares.exe" -h]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
YN -> {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.]
[Files/Folders - Created Within 30 Days]
NY -> ufa -> C:\Windows\ufa
NY -> rpcminer -> C:\Windows\rpcminer
NY -> phoenix -> C:\Windows\phoenix
NY -> system64 -> C:\Windows\system64
NY -> update.5.0 -> C:\Windows\update.5.0
NY -> update.2 -> C:\Windows\update.2
NY -> av_ico -> C:\Windows\av_ico
NY -> update.1 -> C:\Windows\update.1
NY -> update.tray-7-0-lnk -> C:\Windows\update.tray-7-0-lnk
NY -> update.tray-7-0 -> C:\Windows\update.tray-7-0
[Files/Folders - Modified Within 30 Days]
NY -> phoenix.rar -> C:\Windows\phoenix.rar
NY -> rpcminer.rar -> C:\Windows\rpcminer.rar
NY -> unrar.exe -> C:\Windows\unrar.exe
NY -> info1 -> C:\Windows\info1
NY -> geoiplist.rar -> C:\Windows\geoiplist.rar
NY -> loader2.exe_ok -> C:\Windows\loader2.exe_ok
NY -> geoiplist -> C:\Windows\geoiplist
[Files - No Company Name]
NY -> phoenix.rar -> C:\Windows\phoenix.rar
NY -> rpcminer.rar -> C:\Windows\rpcminer.rar
NY -> ufa.rar -> C:\Windows\ufa.rar
NY -> geoiplist -> C:\Windows\geoiplist
NY -> geoiplist.rar -> C:\Windows\geoiplist.rar
NY -> unrar.exe -> C:\Windows\unrar.exe
NY -> info1 -> C:\Windows\info1
NY -> loader2.exe_ok -> C:\Windows\loader2.exe_ok
[Custom Scans]
NY -> explorer.exe : MD5=3C33B26F2F7FA61D882515F2D6078691 -> C:\Users\Alvarado\AppData\Local\Temp\RarSFX0\procs\explorer.exe
NY -> explorer.exe : MD5=3C33B26F2F7FA61D882515F2D6078691 -> C:\Users\Alvarado\AppData\Local\Temp\RarSFX1\procs\explorer.exe
NY -> explorer.exe : MD5=ABC6379205DE2618851C4FCBF72112EB -> C:\Users\Alvarado\AppData\Local\Temp\RarSFX0\h\explorer.exe
NY -> explorer.exe : MD5=ABC6379205DE2618851C4FCBF72112EB -> C:\Users\Alvarado\AppData\Local\Temp\RarSFX1\h\explorer.exe
NY -> userinit.exe : MD5=AC6094297CD882B8626466CDEB64F19F -> C:\Users\Alvarado\AppData\Local\Temp\RarSFX0\userinit.exe
NY -> userinit.exe : MD5=AC6094297CD882B8626466CDEB64F19F -> C:\Users\Alvarado\AppData\Local\Temp\RarSFX1\userinit.exe
NY -> winlogon.exe : MD5=AC6094297CD882B8626466CDEB64F19F -> C:\Users\Alvarado\AppData\Local\Temp\RarSFX0\winlogon.exe
NY -> winlogon.exe : MD5=AC6094297CD882B8626466CDEB64F19F -> C:\Users\Alvarado\AppData\Local\Temp\RarSFX1\winlogon.exe
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
[ZipFiles]
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here
I will review the information when it comes back in.
Depending on what the fix contains, this process may take some time and your desktop icons might disappear or other uncommon behavior may occur.
This is no sign of malfunction, do not panic!